Computer Crime Research Center


Better hackers behind attack boom: Verisign

Date: November 23, 2004
Source: PC Authority
By: Gregg Keizer

Security events in the third quarter jumped 150 percent over the same period last year, fuelled by more sophisticated hackers writing better code who are more interested in dollars than creating computer disasters, according to internet security firm VeriSign.

VeriSign's three times a year Internet Security Intelligence Briefing (ISIB) analyses data collected from the services it provides its customers, such as SSL digital certificates, domain name system (DNS) services, and fraud protection.

"We handle about 30 percent of the internet's e-commerce," said Mark Griffiths, VeriSign's vice president of security services. "So although [the ISIB] does lean toward data related to credit card transactions, it's still a good cross section of the security situation."

And that situation in 2004 is worse than the previous year. From July through October, the number of security events per device monitored by VeriSign jumped 150 percent over the same quarter of 2003. The good news: the number actually dipped from the first and second quarters of 2004.

"That's partly a seasonality thing," said Griffiths, "but it's also due to a lack of any new major threats launched in the quarter. But we expect credit card use to climb in Q4, and the number of security events will follow."

Hackers are not only getting bolder, but they're getting better at their "jobs," said Griffiths. "Viruses written to be malicious didn't need to be written very well," he said. "But now that their primary aim is money, they're writing better code."

And that has had a direct impact on not only the sophistication of attacks, but also their number. Sample exploits, noted VeriSign in the ISIB, once were of such poor quality that only a skilled programmer could edit the code to produce a working attack.

In the past quarter, however, exploit code "has been surprisingly simple to make work," which gives less technically astute hackers -- the ones often dubbed "script kiddies" -- a much better chance of wrecking havoc themselves as they massage the exploit code into a working worm or virus.

Like other security trend reports, VeriSign's ISIB also took notice of the shift away from mindless cyber-vandalism and towards organised hacking motivated by money.

That's evidenced by a slew of signs. Spam is up, and more aggressive in how it tries to avoid anti-spam filters. Phishing attacks are on a dramatic upswing. And there's even a trend toward denial of service extortion, a new spin on the Mob's old protection racket where hackers demand money for not launching a DoS on a commercial website. Internet crime is increasingly more organised, said VeriSign, with financial gain the reward.

"Teenage hackers have grown up, and now they're looking to make a living from crime," said Griffiths.

On the bright side, this hacker shift means that traditional "follow the money" tactics can be used by law enforcement, which has decades of experience in fingering criminals by tracking stolen property or funds.

"The challenge is that the virus and bot writers are becoming much more sophisticated in how they're writing their code," said Griffiths. "That means we have to be better at what we do."

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo