Defence Intelligence (company)
Defence Intelligence, often referred to as Defintel, is an information security company based in Ottawa, Ontario, Canada.[2] The company characterizes itself as offering services for "advanced compromise protection." Their marketing materials describe their services as being for the detection and prevention of compromised systems on a network, and include their Nemesis Compromise Protection (Nemesis) and Harbinger Compromise Assessment (Harbinger) services.[3][4]
Type | Private company |
---|---|
Industry | Information security |
Founded | 2008 [1] |
Headquarters | , |
Number of employees | < 25 |
Website | www |
Defence Intelligence was the security company that discovered the Mariposa botnet[5] in 2008, which consisted of 8 to 12 million individual zombie computers at the time of its dismantling in 2009.[6]
History
Defence Intelligence was founded in 2008 by Christopher Davis,[7] a Canadian security consultant who had previously aided in identifying an 18-year-old hacker [8] in 2000 that stole 26,000 credit card numbers[9] from e-commerce sites. Chris Davis collaborated along with Dan Kaminsky to inform key agencies in the Canadian government about the DNS cache poisoning flaw.[10] Prior to founding Defence Intelligence, Davis was the director of threat analysis for the Atlanta-based security company Damballa (company).[11]
In 2008, Defence Intelligence discovered the Mariposa botnet, one of the largest known botnets to date.[12] In 2009, the Mariposa Working Group was formed.[13] The MWG, consisting of members from Defence Intelligence, Panda Security, Neustar, Directi, and Georgia Tech Information Security Center, worked with international law enforcement to dismantle the botnet and aid in the arrest of the suspected creator and controllers of the botnet.[14]
In 2011 Keith Murphy, founder and president of non-profit One Dollar Nation, became CEO of Defence Intelligence.[15][16] While no formal press release was made stating this change, numerous news articles began referring to Keith Murphy as CEO. In that same year the company released Nemesis 2.0,[17] the most current version of their main service and launched a new website with updated branding.
Mariposa
Mariposa, meaning "butterfly" in Spanish, was the name given to the botnet as a whole due to its usage of the malware program "Butterfly bot".[18] The botnet was composed of millions of infected or zombie computers controlled by the same operators. The number of computers infected by Mariposa was between 8 and 12 million spread over 190 countries.[19] Victims included more than half of the US Fortune 1000 companies as well as numerous governments and financial and educational institutions.[20] Mariposa was used for denial of service attacks, spamming, and personal information theft. It was capable of spreading via MSN, peer to peer networks, and USB keys.[21][22]
The Spanish national police Civil Guard (Spain) arrested three men in February 2010 for suspected involvement with the Mariposa botnet. In July 2010 the suspected creator of the "Butterfly bot" malware was arrested by Slovenian police.[23][24]
References
- "Defence Intelligence Announces New Anti-Malware Product, New Look". PRWeb.com. June 20, 2011. Retrieved January 13, 2012.
- "About The Company". Defence Intelligence. Archived from the original on December 17, 2011. Retrieved January 13, 2012.
- "Nemesis" (PDF). Defence Intelligence. Retrieved January 13, 2012.
- "Harbinger" (PDF). Defence Intelligence. Retrieved January 13, 2012.
- Corrons, Luis (March 3, 2010). "Mariposa Botnet". PandaLabs Blog. Retrieved January 13, 2012.
- "Mariposa botnet: - Dismantling". TonicBooks.com. November 9, 2011. Retrieved January 13, 2012.
- "Major Security Flaw Discovered: Internet Privacy Compromised at All Levels". Reuters.com. July 22, 2008. Archived from the original on September 12, 2012. Retrieved January 13, 2012.
- "Interview: Raphael Gray A.K.A. Curador". PBS.org. January 13, 2012.
- "Interview: Chris Davis". PBS.org. January 13, 2012.
- "Major Security Flaw Discovered: Internet Privacy Compromised at All Levels". Reuters.com. July 22, 2008. Archived from the original on September 12, 2012. Retrieved January 13, 2012.
- Jackson Higgins, Kelly (February 15, 2008). "Botnet Hunters Reveal New Spin on Old Tricks". PBS.org. Retrieved January 13, 2012.
- "Law Enforcement Agencies In Spain And USA Dismantled One Of The Largest Botnets In History". CyberInsecure.com. March 3, 2010. Retrieved January 13, 2012.
- "Mariposa botnet". PandaLabs.com. March 3, 2010. Retrieved January 13, 2012.
- Leyden, John (March 3, 2010). "How FBI, Police Busted Massive Botnet". theregister.co.uk. Retrieved January 13, 2012.
- "Are communists targeting Harper?". Canoe Network. June 7, 2011. Retrieved January 13, 2012.
- "W5: Investigating Canada's big cyber security problem". CTV W5. March 19, 2011. Retrieved January 13, 2012.
- Baumgardt, Verena (June 20, 2011). "Defence Intelligence Announces New Anti-Malware Product, New Look". PRweb.com. Retrieved January 13, 2012.
- "Mariposa Botnet Analysis" (PDF). Defence Intelligence. October 8, 2009. Retrieved January 13, 2012.
- "How FBI, police busted massive botnet". ZD Net. March 3, 2010. Retrieved January 13, 2012.
- Arthur, Charles (March 3, 2010). "Alleged controllers of 'Mariposa' botnet arrested in Spain". guardian.co.uk. Retrieved January 13, 2012.
- "Mariposa White Paper" (PDF). Defence Intelligence; Mariposa Whitepaper. Retrieved January 13, 2012.
- "Mariposa botnet: Spain makes three arrests". ZD Net. March 3, 2010. Retrieved January 13, 2012.
- "Alleged Mariposa Botnet Hacker Arrested in Slovenia". PC World. July 28, 2010. Retrieved January 13, 2012.
- "Three arrested in connection with Mariposa botnet". Computer World. July 28, 2010. Retrieved January 13, 2012.