Hackers are hitting harder - News - Security

To print: Select File and then Print from your browser's menu

--------------------------------------------------------------
This story was printed from ZDNet Australia.
--------------------------------------------------------------

Hackers are hitting harder

By Stan Gibson, eWEEK
January 02, 2001
URL: http://www.zdnet.com.au/news/security/soa/Hackers-are-hitting-harder/0,130061744,120107934,00.htm

"Spy vs. spy" is mad magazine's classic cartoon that pits two virtually identical characters against each other in an espionage and dirty-tricks contest that never ends. Great news: Hacking is heading straight into "Spy vs. Spy" territory as it moves into its next phase, the for-profit era.

It is a natural and predictable progression. You'll have to admit, the exploits of hackers who merely spread viruses and took down servers was getting stale. Vandalism is a low form of antisocial behaviour. Eavesdropping and theft of secrets are of a higher order. That's about the most positive spin that can be put on this development.

Several recent news items show that the new era is fast upon usâ€"for example, the hostage-taking of some 55,000 credit card numbers at Creditcard.com. Not long before, a cracker was discovered to have been siphoning money into his bank account from the gas pumps of a local service station. There are other crimes waiting to be perpetrated, if they haven't been already, including the electronic laundering of illicit money through offshore bank accounts and holding confidential medical information hostage, to name a couple. And the growing use of less-secure wireless networksâ€"not to mention the physical theft of laptopsâ€"will create even more seams of vulnerability.

How bad is it?
"It's really easy to crack systems these days," said Don Reifer, president and CEO of Reifer Consultants. Reifer has abandoned home banking and given up DSL in favor of a 56K-bps modem because of security fears.

Still, IT managers must find a way to deal. For example, if a cracker obtains access to your corporate system, you may want to use "honey pot" data to fool the intruder into thinking that he or she has discovered valuable data. All the while, you'll be tracking his or her actions in an effort to gather evidence.

Reifer estimates that we hear about no more than 20 percent of all security breaches. The grim truth is that, as I write this, the most outrageous and damaging breaches probably haven't even been reported.