Sidebar: Hacking for profit

Computerworld - The popular perception of the worm writer as a socially inadequate teenager who releases worms mainly to impress peers may no longer be entirely accurate.
A small but growing handful are in it for the money, and that could mean bad things for users, security practitioners say.
"Virus writers are getting more professional," says Graham Cluely, a senior technology consultant at antivirus firm Sophos PLC.
More of them are looking for opportunities to make money by either hiring themselves out to attack a Web site's rival or enabling spam and phishing scams. For instance, the kind of denial-of-service attacks launched against Microsoft Corp. and The SCO Group Inc. by MyDoom earlier this year could easily be done for hire.
More viruses are also being written that install back doors for stealing confidential information or to log keystrokes and install spyware.
There are numerous Web sites that sell malware such as Trojans and hacker tool kits to anyone who wants it, for prices that range from $5 to more than $20 a pop, says one source at an analyst firm that tracks such activities for clients.
And at least some of the activity is being done by organized gangs operating out of various countries, Cluely said.
Even so, for the moment at least, the vast majority of malicious hackers are amateurs, says Gerhard Eschelbeck, chief technology officer at Qualys Inc. in Redwood Shores, Calif.
It is the easy availability of tool kits and how-to manuals for developing worms and viruses that has led to the recent surge in automated worms, he says.
"It's very clear that the bar has been significantly lowered for writing automated worms, derivatives and mutations," says Eschelbeck.
The noise and the hype generated by such worms are drowning out the real threat -- that of the targeted attack by professional hackers, says Sam Curry, vice president of eTrust security management at Computer Associates International Inc.
"It's the attacks that don't make it to TV that you've got to be really worried about," Curry says. These are the attacks launched by "black hat" hackers who know what they're doing and leave little trace that they've compromised your network, he says. Currently, less than 2% of worms fall into this category, but even that represents a large number, considering the total number out there, he says.

Read more about security in Computerworld's Security Knowledge Center.