Wall Street & Technology: Blog
subscribe June 20, 2007

The Multi-Billion Dollar Hacking Industry

It is a multi-billion dollar industry. Today’s IT attacks are regional, targeted, going after specific people and companies in the world, and entirely driven by profit, according to David Rand, CTO of security firm Trend Micro.

“Yesterday's hacker was typically aged 15 to 34, had no girlfriend and was living with his parents. This is no longer true today,” Rand told the audience at the SIFMA trade show.

Hackers used to break into computers just to prove a point. “But today, hackers are professional, motivated, have lots of cash and are doing it for the cash. It’s all about the money and the money is huge. It’s all profit driven. That’s a remarkable change in the last ten years,” he said.

Rand said that in today's underground economy, users’ stolen account information is currently priced at $1000-$5000, a credit card number with pin is valued at $300, birth certificate information goes for $150, while a credit card number with security code and expiration date is currently valued at $7-$25.

Rand pointed to a dramatic shift to web-based threats. Users are clicking on a malicious URL in an email or an instant message, and redirected to compromised Web sites. "Often software or freeware is bundled surreptitiously with malware,” Rand said.

He cited the example of a malicious site claiming to show a Web video of Saddam Hussein’s execution. But when users clicked on it, they unwittingly downloaded spyware.

Last week, the FBI and the Department of Justice said they had identified over one million potential victims of botnet cyber crime.

A botnet is a collection of compromised computers under the remote command and control of a criminal “botherder.” Most owners of the compromised computers are unknowing victims. They have unintentionally allowed unauthorized access and use of their computers facilitating crimes like identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware.

Infections today are designed not to interrupt normal business, Rand said. They stay hidden to users as long as possible. “They install updates but they’re clever – they don’t even ask you to reboot, so you never notice. They’re more clever than legitimate software makers,” he said.

In the last two years, there have been more than 300,000 new versions of malware – more than in the last 15 years as a whole, Rand said.

Posted by Melanie Rodier at 09:44 AM



This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.


CHECK THIS OUT

Novell Real Time Linux Webcast Series
In order to succeed, companies must be able to respond quickly, deliver superior value and quality of service, and carefully manage their costs. In this series of brief webcasts, you will learn how SUSE Linux Enterprise Real Time from Novell enables organizations to respond quicker by delivering low latencies, deliver increased value with fast response times, and better manage costs.

Events

Live Events:
Accelerating Wall Street 2
October 02, 2008

Buy-Side Trading Summit 2008
November 16-18, 2008


White Papers

Level 3 Connectivity Kit
Stay ahead of the bandwidth curve. The Level 3 Connectivity Kit provides full resources to help you make informed decisions regarding your network infrastructure. Download the Data Center Networking Strategies for Financial Services Firms White Paper; Business Class Ethernet: Trends in Perspective eBook and BC/DR Best Practices for the Data-Intensive Enterprise Gartner Webcast

Surviving and Thriving in a Challenging Market
Learn how financial services firms can use customer-centric strategies and tools to maximize client value and loyalty, gain insight into new opportunities, and do more with less, counteracting market volatility.

Marketplace

Career Center


Ready to take that job and shove it?

Function:
Information Technology
Engineering
State:


Keyword(s):

Browse By:
State | City
techweb
Online Communities TechWebInformationWeekLight ReadingIntelligent EnterprisebMightyNetwork ComputingDark ReadingDigital LibraryWall Street & Technology
Byte & SwitchNo JitterInternet EvolutionLight Reading's Cable Digital NewsContentinopleUnStrungBank Systems & TechnologyAdvanced TradingInsurance & Technology
Face-to-Face Events
InteropWeb 2.0 ExpoWeb 2.0 SummitVoiceConBlack HatCSISoftwareEntrprise 2.0 ConferenceGTEC
Mobile Business Expo
InformationWeek 500 ConferenceBuy Side Trading XchangeBuy Side Trading SummitBank Executive SummitInsurance Executive SummitTelcoTVEthernet ExpoOptical Expo
Magazines  
InformationWeekWall Street & TechnologyInsurance & TechnologyBank Systems & TechnologyAdvanced TradingMSDNTechNetSmart EnterpriseThe Architecture JournalDatabase Magazine
 
Research & Analyst Services  
Heavy ReadingInformationWeek ReportsInformationWeek Analytics