Reverse Deception: Organized Cyber Threat Counter-Exploitation (112 page)

Send frequent UGC (speeches, video, PDF reports, and so on) out to all followers using the social media system.

Once a persona and pattern of trust has been established, send an APT hidden in UGC content in an attempt to infect the computers of the “friends” of the migrant worker.

Using the infected systems, gain access to the social network profile (and the FilTranz account) of the vast majority of individuals who follow the fake social profile.

Use these compromised systems and accounts to build out the social network and financial connections for each profile. Observe how much money is moved, when it is moved, and to whom it is moved.

Using this social/financial map, use the access to compromised systems to slip APT code into the normal and otherwise completely legitimate UGC.

After building the accounts of the common sender (the worker) and the common recipients (for example, the worker’s family), it’s time to strike. Rapidly shift millions of dollars from all accessible accounts in order to maximize the conversion to other currency and goods.

The second- and third-order of effects of such an attack—an exploit of a massive, specialized market (such as foreign remittance)—would have a significant impact. The monetary loss would destabilize social and fiscal trust, and create acute, near-term crisis for the recipients of the remittance. In the specific case of the Philippines, remittances count for over 11 percent of the country’s GDP (“Economy of the Philippines,” Wikipedia) (
http://en.wikipedia.org/wiki/Economy_of_the_Philippines
).

As we mentioned earlier, actually determining the broader impact of a sophisticated APT in a tightly integrated and overlapping set of worldwide social, financial, and digital systems is more important for reasons of simply raising the level of caution and attention. It is also required to correctly design, resource, and execute our mitigation and monitoring strategies.

Conclusion

In examining value systems, there is an inherent vulnerability that is most often overlooked. Much emphasis should be focused on value stream mapping—in other words, identifying all the moving parts of a value system and showing the interrelationships of activities and resources that provide an output.

Without mapping the value stream, there is no true understanding of those subprocesses, abstracts, and applications that are critical to the success of optimized output (or recognition of the factors required for effective and efficient throughput). As technology, economics, and social structures become further intertwined, the risk of APTs to nontraditional value systems not only becomes greater, but also harder to predict, detect, and defend against.

We have touched on this a bit throughout the chapter and this book, but the need for full-spectrum or Lean Six Sigma-type analyses to Internet-enabled value systems is an imperative. Where appropriate, theories and applications derived from the study of complex adaptive systems must be applied to recognizing nonobvious causal relationships among the many actors, exchanges, and units of value enabled by technology.

Considering multifarious networks, their growth and abstract interrelationships continue at an exponential rate, outdistancing policy, regulations, and laws. To comprehensively posture oneself and move forward with confidence, an effort must be appropriately invested and expended to understand Internet value networks and the ever-evolving environment in which they exist. Only then can one truly gain predictive knowledge.

The devastation a single APT has unleashed historically or can unleash on an industry, niche market, economy, or other value system has far-reaching effects—most unrecognized (or unacknowledged) by organizational and business leaders worldwide. Because business leaders in many countries are not compelled to release information related to exploitation and theft of intellectual property, there is a false sense of security held onto by many unwitting customers. By keeping a close hold on incident cases, this facade is maintained to elevate a trust relationship with consumers, but it could backfire when the truth eventually is uncovered.

The bottom line at the end of the day is profit. As in all business transactions, very few will willingly offer up the true situation if the bottom line will be damaged. We come down to the million-dollar question: Will business leaders as a whole finally take this seriously, or will they continue to be more concerned about the effects of acknowledging their losses?

CHAPTER

12

When and When Not to Act