[ISN] Expert slams outlandish hacker claims

From: InfoSec News (isnat_private)
Date: Mon Jun 30 2003 - 00:41:02 PDT

Next message: InfoSec News: "RE: [ISN] Student arrested for allegedly hacking university computers to derail election"

Previous message: InfoSec News: "[ISN] Judge orders shutdown of many Interior Department computer systems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.vnunet.com/News/1141901

By Robert Jaques 
27-06-2003

Suggestion that hackers control three million servers is 'nonsense'

Security expert Neil Barrett has poured scorn on research released
this week claiming that hackers are in control of at least three
million servers around the world.

Intrusion prevention system vendor Trustcorps said that it had
"scientific and anecdotal" research indicating that the average hacker
'owns' between 600 and 800 systems at any time.

The company estimated that there are at least 1,000 hacker groups,
with an average of five hackers per group each owning at least 600
systems. Each hacker will own a compromised system for six months on
average.

An extrapolation of these statistics by the security firm suggests
that there are a minimum of three million systems owned by hackers at
any one time.

"Much hacking is focused simply on 'ownership': knowing that you have
complete and unfettered access to, and control over, a system," said
Trustcorps.

"It is extremely desirable for someone to 'own' millions of dollars
worth of computing power, and for the people they have 'stolen' it
from to be completely unaware."

But Barrett, technical director at Information Risk Management,
questioned how any hacker could own 600 computers at any one time.

 From his experience working with the police, he said that hackers
typically control no more than 12 systems at any time.

"The sheer mechanics of 600 computers - no. How can you control 600
computers?" he said.

Barrett added that a system is often not 'owned' by a single hacker,
because others will have discovered the vulnerabilities as well.

But Trustcorps insisted that, while some hackers will launch targeted
attacks on specific systems, taking weeks or months to penetrate them,
this is unusual because much hacking is automated and indiscriminate.

Hackers use automated scanning tools to search for systems they can
attack successfully. This way they can penetrate and own hundreds or
even thousands of machines in a few hours, the company claimed.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomoat_private with 'unsubscribe isn'
in the BODY of the mail.

Next message: InfoSec News: "RE: [ISN] Student arrested for allegedly hacking university computers to derail election"
Previous message: InfoSec News: "[ISN] Judge orders shutdown of many Interior Department computer systems"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 30 2003 - 03:09:24 PDT