Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Sidebar: Hacking for profit

July 12, 2004 12:00 PM ET

Computerworld - The popular perception of the worm writer as a socially inadequate teenager who releases worms mainly to impress peers may no longer be entirely accurate.
A small but growing handful are in it for the money, and that could mean bad things for users, security practitioners say.
"Virus writers are getting more professional," says Graham Cluely, a senior technology consultant at antivirus firm Sophos PLC.
More of them are looking for opportunities to make money by either hiring themselves out to attack a Web site's rival or enabling spam and phishing scams. For instance, the kind of denial-of-service attacks launched against Microsoft Corp. and The SCO Group Inc. by MyDoom earlier this year could easily be done for hire.
More viruses are also being written that install back doors for stealing confidential information or to log keystrokes and install spyware.
There are numerous Web sites that sell malware such as Trojans and hacker tool kits to anyone who wants it, for prices that range from $5 to more than $20 a pop, says one source at an analyst firm that tracks such activities for clients.
And at least some of the activity is being done by organized gangs operating out of various countries, Cluely said.
Even so, for the moment at least, the vast majority of malicious hackers are amateurs, says Gerhard Eschelbeck, chief technology officer at Qualys Inc. in Redwood Shores, Calif.
It is the easy availability of tool kits and how-to manuals for developing worms and viruses that has led to the recent surge in automated worms, he says.
"It's very clear that the bar has been significantly lowered for writing automated worms, derivatives and mutations," says Eschelbeck.
The noise and the hype generated by such worms are drowning out the real threat -- that of the targeted attack by professional hackers, says Sam Curry, vice president of eTrust security management at Computer Associates International Inc.
"It's the attacks that don't make it to TV that you've got to be really worried about," Curry says. These are the attacks launched by "black hat" hackers who know what they're doing and leave little trace that they've compromised your network, he says. Currently, less than 2% of worms fall into this category, but even that represents a large number, considering the total number out there, he says.



Jump to comments

Security

Additional Resources

WHITE PAPER
Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.
WHITE PAPER
Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.
WHITE PAPER
Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...