Beware of the New Breed of Hackers

by Abhinna Shreshtha    Sep 25, 2008

Unknown to us, a silent war is continuously being fought between hackers and those who stand against them. With the Internet evolving daily and as organizations keep beefing up their security, hackers too have evolved their modus operandi. In recent years attacks have a level of sophistication that was not seen previously.

Capt. Raghu Raman, CEO of Mahindra Special Services Group (MSSG) is not a novice when it comes to Internet security. In his15 years as an information security professional, he has seen a lot of security breaches and hacker attacks. But he too is amazed at the complexity and ingenuity of some of the recent attacks. “To hoodwink security systems and administrators hackers are resorting to more and more subtle methods. Taking a look at some recent examples, it is really difficult to understand just how they attained this level of expertise.”

He gave an interesting example that MSSG had come across some time back involving a financial company. During a security audit, MSSG found that one particular machine on the network was extremely hardened, compared to other machines. In fact, considering the level of expertise required, it could not have possibly been done by the system administrator. MSSG investigated further and found that someone had inserted a sophisticated Trojan inside the machine and then hardened the machine so that no one else could get in.

So what is the reason for this increase cybercrimes? According to Niraj Kaushik, country manager of Trend Micro India and SAARC, hackers are getting more financial motivation to carry out attacks. “Cyber criminals are presently selling credit card numbers for $0.40 to $20 while bank account details can command $10 to $1,000 in shady online forums. And on the black market malware, such as Trojan horses used to steal online account information, are being sold for $1,000-$5,000,” he said.

Besides financial profits, some criminals also spread malware just to increase their Internet footprint. Botnet herders, for example, use spam to spread malicious code that hijacks unknowing users’ PCs and assimilates them into botnets. These are then used to commit click-fraud and plant spyware and adware that distribute spam and other malicious content throughout the world. Today’s botnets can control hundreds of thousands of infected PCs, placing computing power and network bandwidth into the hands of criminals.

An interesting trend is that nowadays hackers prefer to corrupt legitimate websites instead of going to the trouble of creating fake websites for launching phishing attacks, spreading worms, etc. According to security company - Websense, in the first half of 2008, more than 75 % of the web sites Websense classified as malicious were actually sites with good reputations that had been compromised by attacker. Hackers are also exploiting the exploding social networking and Web 2.0 scenario to further their attacks.

So what can an enterprise do to protect itself from these attacks? Vasant Kumar, sales engineer for Websense India said, “Companies could use a step by step methodology, using various technologies to evaluate their security strategies. A recommended best practice model is understanding who is authorized to access specific Web sites, sensitive content, or applications, what data is critically important to the organization and must be protected from accidental or intentional leaks, where users are allowed to go online, and where sensitive data can be sent safely and lastly how sensitive data is allowed to be communicated, and how online resources can be used safely and productively by the business.”

With hackers continuing to focus their attention on Web 2.0 elements of the evolving Webscape, adaptive content classification and dynamic content scanning is now required to protect business and their information said Kumar.

Kaushik also advocates a multi-layered strategy that includes preventing unnecessary protocols from entering the corporate network, restricting user privileges for all network users, choosing security products with in-cloud updates to protect the mobile workforce.

However all experts we talked to agree that no matter what precautions an organization takes, there is nothing that can guarantee complete safety from a hacker attack. As an IT administrator, all one can do is be ever vigilant and take all possible safeguards.

Related links:
Value of Information Security Being Recognized