/ Research in everyday life / Cyber wars: science strikes back
Research capsule

Cyber wars: science strikes back

Since 2007, Zeus has poisoned the lives of millions of internet users. This malicious computer program surreptitiously installs itself on computers in order to steal personal banking information. Zeus and its variants have managed to compromise the servers of such major companies as NASA, Amazon and Facebook. According to Mourad Debbabi, professor and Concordia University Research Chair in Information Systems Security, the internet is a real battlefield. Thousands of cyber attacks occur every day, but researchers are on the defense against cyber criminals: they are monitoring malicious cyber activity to better protect internet users, prevent fraud and launch a counterattack!

Thousands of cyber attacks occur every day, but researchers are on the defense against cyber criminals.

Mourad Debbabi and his team are paying particular attention to “botnets” (a combination of robot and network), networks of infected machines known as “zombies” that execute the commands of cyber criminals. Malware such as Zeus is installed when a user clicks on an e-mail attachment or link containing malicious code. The contaminated computer then sends messages to the user’s contacts to recruit further victims, who become part of the botnet. The group of infected machines communicate with one or more command-and-control servers that can collect vast quantities of information and direct large-scale attacks.

To thwart botnets and other cyber threats, Professor Debbabi and his collaborators from Canadian academia, government and industry have developed a cyber-information platform. This network of insecure computers “attracts” cyber attacks, giving the researchers access to a variety of data (spam, viruses, etc.) in near-real time and providing valuable intelligence needed to stop cyber criminals. This cyber information is used to protect the IT systems and private information of companies and organisations: with quarantining of infected computers, reinforced firewalls and powerful detection programs, the idea is to beat them at their own game!