Wall Street & Technology: Blog
subscribe June 20, 2007

The Multi-Billion Dollar Hacking Industry

It is a multi-billion dollar industry. Today’s IT attacks are regional, targeted, going after specific people and companies in the world, and entirely driven by profit, according to David Rand, CTO of security firm Trend Micro.

“Yesterday's hacker was typically aged 15 to 34, had no girlfriend and was living with his parents. This is no longer true today,” Rand told the audience at the SIFMA trade show.

Hackers used to break into computers just to prove a point. “But today, hackers are professional, motivated, have lots of cash and are doing it for the cash. It’s all about the money and the money is huge. It’s all profit driven. That’s a remarkable change in the last ten years,” he said.

Rand said that in today's underground economy, users’ stolen account information is currently priced at $1000-$5000, a credit card number with pin is valued at $300, birth certificate information goes for $150, while a credit card number with security code and expiration date is currently valued at $7-$25.

Rand pointed to a dramatic shift to web-based threats. Users are clicking on a malicious URL in an email or an instant message, and redirected to compromised Web sites. "Often software or freeware is bundled surreptitiously with malware,” Rand said.

He cited the example of a malicious site claiming to show a Web video of Saddam Hussein’s execution. But when users clicked on it, they unwittingly downloaded spyware.

Last week, the FBI and the Department of Justice said they had identified over one million potential victims of botnet cyber crime.

A botnet is a collection of compromised computers under the remote command and control of a criminal “botherder.” Most owners of the compromised computers are unknowing victims. They have unintentionally allowed unauthorized access and use of their computers facilitating crimes like identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware.

Infections today are designed not to interrupt normal business, Rand said. They stay hidden to users as long as possible. “They install updates but they’re clever – they don’t even ask you to reboot, so you never notice. They’re more clever than legitimate software makers,” he said.

In the last two years, there have been more than 300,000 new versions of malware – more than in the last 15 years as a whole, Rand said.

Posted by Melanie Rodier at 09:44 AM



This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.


CHECK THIS OUT

Make your organization more efficient and customer focused. Visit the Transaction Lifecycle Management Site today!


Featured White Paper
Grupo Santander Uses TLM Reconciliations to Reduce Operational Risk, Boost Efficiency

Events

Live Events:
Advanced Trading's Buy-Side Trading Summit
November 15 - 17, 2009


Marketplace

Career Center


Ready to take that job and shove it?

Function:
Information Technology
Engineering
State:


Keyword(s):

Browse By:
State | City

Techweb
Informationweek Business Technology Network
InformationweekInformationweek 500Informationweek 500 ConferenceInformationweek AnalyticsInformationweek Events
Informationweek MagazineGlobal CIOIWK Government ITbMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingPlug Into The CloudDr. DobbsContentinople
space
TechWeb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0Mobile Business ExpoNoJitter
Black HatGTECEnergy CampCloud ConnectEnterprise Cloud SummitCloud Summit ExecutiveGov 2.0 ExpoGov 2.0 Summit
space
Light Reading Communications Network
Light ReadingLight Reading AsiaUnstrungCable Digital NewsInternet EvolutionPyramid Research
Heavy ReadingLight Reading LiveLight Reading InsiderEthrnet ExpoTelco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems and TechnologyInsurance and TechnologyWall Street and TechnologyAccelerating WallstreetBST SummitBuyside Trading SummitIT Summit
space
Microsoft Technology Network
MSDNTechNetTotal IT ProTotal Dev ProTotal IT Pro CommunityTotal Dev Pro Community
space