[liberationtech] Resume sharing, mitigation of risks

Frank Corrigan email at franciscorrigan.com
Fri Nov 12 13:34:12 PST 2010 

I am doing a bit of unpaid work on the risks associated with sharing
Resumes online. (known as CVs / Curriculum Vitae in the UK) Such as data
breaches, how to anonymize a Resume, how to prevent phishing attacks and
ID theft via the data gleaned from CVs.

I have done some internet focused research and wanted to ask if anyone
knows of any recommended resources on this topic, due to global
austerity Resume/CV seeking websites are popping up faster than ever and
it could be timely to develop or sign post to handy resources.

Does anyone consider it of any use to have a confidentially/data
protection clause on Resumes?

Thanks in advance.

Frank


----- Original message -----
From: "Masashi Nishihata" <masashi at kmdi.utoronto.ca>
To: liberationtech at mailman.stanford.edu
Date: Fri, 12 Nov 2010 16:17:54 -0500
Subject: [liberationtech] For Immediate Release: IWM Releases Report on
Koobface.

For Immediate Public Release

November 12, 2010

The Information Warfare Monitor http://www.infowar-monitor.net  
(Citizen Lab, Munk School of Global Affairs, University of Toronto and  
the SecDev Group, Ottawa) announce the release of Koobface: Inside a  
Crimeware Network by Nart Villeneuve, with a foreword by Ron Deibert  
and Rafal Rohozinski.

This report documents the inner workings of Koobface—a botnet that  
spreads by compromising the computers of social networking platforms  
and users and placing them under the control of the botnet operators  
for the purpose of monetization.

The full report can be accessed here
(http://www.infowar-monitor.net/koobface 
)

Globe and Mail coverage on the report can be accessed here.
(http://www.theglobeandmail.com/news/national/time-to-lead/internet/ 
)

For press inquiries, please e-mail: info at infowar-monitor.net

Overview

Between April and November 2010, the Information Warfare Monitor  
conducted an investigation into the operations and monetization  
strategies of the Koobface botnet. The researchers discovered archived  
copies of Koobface’s infrastructure on a well-known Koobface command  
and control server. The data revealed a wealth of information about  
the inner workings of the botnet, including information on the  
malware, code, and database used to maintain the botnet as well as its  
monetization strategies. With this data, the Information Warfare  
Monitor was able to gain an in-depth understanding of how Koobface  
worked.

Koobface: Inside a Crimeware Network details Koobface’s propagation  
strategies, counter-security measures, and business model. The report  
contributes to the cybercrime literature by shedding light on the  
malware ecosystem that enables and sustains cybercriminal activity,  
and by demonstrating that it is possible to leverage the mistakes made  
by cybercriminals in order to better understand the scope of their  
operations.

Main Findings:

Koobface relies on a network of compromised servers that are used to  
relay connections from compromised computers to the Koobface command  
and control server. This creates a complex and tiered command and  
control infrastructure.

Koobface maintains a system that uses social networking platforms,  
such as Facebook, to send malicious links. Social networking platforms  
allow Koobface to exploit the trust that humans have in one another in  
order to trick users into installing malware and engaging in click  
fraud.

Koobface exists within a crime-friendly malware ecosystem that  
consists of buyers and sellers of the tools and infrastructure  
required to maintain a botnet. Koobface operators rely on  
relationships with other botnet operators and cybercriminals to  
sustain their operations.

The operators of Koobface have been able to successfully monetize  
their operations. Through the use of pay-per-click and pay-per-install  
affiliate programs and forcing compromised computers to install  
malicious software and engage in click fraud, the Koobface operators  
earned over US$2 million between June 2009 and June 2010.

The operators of Koobface are employing technical countermeasures to  
ensure that the operations of the botnet remain undisrupted. The  
operators regularly monitor their malicious links to ensure that they  
have not been flagged as malicious.

Botnet operators benefit from the fact that their criminal acts spread  
across multiple jurisdictions. Issues of overlapping jurisdictions and  
international politics often complicate investigations and hinder law  
enforcement and takedown efforts. Furthermore, cross-border  
investigations are at times hampered by a lack of priority and  
willingness to respond. This is because criminal activity in any one  
jurisdiction appears minimal, while in fact the sum of Koobface’s  
criminal activities is significant.

About the Information Warfare Monitor

The Information Warfare Monitor is a public-private venture between  
two Canadian institutions: the Citizen Lab at the Munk School of  
Global Affairs, University of Toronto and the SecDev Group, an  
operational think tank based in a Ottawa (Canada). The Information  
Warfare Monitor is an advanced research activity tracking the  
emergence of cyberspace as a strategic domain. We are an independent  
research effort. Our mission is to build and broaden the evidence base  
available to scholars, policy makers, and others. We aim to educate  
and inform. The research of the Citizen Lab and the Information  
Warfare Monitor is supported by the Canada Centre for Global Security  
Studies (University of Toronto), a generous grant from the John D. and  
Catherine T. MacArthur Foundation, in-kind and staff contributions  
from the SecDev Group, and a generous donation of software from  
Palantir Technologies Inc.
_______________________________________________
liberationtech mailing list
liberationtech at lists.stanford.edu

Should you need to change your subscription options, please go to:

https://mailman.stanford.edu/mailman/listinfo/liberationtech

If you would like to receive a daily digest, click "yes" (once you click
above) next to "would you like to receive list mail batched in a daily
digest?"

You will need the user name and password you receive from the list
moderator in monthly reminders.

Should you need immediate assistance, please contact the list moderator.

More information about the liberationtech mailing list