LAS VEGAS -- This year's Black Hat Briefings and Def Con hacker conferences appeared more professional than in previous years, with an increased number of security professionals and government officials in attendance. But one thing the back-to-back events didn't produce, observers said, is a picture of an organized and mature hacker underground.
That's not necessarily seen as a good thing. The lack of maturity and organization may actually make less capable hackers more dangerous to companies, according to many of the security analysts who were among the 5,000 attendees at the two conferences last week. Experts say script kiddies -- mostly teen Web page defacers -- often unwittingly aid and abet serious criminals through their reckless probing and compromising of systems. In addition, they often are the targets of coercion by serious criminals, who egg them on through chat rooms and other online forums. The more sophisticated criminals are then able to exploit the work of the script kiddies while remaining anonymous.
"The fact that script kiddies will blindly launch scripts against large IP blocks without any thought as to who they are attacking makes them dangerous, especially for those administrators who do not take security seriously," said Mandy Andress, president of ArcSec Technologies Inc., a consultancy in Dublin, Calif.
Andress said she didn't see any significant new details about vulnerabilities or methods of attacking systems while attending the Black Hat conference. But there was "enough information for the script kiddies to make them just a bit more dangerous," she added.
Although the hackers who attended the conferences represent a cross-section of the hacking community, security officials said they're more concerned about those who weren't there. "The more sophisticated exploits that the pros use are not being talked about at Def Con or Black Hat," said Chris Klaus, founder and chief technology officer at Internet Security Systems Inc. in Atlanta. "A hacker conference is probably the last place [they] want to be seen."
"There are others who shun the spotlight yet firmly believe in their agenda to undermine and disrupt e-commerce and commercial use of the Internet," said Gerald Freese, director of intelligence at Vigilinx Inc., a security firm in Parsippany, N.J., that specializes in threat intelligence. "These are the veterans. These are the ones that we fear the most."
Increasingly, those veterans are overseas, said Klaus, whose company offers managed security services. Many hackers in the U.S. lack the economic motivation to commit real crimes, he said. But that motivation is higher in Russia and other countries where economic conditions are much worse, Klaus added.
Many hackers actually are providing a public service, said John Pescatore, an analyst at Gartner Inc. in Stamford, Conn. "Before the vandal hackers became so prevalent, [software vendors] would take months before releasing a security patch -- if they were even aware of the security bugs in their products," Pescatore said.
Related stories:
- Security vulnerabilities found in LDAP products, July 18, 2001
- At Black Hat, ties seen tightening between hackers, legal officials, July 13, 2001
- Bush said to be planning cybersecurity board, July 10, 2001
- The enemy within, July 9, 2001