http://hoovnews.hoovers.com/fp.asp?layout=displaynews&doc_id=NR20020217670.2_26ed000c82ac96e7 Tina Arceo-Dumlao 02/18/2002 SINGAPORE - Watch enough movies involving cybercrime and you would get the impression that crackers (often referred to as computer hackers) have high IQs who just decided to use their intelligence for evil. The disturbing truth, however, is that most crackers or hackers are just bored, antisocial kids who have little knowledge about the Internet but have a lot of time on their hands. These individuals' idea of fun is to penetrate the websites of even the biggest corporations and leave behind as much damage as they could. The bigger the company, the greater the challenge. Jeff Portelli, senior vice president of MasterCard International, said in a conference here on MasterCard's e-business tools, that studies revealed that less than 10 percent of crackers are competent programmers. The rest are ordinary individuals with just the most basic knowledge of how to work the computer. Portelli explained that it was quite easy for people with the time and intent to break through a website as the Internet was filled with websites where the potential hackers could get step-by-step instructions. There are over 30 hacker publications in the market, 440 hacker bulletin boards and 400,000 websites dedicated to "hacking tips." These include hackers.com, securityfocus.com, www-berlin.ccc.de, rootshell.com, 2600.com, insecure.org and piracy.com. Mark Patrick, MasterCard vice president for interactive services, said hacking has become so prevalent that at least one cybercrime is committed every 20 seconds. The US government alone said that it would likely experience over 300,000 Internet attacks this year. Patrick said hackers spend the time and effort to penetrate websites because of the intellectual challenge, gang mentality, recognition, theft of information, vandalism, blackmail, sabotage -and for the most extreme cases-terrorism. There are seven phases, he said, to a successful hacker attack. First step is the reconnaissance, where the hacker gathers information about the target network, followed by the probe and attack of the website where the hacker finds weaknesses in the website and deploys the required tools. The third step is establishing a toehold where the hacker exploits weaknesses and enters the website, followed by advancement or gaining privileged access and the stealth. Once their tracks are covered, the hacker then steals information, the most popular of which are lists of credit card numbers. Finally, the hacker takes over the website. Even the biggest websites have not been spared. These include amazon.com, Microsoft, Yahoo and e-Bay. CDNow, one of the largest online retail websites, was even forced to close down its operations following a particularly brutal hacker attack. It is hard to quantify the losses incurred due to hacking but a report in 2000 estimated that losses due to hacking of websites could reach as high as $1.6 trillion. - ISN is currently hosted by Attrition.org To unsubscribe email email@example.com with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Feb 19 2002 - 03:17:22 PST