Early warning

Certain regions are more intensive breeding
grounds for the new profile of hacker. Currently, Russian-speakers form
one of the leading types of Internet attackers. They may or may not
reside in the former Soviet Union or be connected with organized crime.
But Russian hacking has gone mainstream as evidenced in part by two
popular publications in the Russian-speaking hacker world, Xakep
(Hacker) and Xakep-Spets (Special Hacker). A recent special issue
highlighted how to conduct credit-card hacking, or “carding,”
especially against American targets. Russia’s depressed economy and
growing technical abilities make it fertile ground for organized cyber
criminals and probably thousands of freelancers, who see hacking and
malicious code creation as their best chance for financial gain. Many
express post-Cold War attitudes that Americans are well-off and deserve
to be targeted, posing serious financial implications for the future.

Beyond these attitudes, there are technical
threats. Postings on a Russian hacker-for-hire website, for example,
advertise the “high pay” going rate for hackers to crack corporate
networks or launch so-called “elite” denial-of-service attacks. While
authorities can try to monitor this, it’s often impossible for
outsiders to know the targets — until damage has been done. And finding
the perpetrators is usually extremely difficult. With high rewardsand
low consequences, all indications are that “contracted” hacking and
routine attacks will continue to disrupt American network security and
threaten financial institutions, many of which are understandably quite
reluctant to draw attention to the problem and compromise their
reputations. Many appear to write off these hacker attacks as one of
the costs of doing business, but the problem will likely worsen over
the long  term.

In another case, a Russian hacker openly
advertises to “modify” Trojan horse programs for as little as $10
apiece, to ensure they evade major anti-virus software (with a supposed
100 percent guarantee). Though he says he will not modify harmful
viruses — “only Trojans,” because he is personally opposed to data
destruction — the net result could be far more harmful. Those who buy
these “modified” Trojans likely hope to silently reach networks rich
with sensitive data. This hacker, and countless others like him, can
quickly earn hundreds of dollars and give other criminals the means to
infect American organizations that assume they’re protected.

The trend holds significant consequences for
average Americans and overall national cybersecurity. So far, the
government and private-sector response has been largely reactive in
nature. This threat, however, requires a unique strategy of uniting
consumers, organizations, intelligence analysts, law enforcement and
the financial-services community to stem this problem before it gets
worse. While it cannot be stopped entirely, this threat can be reduced
through coordinated joint action. HST

Jim Melnick is director of threat intelligence for Reston, Va.-based iDEFENSE, an independent cyberintelligence company.

(Visited 6 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply