Full Text of How Cybercriminals Steal Money by Neil Daswani at Google Tech Talks. This presentation event took place on June, 16 2008.
Listen to the MP3 Audio here: MP3 – How Cybercriminals Steal Money
Neil Daswani – Co-director, Stanford Advanced Security Certification Program
My name is Neil Daswani. I’m a security engineer here at Google. And today I’m going to be talking about how cyber criminal steal money. I’m going to be talking specifically about how cyber criminals use various types of web application vulnerabilities to steal money. And I’m going to start with simple examples and then I’ll go to more complicated examples.
In the course of my talk, I’m may refer to many resources, presentations, reports, books, certification, courses, et cetera. Links to those are all going to be available at my site at neildaswani.com. And at the end of the talk, I’ll be also be giving out couple free copies of security book that I published but you’ll have to answer some trivia questions to get those at the end of the talk.
Before I go ahead and get started, the one additional thing that I wanted to mention is that, given that this is a security talk, if you have any Google specific questions, I’m going to ask you to hold them until the end of the talk, until we stop taping and then you can ask those. But if you have general questions about the presentation or some of the techniques, then I’d be happy to take those either at the middle of –in the middle of the talk or at the end of the talk before or before we stop video taping.
So, let me go ahead and get started. One of the major shifts that occurred over the past three or four years is that the profile of the attackers has changed. So, up until about three or four years ago, when people used to write worms and viruses, they would typically want to — just make names for themselves. They would release their worms out there, it would cause lots of traffics and servers would come down, some pact would get deployed and the game would be over.