Black Hat: Feds Look To Arrest ID Theft With New Industry Alliance

When it comes to keynote speakers, a self-described recovering technophobe who works for the FBI might not be the first person you think of to kick off a show like Black Hat.

Still, Dan Larkin, unit chief for the FBI's Internet Crime Complaint Center, on Wednesday stood before a packed Caesar's Palace auditorium to highlight his agency's efforts to get smart about cybercrime by enlisting the help of the industry and the security research community.

"I used to be afraid of you all," Larkin joked. No longer. Since 9/11, Larkin has been at the center of several efforts to enlist the help of security pros to help federal law enforcement crack down on a number of different cybercrimes. The latest effort will be Operation Identity Shield. Although Larkin didn't provide many details, look for the FBI to publicize its new identity theft crime-fighting unit in the coming months.

Today's threats are more sophisticated, spread out internationally, and rely on social engineering more than ever before, Larkin said. Tomorrow's threats will be even worse as attackers continue to exploit vulnerable Web applications and servers, target mobile devices with malware-laden SMS text messages, and deface popular Web sites such as MySpace.

Another attack technique gaining traction is the "IP Relay end around," which Larkin describes as a way for thieves with stolen credit card numbers to fraudulently order merchandise from merchants via Internet Protocol Relay, a service set up to let people who have difficulty hearing or speaking communicate through an Internet connection. "It's been an unsecured door thus far," he added.