Photos: Inside the RSA cybercrime war room

Photos: Inside the RSA cybercrime war room

Summary: Behind the doors at RSA's anti-fraud centre

SHARE:
TOPICS: Security
0

 |  Image 5 of 5

  • Thumbnail 1
  • Thumbnail 2
  • Thumbnail 3
  • Thumbnail 4
  • Thumbnail 5
  • RSA and its ISP and internet gateway partners look for evidence of Trojan attacks on malicious websites, fraudster chat rooms and by scanning emails.

    When RSA finds evidence that a Trojan is being used to steal details from one of its clients' customers, for example a customer of an online bank, it forwards a copy of that Trojan to the AFCC. Here software will attempt to match the software to a list of previously identified Trojans.

    Once detected, the Trojan is sent to the AFCC where RSA software attempts to match crimeware to previously identified Trojans.

    After it has been matched, the Trojan is sent to an RSA engineer who will reverse engineer it.

    The engineer will find out the IP address of the machines being used to host the infected websites or send out infected emails, as well as the address of the machines where stolen information is being sent to and the address of those machines being used to give additional commands or updates to the Trojan.

    RSA staff will then contact the relevant ISP or domain registrar to block access to all of these locations, preventing new machines being infected and fresh details from being stolen.

    Photo credit: Nick Heath/silicon.com

  • Each person in the main AFCC control room has two virtual computers, which they access through thin client devices seen here.

    One thin client device is described as the "dirty computer", and is used to visit phishing websites or those infected with Trojans.

    The second virtual machine is used to access email, word processors and other corporate applications.

    Once a member of staff completes their shift the virtual "dirty" machine will be wiped and a new virtual machine is created to carry out inspections of other compromised sites.

    Photo credit: Nick Heath/silicon.com

Topic: Security

About

Nick Heath is chief reporter for TechRepublic UK. He writes about the technology that IT-decision makers need to know about, and the latest happenings in the European tech scene.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

Talkback

0 comments
Log in or register to start the discussion