New trends in cyber-crime call for new measures of dealing with it. The days when all there was to hacking was the sense of accomplishment of breaking into some database or taking down a big website are far over. It's all about financial gain now and the groups involved in cyber-crime are very well organized.
"The hacker-cracker community has been criminalized and very much focused on making money — and there is a lot of money to be made in a lot of different ways. There are sites where you can buy zero-day exploits for targeted attacks, and there are sites where you can rent botnets. This is a business, in terms of products and services, in terms of support and in terms of how it's organized," said IDC security analyst Chris Christiansen.
Information is the new-age currency, because of its versatility - it can be sold virtually anywhere in the world.
What makes cyber-crime groups even more similar to legitimate businesses is the cooperation between them. Contrary to a popular misconception (which may have been true a while back), these groups are far from being closed circles, to quote the Framingham, "People work in a loose association of partnerships that, by the way, is surprisingly well-maintained and fairly disciplined. It doesn’t operate in isolation the way many people think. They communicate with each other, they feed each other information, they trade information and they pay one another in a variety of forms."
Most of the hackers that this business relies on are young people, who can't say "no" to quick and decent pay. This is especially true in countries like, say, Russia, where it might be difficult to make such money otherwise.
Modern hackers, contrary to oldschool ones, seek secrecy, which is an easy thing to comprehend having in mind that the goal is financial gain. Being nefarious may extend that gain over a long period of time: weeks, years, perhaps even more. These young hackers are further attracted to the trade because of it being relatively risk-free, mostly due to legal issues. Fiaaz Walji of Websense Inc. put it best: "The Internet is very conducive to their type of crime because there are no borders. Laws are very vague in that if you originate in one country, exploit someone in another country and then sell the data to someone in a third country, what jurisdiction does that fall under?"
It gets even more exciting. Only two words: Undercover agents. Yes, agents in target organizations used to spy on security and, in some cases, "the criminals are actually fixing the security on hacked systems to prevent other criminals from penetrating those accounts."
Most security analysts agree: those in position to secure organizations from cyber-attacks should think the same way the criminals do. They should, for example, try to attack the organization themselves and figure out the weak spots. That being said, it is impossible to secure the whole organization.
"The hacker-cracker community has been criminalized and very much focused on making money — and there is a lot of money to be made in a lot of different ways. There are sites where you can buy zero-day exploits for targeted attacks, and there are sites where you can rent botnets. This is a business, in terms of products and services, in terms of support and in terms of how it's organized," said IDC security analyst Chris Christiansen.
Information is the new-age currency, because of its versatility - it can be sold virtually anywhere in the world.
What makes cyber-crime groups even more similar to legitimate businesses is the cooperation between them. Contrary to a popular misconception (which may have been true a while back), these groups are far from being closed circles, to quote the Framingham, "People work in a loose association of partnerships that, by the way, is surprisingly well-maintained and fairly disciplined. It doesn’t operate in isolation the way many people think. They communicate with each other, they feed each other information, they trade information and they pay one another in a variety of forms."
Most of the hackers that this business relies on are young people, who can't say "no" to quick and decent pay. This is especially true in countries like, say, Russia, where it might be difficult to make such money otherwise.
Modern hackers, contrary to oldschool ones, seek secrecy, which is an easy thing to comprehend having in mind that the goal is financial gain. Being nefarious may extend that gain over a long period of time: weeks, years, perhaps even more. These young hackers are further attracted to the trade because of it being relatively risk-free, mostly due to legal issues. Fiaaz Walji of Websense Inc. put it best: "The Internet is very conducive to their type of crime because there are no borders. Laws are very vague in that if you originate in one country, exploit someone in another country and then sell the data to someone in a third country, what jurisdiction does that fall under?"
It gets even more exciting. Only two words: Undercover agents. Yes, agents in target organizations used to spy on security and, in some cases, "the criminals are actually fixing the security on hacked systems to prevent other criminals from penetrating those accounts."
Most security analysts agree: those in position to secure organizations from cyber-attacks should think the same way the criminals do. They should, for example, try to attack the organization themselves and figure out the weak spots. That being said, it is impossible to secure the whole organization.
November 22nd, 2007 at 3:56 pm Top 10 things to do to secure your corporate network 1. Implement effective patch management tools are strategy. 2. Use Group Policy and centralised configuration management to enforce lock downs. 3. Secure client machines – use locked down builds, software restriction policies, connection firewalls and anti-virus programs. 4. Port scan your internal networks to see what is really running out there. Take action on what you find. 5. Use network-based Intrusion Detection Systems (IDSs) and update signatures frequently. 6. Implement application-level firewalling in addition to conventional firewalls. 7. Use vulnerability-scanning tools against server, as hackers do, and implement recommendations. 8. Implement strong password and account policies to resist brute force attacks. 9. Educate your users to work with you – not against you. 10. Double-check 1 – 9 periodically. Once is not enough