Not too long ago, a typical hacking scenario involved a lone attacker or maybe with some friends working late into night high on soda and pizza, looking for public-exposed IP addresses. When they found one, they broke in using a multitude of vulnerabilities and explored the compromised resource to their heart’s content. More often than not, the intent was exploratory and even if something illegal happened, it was a spur-of-the-moment crime of opportunity.
Well, things have changed.
Nowadays, hacking is all about crime, round the clock, replete with crime syndicates, bidding markets, botnets for hire, state actors, and cyber warfare – in short chaotic.
So who are the biggest threats to IT security today?
Professional Cyber Crime
Although the individual mastermind does exist, most malicious hacking attacks these days are carried out by organized groups, many of whom are professional. Traditional organized crime groups involved in drugs, prostitution, gambling, and extortion too have thrown their hats into the ring. Competition is fierce, led not by godfathers, but large groups of professionals focused specifically on cyber crime.
Most successful organized cyber crime syndicates lead large affiliate groups, much in the vein of distributed business hierarchies. Small groups do exist, but more than ever IT security pros are up against larger organizations dedicated to rogue behavior. And it’s increasingly criminal, no longer funny messages splashed on the screen or similar teenage antics.
Cyber crime has evolved into a multilevel, service-oriented industry with the specific goal of fleecing people and companies out of money and intellectual property. Computer Security
Several cyber criminal organizations are small in scale and entrepreneurial in nature, gangs after only one thing: money. These malicious players steal identities and passwords or utilize nefarious redirection to obtain the same. In the end, all they want is money.
These groups initiate fraudulent banking or credit card transactions across the globe, convert their ill-gotten gains into different currencies through electronic cash distribution, e-banking, or other means of money laundering.
Money launderers are aplenty, competing to be the one that gets a significant percentage of the illegally procured loot. They promote themselves with “no questions asked policies,” “totally secure” hosting and transactions in far away countries beyond the reaches of legal institutions.
They can be easily found on public bulletin boards and bidding forums, come with special offers, 24/7 telephone support, satisfied customer references, and all the support others need to be better online criminals.
In the early days, bragging of exploits was common. But today’s cyber criminal prefers to be under the radar – however, the growing legions of hacktivists are an exception. These are an increasing number of loose confederations of individuals dedicated to political activism, of whom the Anonymous group is the most infamous. Such politically motivated hacking has been in existence since internet’s early days.
Their intent has been to embarrass and bring negative attention to the victim as much as possible. This might include hacking customer information, distributed denial of service (DDoS) attacks, or simply causing the victim some additional strife.
However, what has changed is that more of it is being carried out in the open, and society has accepted it as a form of political activism. But regardless of whether one believes in the political cause, the intent and methods remain criminal.
Related Post: 5 Tips for Improved System Security