When spammers find a new way to prey on computer users, UAB graduate student Sarah Turner is one of the first to know.
Every weekday morning, Turner and fellow grad student Olivia Foust compile a list of the trending topics in cybercrime. Their daily report, known as Emerging Threats by Email, analyzes the top attacks detected in the UAB Spam Data Mine. It is sent out to targeted companies, many of them well-known brands such as UPS, Bank of America, and PayPal, as well as to the FBI and other law enforcement and computer security groups. The project is funded by a grant from the UPS Foundation that includes complete scholarship support for Turner and Foust. (Learn more about the gift here.)
Where in the World?
Sarah Turner, student, UAB Master of Science in Computer Forensics and Security Management program, co-lead for the Emerging Threats by Email project.
You focus on e-mail sent between midnight and 9:00 a.m. (Eastern). Why that timeframe?
That’s when bad guys love to send viruses. Everyone in California is asleep, and people in the Central and Eastern time zones haven’t gotten to their desks yet. Most of what we see is designed to slip past antivirus software. We run the top campaigns past a suite of 43 different antivirus products and usually only two to four recognize it. Then we figure out what the particular malware is doing, who it’s contacting, and pass that information along to the targeted companies, law enforcement, and others.
How long does it take you to analyze a new attack?
It depends on the type of malware. We let the virus infect our virtual machine and then track whom it talks to. It’s generally between one and three hours.
Are the criminals aware of what you’re doing?
Probably, but they don’t seem to care. The attitude is, ‘You’re never going to catch me.’ We have seen some types of malware that will check to see if it’s in a virtual machine—the software we use—before it runs. If it sees it’s not in a real computer, then it just shuts itself down. We have ways of getting around that, but it takes more time.
How do you intend to use your degree?
I still haven’t decided. I’m interested in malware, and I like data analysis. I would like to help fight crimes against women and children—to make a difference with what I know.