2004 could be a record year for hackers
October 28, 2004
Robert Graham, chief scientist of security company Internet Security Systems says that many hackers are graduating into the professional ranks, a disturbing feeling that complicates the lives of network administrators and corporate security managers. Overall, Graham seriously believes 2004 could prove to be a record year for hackers.
"Before this year, we really saw just kids that are playing and pretending to be masterminds," said Graham, who did important early work in the development of intrusion-prevention systems. "But this year, we saw the rise of the professional hacker."
Get your advertorials and infomercials written by experts.
For many years, hackers were content with the thrill of breaking into other systems, or with whatever elevated peer status they achieved through their exploits. But not anymore, according to Graham, who says that both the pattern of hacker attacks, and the motives behind the attacks, are changing. Hackers are now far more coordinated, and they no longer merely rely on copycat tools and random attacks. What's more, Graham detects a dangerous intent to profit financially from hacking. He recently spoke with CNETAsia about this evolving security challenge.
Q: Are hackers getting paid now?
How would you define a "pro hacker"?
This year, things are changing, and you can see it from the FBI's activities in the U.S. this year. In one arrest by the FBI, the subject was a spammer who had thousands of machines under his control used to forward spam.
Is that pro mind-set reflected in the exploit patterns?
It's been largely a game for hackers up until now. Today, more people write their own exploits. Why are they able to do it? If you look at the kids graduating from school all over the world, they got interested in hacking when they were, like, 12-year-olds, in the mid-'90s. Over the years, their interests have grown into a skill set that lets them write their own attack programs.
Speaking of new exploits, what do you make of the rising number of bug
variants that we've seen this year?
But why were hackers suddenly interested in making variants?
So how worried should we be? Are viruses becoming
more sophisticated in a hurry?
The bread-and-butter defense today remains the firewall.
Where does this mature technology go from here?
IPS (intrusion-prevention systems), on the other hand, are able to look for attacks coming in the open doors. IPS and firewalls are probably going to merge soon into one product. But firewall technology, by itself, is done. It already has become a commodity.
Montreal Web Design will build a great-looking website for your business.
No room for improvement at all?
And we've seen (organizations not using their firewalls correctly). For example, we find that Slammer occasionally comes through the firewalls, even though it is supposed to be blocked by the rule-sets. The reasons are varied. Sometimes it is because people go into the reality that hackers writing viruses really aren't all that smart.firewalls to open ports they shouldn't be opening. Other times they just remove the whole configuration from the firewalls and reset them back to the default state of "open," which lets everything through. They may do this for only a few seconds before they re-apply the policy again, but that is enough for Slammer to come through. And these things happen partly because of the complexities of today's firewalls. With simpler systems, you are unlikely to make those mistakes.
How important do you think application firewalls will become in the future?
Let me give you an example of something that happened with me. Not long ago, I ordered a plasma screen online, which was to be shipped by a local company in Atlanta. And the company gave me a six-digit shipping number. Accidentally, I typed in an incremental of my shipping number (on the online tracking Web site). Now, a six-digit number is a small number, so of course I got someone else's user account information. And the reason that happened was due to the way they've set up their user IDs, by incrementing from a six-digit number.
So here's the irony: Their system may be so cryptographically secure that (the) chances of an encrypted shipping number being cracked is lower than a meteor hitting the earth and wiping out civilization. Still, I could get at the next ID easily.
There is no application firewall that can solve this problem. With applications that people are running on the Web, no amount of additive things can cure fundamental problems that are already there in the first place.
What's security technology's next frontier?
What's the lowdown on VoIP?
Leasing links to your website will boost your search engine visibility
Source: C-Net News
Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.
You can link to the
Internet Security web site as
much as you like. Read our section on how your company can participate in our
reciprocal link exchange program
and increase your rankings
in the major search engines such as
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing