Starting a life of Internet crime is easy; in fact you’ve probably already doing it as far as the RIAA is concerned. Now that you’ve chosen to embark upon a new career, how are you going to get dirty, filthy, stinking rich? How do you become a millionaire?
The tool of choice has got to be botnets. Building them is just the start. How do you monetize the tens or hundreds of thousands of machines under your control? Should you harvest confidential and personal information from the victims, or would it be more prudent to become a specialist service provider to other botnet operators? Which models work best, and how can you become a six-million-dollar man within a year?
Gunter Ollmann has a long-held passion for threat research and currently serves as Vice President of Research at Damballa, where he is focused on inventing new crimeware mitigation technologies and the identification of criminal operators behind botnets and other advanced persistent threats. Prior to joining Damballa, he held the role of Chief Security Strategist at IBM, was responsible for predicting the evolution of future threats and helping guide IBM's overall security research and protection strategy, and was the key IBM spokesperson on evolving threats and mitigation techniques. Ollmann also served as the Director of X-Force at Internet Security Systems where he was responsible for the company's R&D advancements and the development of security technologies in the field of vulnerability scanning, intrusion prevention, web application protection, and malware detection. Over the years, Ollmann has been responsible for leading the development of new security consulting and penetration testing methodologies. Leading specialist consulting teams throughout Europe, the Middle East, and Africa, he headed ISS' X-Force consulting services in EMEA and served as Director of Professional Services at NGS Software, a vulnerability research and attack-based consulting firm. Ollmann has been a contributor to multiple leading international IT and security-focused magazines and journals, and has authored and delivered a number of highly technical courses on Web application security and penetration testing. He is a well-known industry speaker worldwide and is frequently invited to present at international security conferences. Ollmann is also highly regarded in the press as an expert source on security threats and is a frequently quoted by the international media.