Posted on 03/10/2005 2:51:04 PM PST by Eagle9
If money is the root of all evil, then hackers are evil incarnate. According to a security intelligence firm, more than half the cyber-attacks conducted in 2004 were carried out by criminals interested in only one thing: money.
iDefense, a Reston, Va.-based supplier of security intelligence to both corporations and government agencies, delved into its private database of more than 100,000 malicious code attacks to publish analytical findings publicly for the first time, said Ken Dunham, the company's director of research.
Using that database, iDefense tallied a record 27,260 attacks in 2004. Over 15,000 of those, or some 55 percent, were specifically designed to covertly steal information or take over computers for criminal purposes, including identify theft and fraud, said Dunham.
"We counted over 9,000 backdoors alone," said Dunham, the component now dropped by most mass-mailed worms to allow hackers later access to compromised machines.
"This is a business," said Dunham, "with organized criminal groups around the globe continuing to mobilize resources to develop, sell, and launch Internet attacks."
Among the ways these crooks are making money, iDefense's analysis showed, are swiping credit card and bank account data, then selling them based on a tiered-value system where platinum-grade cards, for instance, are priced higher, with a corresponding higher attack ratio against targets to acquire those kinds of cards.
Other money-making schemes include assembling networks of infected machines to send spam, launch follow-up malicious code assaults, or threaten denial-of-service (DoS) attacks to extort payment from Web sites.
This criminalization trend exploded in 2004.
Last year, the number of attacks with an IRC (Internet Relay Chat) component skyrocketed by 1000 percent over 2003, Dunham said. Malicious code attacks that utilize IRC typically automatically collect data--including personal financial information--and send it to the hacker's private chat space, where he can process, filter, and analyze the data.
Attacks using a backdoor or relying on other remote access tricks to infiltrate a system also jumped during 2004, and showed a 420 percent increase over the previous year.
"Organized crime rings capturing personal information for fraud and extortion activities are a driving force in the growth of malicious code threats," said iDefense in a statement. "Unlike 'phishing' attacks, where users are tricked to provide personal financial information, these approaches are often unseen by the victim."
And even the attacks that make the media are only the tip of the iceberg, said Dunham. "There's a huge number of obscure little 'bots that are attacking specific enterprise networks. Bots, which are a low-level blip on most people's radars, are shooting through the roof."
The future looks grim, said Dunham, with more and more attacks motivated by money. "We saw an exponential increase last year, and I see no evidence that that's slowing." He cited the recent weeks' attacks by a large number of P2P and instant messaging worms--including Bropia and Kelvir--as proof. "We're seeing an incredible number of multiple variants, all launched in a very short duration."
iDefense also found that quantity wasn't the only thing increasing in malicious code. Attacks are now much more likely to breach traditional defenses such as firewalls, anti-virus software, and intrusion detection tools.
"With literally hundreds of Trojans out there, some used to attack only one company's network, AV vendors can take days, weeks, and even months to do analysis and produce a defensive signature. Like any company, AV firms must strike a balance between profitably and resources," Dunham said.
iDefense may release other reports based on its accumulated attack evidence, which Dunham described as analogous to a law enforcement agency's fingerprint system.
"We want to know the heartbeat of the [hacker] underground," said Dunham.
And by the numbers, it seems that heart beats to the tune of a cash register.
"We saw an exponential increase last year, and I see no evidence that that's slowing."
"We're seeing an incredible number of multiple variants, all launched in a very short duration."
"With literally hundreds of Trojans out there, some used to attack only one company's network, AV vendors can take days, weeks, and even months to do analysis and produce a defensive signature. Like any company, AV firms must strike a balance between profitably and resources," Dunham said.
Since the Russian phishing attack last summer, 2004, it looks like the main security threats are now organized criminal groups, based in foreign countries, motivated by financial gain. Compared to the stereotypical teenage hackers of the recent past, these groups are much more dangerous. Identity theft can be very costly in a number of different ways. The ChoicePoint scandal, 10/2004, involved 145,000 cases of theft of personal data in all 50 states. In a related case reported just yesterday, Mar/09/05, involving theft of 32,000 LexisNexis customers personal data (names, addresses, and Social Security and drivers' license numbers) , the ChoicePoint Inc database came under federal scrutiny.
I mean, the stupidly incomplete sentence in the LEAD paragraph!!!
Actually, the love of money is the root of all kinds of evil. But, don't let the truth get in the way of a good myth (or a great Pink Floyd tune). ;O)
For the record that is not the famous quote. "The LOVE of money is the root of all evil" is the correct quote.
To paraphrase David Mamet:
We are men and we must dream. And when we dream, we dream of money.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.