Hacking: Its a Mad, Mad, Mad New World

 
 
By Stan Gibson  |  Posted 2001-01-01
 
 
 

"Spy vs. Spy" is Mad Magazines classic cartoon that pits two virtually identical characters against each other in an espionage and dirty-tricks contest that never ends. Great news: Hacking is heading straight into "Spy vs. Spy" territory as it moves into its next phase, the for-profit era.

It is a natural and predictable progression. Youll have to admit, the exploits of hackers who merely spread viruses and took down servers was getting stale. Vandalism is a low form of antisocial behavior. Eavesdropping and theft of secrets are of a higher order. Thats about the most positive spin that can be put on this development.

Several recent news items show that the new era is fast upon us—for example, the hostage-taking of some 55,000 credit card numbers at Creditcard.com. Not long before, a cracker was discovered to have been siphoning money into his bank account from the gas pumps of a local service station. There are other crimes waiting to be perpetrated, if they havent been already, including the electronic laundering of illicit money through offshore bank accounts and holding confidential medical information hostage, to name a couple. And the growing use of less-secure wireless networks—not to mention the physical theft of laptops—will create even more seams of vulnerability.

How bad is it?

"Its really easy to crack systems these days," said Don Reifer, president and CEO of Reifer Consultants, of Torrance, Calif. Reifer has abandoned home banking and given up DSL in favor of a 56K-bps modem because of security fears.

Still, IT managers must find a way to deal. For example, if a cracker obtains access to your corporate system, you may want to use "honey pot" data to fool the intruder into thinking that he or she has discovered valuable data. All the while, youll be tracking his or her actions in an effort to gather evidence.

Here at eWeek, well do our best to bring you news of the latest security breaches and how to deal with them, but in general, news will not be easy to come by. Why? The same reason the CIAs PR department is probably the smallest bureau in all of government.

Reifer estimates that we hear about no more than 20 percent of all security breaches. The grim truth is that, as I write this, the most outrageous and damaging breaches probably havent even been reported.

Rocket Fuel