Blog article
See all stories »

A New Dawn in the Age of the Hacker

What is casual fraud?  It can be anything from fraud conducted on online shopping and auction websites – with products purchased but never received, and internal fraud by employees and employers, to online dating scams and the so-called ‘Sweetheart Fraud’ – a deception that refers to the collusion between an employee and a customer.
And that’s not all.  Last year a survey commissioned by The Logic Group suggested that 83% of businesses believed that their organisation is more or significantly more secure due to PCI DSS, the comprehensive standard intended to help organisations proactively protect customer account data, but will budget and staff cuts lead to businesses cutting corners and leaving themselves exposed to fraudulent activity, and ultimately, the fines levied for non-compliance?
Darwinian hackers

The whole profile of the hacker has now changed. The stereo type hackers were ‘geeky’ youths with no social skills with their only allies being a computer. Traditionally, hackers generally came from two areas of society either from a university or from middle class white collar families; this was all linked to having access to unlimited hours on a computer.  Now the hackers have grown up and evolved to become professionals – games programmers, security consultants or business proprietors.  The hacking world, like punk rock music, has matured and out of the random chaos there is now order, organisation and significant investment.

Whilst the rest of the economy reduces spending and investment, the hacking world is gathering force, investing more and more into its infrastructure and capabilities. Organised crime has now moved to organised hacking, where risks are lower, the chance for detection slim, the rewards higher and legal cross-borders prosecution is complicated. A Transmission Control Protocol (TCP) packet – protocols which all internet communication relies on – can be hijacked, manipulated or injected by fraudsters; their malicious software has no moral, political, geographical or economical bias; it also does not grow old, or go off the rails becoming prone to drug abuse. It is the perfect criminal agent.

This new dawn of hacking has reached maturity through a single killer app, the botnet. This enigma has streamlined hacking to improve the breadth, speed and resilience of the delivery of hacking payloads. There are many types of malicious code, be it a Trojan, worm, virus, scareware, ransomware, phishing, spam, spyware, keystroke loggers, prankware, adware, with more evolving on a monthly basis.

Constant evolution

Whatever the impact of malicious code, and it is getting more inventive every year, the botnet provides the ideal delivery mechanism. Botnets are very similar to a corporate WAN – a computing and communications environment that provides users with hardware and software services behind the corporate firewall -  they take time to develop, setup, configure, manage, maintain, test and deploy. They follow the same System Development Life Cycle of major IT projects, with project managers, coders, testing teams etc. Some even have quality control teams. After all Botnets have to be efficient and secure, to create a viable revenue stream for the organised crime teams so, just like any other corporation, that their ROI satisfies their shareholders.

Hacking for the masses

Now that computers are cheap enough for anyone to afford them, new hackers are developing around the world in economically challenged countries and the developing world. These are the new and cheaper employees of the botnet enterprises that efficiently deliver malicious code to order.

20 years ago there were many types of network delivery mechanism, for example XNS, Netware, IPX, NetBios, SPX, X25 etc. This has been homogenised and in reality the only network is IP and realistically it’s the Internet. So if I was asked to think of the top five hacking scams, the answer would be that it has all been homogenised and is delivered through a single framework; the botnet. The actual malicious code or scam then becomes irrelevant. Like the common cold, if you get a sniffle does it matter if it is the rhionovirus, coronavirus or the adenovirus? As far as you are concerned it’s a cold and you caught it through breathing; something you’re not likely to stop by choice.  So if you receive a Trojan or some ransomware, does it matter? You caught it from a network, probably a botnetwork, and a network is not something you are likely to stop using by choice.

Learn to fasten your seat belt

The major current hacking threat is the Zeus Trojan, but if you are reading this article in the doctor’s surgery waiting to find out what particular strain of flu virus you have, this magazine could be more than 6 months old and the Zeus Trojan will have been nullified and today it could be the Scudera Trojan, which hasn’t even been developed yet.

Hacking scams are now a way of life and are here to stay. The car has been around for well over a century and killed millions of people. We are not going to stop driving cars (by choice anyway), but we now all wear seatbelts. Today a computer without Anti-Virus or malware detection software is like driving a car without a seatbelt. That said a network without a hacking scam would see forensics investigators joining the bread line!

Neil O’Neil, is a Qualified Forensics Investigator from secure customer interaction specialists, The Logic Group



Comments: (3)

Michael Wright
Michael Wright - Tilte, Taxd, Welleasy - London 14 September, 2010, 15:05Be the first to give this comment the thumbs up 0 likes

Neil - great post - I see the analogy of the car and seatbelt could be taken further. In the early days of cars, seatbelts were around but not always used - same as antivirus and firewalls today.

Over time we had anxious parents constantly telling us to buckle up - who will be the parents for the internet? Seeing as most of the problems are with adults already.

The difference between cars and the net is that car crashes are visible and understandable. Most victims of malware today don't have the slightest clue that they are infected or how to detect the problem.

John Dring
John Dring - Intel Network Services - Swindon 16 September, 2010, 14:55Be the first to give this comment the thumbs up 0 likes

Keeping that analogy going - I am constantly wondering that, despite having fully paid up AV protection, maybe I am still going to crash!  Have I still got a clever Trojan - do I trust my seatbelt in otherwords.  Perhaps I should get myself some airbags to go with the AV and sign up to some Identity Protection service?  But the one suggested by Robert Siciliano here seemed so US oriented, I wonder if it would even go off in the event of a shunt.


A Finextra member
A Finextra member 20 October, 2010, 11:12Be the first to give this comment the thumbs up 0 likes

Thanks for the comments guys. To take the motor car analogy even further, I think I have a comparative solution to reduce digital crashes/accidents. Nowadays you wouldn't allow anyone to drive a car without a license. To pass the test for a license you need training by experts. With your license you are then free to drive...within reason. I believe that Information Security should be mandatory on the school curriculum. Once you pass the exam you get your Internet license, which is your own digital certificate. Everybody should be made to have Information Security training and to take a test before they can use the Internet. All your Internet activity would have to be conducted using your own digital certifcate, which could also be linked to a biometric. Like with a car, when you have a crash, most times the driver is known. If someone sends spam or a worm, their activity should be traceable to their digital fingerprint. I know this is a bit science fiction and would take decades to introduce and to make fool-proof. But did you know the first competency tests for a driving license were not introduced into the UK until 1934, even though the first road fatality from a car was in 1869?

Now hiring