http://www.computerweekly.com/articles/article.asp?liArticleID=133966 6 October 2004 A young Asian hacker who easily penetrated the databases of several large US corporations, and whose exploits made him a top target for the FBI, offers advice for dealing with foreign cybercriminals. "Knowing what makes your antagonist tick is the key to getting the result you want," he says. Do you think it is more difficult to hack into US corporate networks today than it was four years ago? If we are talking about the network that existed four years ago and exists now, then it would probably be more difficult, especially if during those years a given target had experienced trespasses by hackers. If it is a recently developed network, then chances to get access are probably better. In general it is easier for hackers to get access to networks in countries with growing and well-developed economies, because such companies have resources to expand their networks. In third-world countries the companies do not have the ability or resources to expand the networks, so they have to fine-tune them and work with what they have. Should US companies worry about hackers in Russia and other countries? Hackers from countries where the economy is less developed than the US are more motivated by money than by pride when they start trespassing on US companies - as opposed to US hackers, who are motivated more by pride than money. (There are many other ways that you can make money in the US.) Also, money is a stronger motivator than pride. That's why people motivated by money are more dangerous. Hackers are businesspeople [if they are motivated by money]. In most cases, they are probably just having difficulties in their countries finding and exploring opportunities to work. If a company that is hacked into can explore with a hacker his or her talents in a more peaceful way, the victim can only benefit. If these hackers are businesspeople, they can be redirected by being offered a better deal than the one they might get by creating pressure through hacking. I deeply believe in this point. It is hard, however, to generalise too much because every case involves different kinds of people and different circumstances. What security measures offer the best protection against hackers? Keep the hackers occupied if you recognise them as a threat. This might be similar to what some countries have done with their nuclear scientists - Russia, for example, keeps them under close supervision and treats them well, but above all keeps them busy professionally. Is there a certain type of network that is particularly easy to hack? There are two types. First, those that develop custom software. They usually invest money in developing the features that software provides, but often forget about securing parts of this software. The second type is where there is a breach in the company's infrastructure. It is not the hacking per se that is dangerous; what should concern the company is being taken advantage of by the use of that information. For example, if one got account numbers of users of PayPal, the hacker could then contact the users in huge numbers and attempt various kinds of fraud. Will security technologies ever be able to keep hackers out, or will hackers always find a way into corporate networks? Software and hardware can be improved to protect against trespasses. But then hackers will concentrate on security breaches in the infrastructure of a company, or do "social engineering". The ultimate goal is to obtain information for subsequent use, and hacking is just one of the many ways to obtain it. Written by CSO staff _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
This archive was generated by hypermail 2.1.3 : Wed Oct 06 2004 - 07:52:58 PDT