Finjan Identifies the Latest Cybercrime Business Model - CaaS


SAN JOSE, California, April 7 /PRNewswire/ --

- In its Q1 2008 Web Security Trends Report, Finjan Signals 
Crimeware-as-a-Service as the Latest Development in the Ongoing 
Commercialization of Cybercrime

Finjan Inc., a leader in secure web gateway products, today announced
important findings by its Malicious Code Research Center (MCRC) identifying
and analyzing the latest trends in the ongoing commercialization of
cybercrime.

Criminals have started to use online cybercrime services instead of
having to deal themselves with the technical challenges of running their own
Crimeware server, installing Crimeware toolkits or compromising legitimate
websites.

"Currently, we see the rise of the Crimeware-as-a-Service (CaaS) business
model in the Crimeware-toolkit market. Cybercriminals and criminal
organizations are getting better and better at protecting themselves from law
enforcement by using the Crimeware services, especially since the operator
does not necessarily conduct the criminal activities related to the data that
is being compromised but only provides the infrastructure for it," said Yuval
Ben-Itzhak, CTO of Finjan.

As with mainstream software providers, the creators and owners of these
Crimeware toolkits provide their customer base with update mechanisms while
tooling them with sophisticated, anti-forensic attack techniques, as well as
the ability to manage and monitor malicious code affiliation networks. It
enables a new level of Crimeware availability by supplying anyone willing to
purchase an easy-to-use Crimeware toolkit.

During 2007, Finjan's MCRC covered the trend of new Crimeware that purely
focuses on financial gain, as well as the way it works to get revenue out of
each infection. In this report, MCRC shows how the delivery and distribution
of malware have been upgraded to deliver a different type of malware to
different geographical regions.

"Cybercriminals can now generate more targeted infections and deliver
specialized Crimeware for specific geographical regions," Ben-Itzhak said.
"Our report illustrates how these criminals are employing marketing and sales
techniques to address the cybercrime economy and ensure that the market they
are after gets the proper "product" localized for it."

Finjan foresees the next phase in the commercialization process as
creating a service for getting straight to stolen data by providing the
victim data tailored to the criminal intent. Having such a service eliminates
the need for attackers to even have to log-in to manage an attacker profile
on a Crimeware-toolkit platform.

Concludes Ben-Itzhak: "The trends described in this report confirm that
the security industry and law enforcement agencies should take an innovative
approach in handling these Crimeware commercialization threats.
Cybercriminals continue to adapt legitimate technologies and business models
to support their criminal activities."

About MCRC

Malicious Code Research Center (MCRC) is the leading research department 
at Finjan, dedicated to the research and detection of security 
vulnerabilities in Internet applications, as well as other popular 
programs. MCRC's goal is to stay steps ahead of hackers attempting to 
exploit open platforms and technologies to develop malicious code such as 
Spyware, Trojans, Phishing attacks, worms and viruses. MCRC shares its 
research efforts with many of the world's leading software vendors to 
help patch their security holes. MCRC is a driving force behind the 
development of next generation security technologies used in Finjan's 
proactive web security solutions. For more information, visit our 
MCRC subsite.

About Finjan

Finjan is a global provider of web security solutions for the enterprise
market. Our real-time, appliance-based web security solutions deliver the
most effective shield against web-borne threats, freeing enterprises to
harness the web for maximum commercial results. Finjan's real-time web
security solutions utilize patented behavior-based technology to repel all
types of threats arriving via the web, such as spyware, phishing, Trojans and
obfuscated malicious code, securing businesses against unknown and emerging
threats, as well as known malware. Finjan's security solutions have received
industry awards and recognition from leading analyst houses and publications,
including IDC, Butler Group, SC Magazine, CRN, ITPro, PCPro, ITWeek, Network
Computing, and Information Security. With Finjan's award-winning and widely
used solutions, businesses can focus on implementing web strategies to
realize their full organizational and commercial potential. For more
information about Finjan, please visit: www.finjan.com.

(c) Copyright 1996-2008. Finjan Software Inc. and its affiliates and
subsidiaries. All rights reserved. All text and figures included in this
publication are the exclusive property of Finjan and are for your personal
and non-commercial use. You may not modify, copy, distribute, transmit,
display, perform, reproduce, publish, license, create derivative works from,
transfer, use or sell any part of its content in any way without the express
permission in writing from Finjan. Information in this document is subject to
change without notice and does not present a commitment or representation on
the part of Finjan. The Finjan technology and/or products and/or software
described and/or referenced to in this material are protected by registered
and/or pending patents including U.S. Patents No. 6092194, 6154844, 6167520,
6480962, 6209103, 6298446, 6353892, 6804780, 6922693, 6944822, 6993662,
6965968, 7058822, 7076469, 7155743, 7155744, 7185358 and may be protected by
other U.S. Patents, foreign patents, or pending applications. Finjan, Finjan
logo, Vital Security, Vulnerability Anti.dote and Window-of-Vulnerability are
trademarks or registered trademarks of Finjan Inc., and/or its affiliates and
subsidiaries. All other trademarks are the trademarks of their respective
owners.

Media Contacts:
    
    United States                                  UK
    Jan Wiedrick-Kozlowski                         Neil Stinchcombe
    Activa PR                                      Eskenzi PR Ltd.
    Tel. +1-585-392-7878                           Tel: +44(0)208-449-1007
    jan@activapr.com                               neil@eskenzipr.com

Latest news

	Latest untethered jailbreak released for iOS 5.1.1 (26 May 2012 18:15) The Chronic Dev Team has released the latest version of their untethered jailbreak for iOS devices running 5.1.1. Says the blog post: "After copious amounts of work and many sleepless nights, ....
	Siri blocked from use on IBM internal networks (26 May 2012 18:08) IBM has understandably blocked the voice-activated digital assistant from its work networks. As 'Big Blue' confirms, Siri has been blocked due to the fact that Siri sends everything you ever .... 1 user comment
	Cisco kills off development of 'Cius' tablet (26 May 2012 18:00) Cisco has decided to pull the plug on its failed Cius tablet. The Cius, which was released in 2010 and aimed at enterprise customers, had a focus on business video conferencing and specifically ....
	Galaxy S III to hit U.S. and Canada on June 20th? (26 May 2012 17:54) Although Samsung unveiled the flagship device earlier this month, there has yet to be a set timetable for its release outside of Europe. Today, the Verge is reporting that the device will ....
	5000 books return to Kindle Store after dispute ends (26 May 2012 17:50) Thanks to a contract negotiation dispute between Amazon and the Independent Publishers Group, the giant e-tailer pulled 5000 titles from the Kindle Store back in February. As of today, however, ....