@RISK Online - The Security Blog

Web Hosting by Netfirms | Free Domain Names by Netfirms

[Previous entry: "Passwords: The Weak Link"] [Main Index] [Next entry: "Online Security: What's your approach?"]

05/13/2000: "Hacking: Is It Really That Easy?"

Computer viruses spread worldwide in hours and cost hundreds of millions of dollars in damages and downtime. 500,000 credit card numbers stolen. Distributed-Denial-of-Service (DDoS) attacks take out major Internet portals. You’d think this stuff was child’s play. Well, in some ways it is!


News services have repeatedly said that IT security would be the big focus for the new millennium. Apparently hackers around the world feel it’s their duty to prove the news services right. After an anti-climactic New Years Eve, all attention was quickly drawn to the latest, greatest hacking feats. Perhaps you’ve heard of Curador? He’s the teenager that reportedly stole hundreds of thousands of credit card numbers by hacking into various e-commerce sites. That’s right, a teenager! Does the name Mixter ring any bells? He’s the teenager who wrote the Tribe Flood Network (TFN) distributed denial of service tool. Yes, another teenager! How is it that these teenagers are compromising e-commerce security and bringing down major web sites? They can do it with a simple click of the mouse!

Worried yet? You should be! Anyone with a computer and an Internet connection, no matter where, can use software easily available on the Web to launch an electronic attach with global implications. Modern hacking tools have made electronic "breaking and entering" so simple that literally anyone can use them. No more clumsy typewritten commands are necessary to take over a website. No more extensive, in-depth knowledge of exotic operating systems is needed to get inside web databanks. Today you simply download a program, enter the website of your choice and CLICK… Full Access!

But all this has been front-page news for months now. You all know about these electronic intrusions. You’ve read about the web page defacements, or electronic graffiti. You’ve all heard of the Denial of Service attacks that shut down e-Bay, Yahoo, and other major web portals. But this is just the news you can find in the paper. It isn’t the real story. The teenagers with a modem and too much time on their hands are not the real problem. They’re just the Headliners. The real problem is the "real hackers"!

Do you really think that all this damage is just due to a bunch of bored kids? No, but they make all the headlines. There are much more clever persons behind all this that we never hear about. The best hackers aren’t defacing web pages or stealing credit card numbers from e-commerce sites. The really talented hackers are the ones that no one hears about. They’re the ones that quietly compromise financial institutions, or penetrate deep into DOD classified networks. Why haven’t we all read about this in the newspapers? Mainly, this sort of crime either isn’t reported, or the report is "managed" very quietly so as not to cause embarrassment or potentially weaken the standing of a large financial institute. The general public simply doesn’t know the full scope of the problem. The next time you read about the latest hacker exploits in the headlines please remember: If you’re a good hacker, everyone has heard of you. If you’re a great hacker, no one has!

Navigation:

My Blogroll:

Security Advisories:

Defacements Archive:

Security News:

Security Tools: