Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
WiFi Finder
Locate wireless services by a specific address, city, state, country, airport, or zip code.
Hacker Conferences Highlight Security Threats
Reckless script kiddies who dominate hacker shows unwittingly create a major threat.
Dan Verton, Computerworld
LAS VEGAS -- This year's Black Hat Briefings and Def Con hacker conferences may have appeared more professional than in previous years, with an increased number of security professionals and government officials in attendance. But one thing the back-to-back events didn't produce, observers say, is a picture of an organized and mature hacker underground.
That's not necessarily seen as a good thing. The lack of maturity and organization may actually make less-capable hackers more dangerous to companies, according to many of the security analysts who were among the 5000 attendees at the two conferences last week. Through their reckless probing and compromising of systems, "script kiddies" and Web page defacers may unwittingly be doing the bidding of highly skilled cybercriminals, say the analysts.
"The fact that script kiddies will blindly launch scripts against large IP [Internet protocol] blocks without any thought as to who they are attacking makes them dangerous, especially for those administrators who do not take security seriously," says Mandy Andress, president of ArcSec Technologies.
Amateurs Stock Up on Ammo
Andress says she didn't see any significant new details about vulnerabilities or methods of attacking systems while attending the Black Hat conference. But there was "enough information for the script kiddies to make them just a bit more dangerous," she adds.
Although the hackers who attended the conferences represent a cross section of the hacking community, security officials say they're more concerned about those who weren't there. "The more sophisticated exploits that the pros use are not being talked about at Def Con or Black Hat," says Chris Klaus, founder and chief technology officer at Internet Security Systems. "A hacker conference is probably the last place [they] want to be seen."
"There are others who shun the spotlight yet firmly believe in their agenda to undermine and disrupt e-commerce and commercial use of the Internet," says Gerald Freese, director of intelligence at Vigilinx, a security firm that specializes in threat intelligence. "These are the veterans. These are the ones that we fear the most."
Increasingly, those veterans are overseas, says Klaus, whose company offers managed security services. Many hackers in the United States lack the economic motivation to commit real crimes, he says. But that motivation is higher in Russia and other countries where economic conditions are much worse, Klaus adds.
But while attending the Black Hat conference is like "going to a graffiti convention expecting to see those who design spray cans," many hackers actually are providing a public service, says John Pescatore, an analyst at Gartner.
"Before the vandal hackers became so prevalent, [software vendors] would take months before releasing a security patch--if they were even aware of the security bugs in their products," Pescatore says.
For more enterprise computing news, visit Computerworld. Story copyright © 2007 Computerworld Inc. All rights reserved.
Acer Laptop Center
Laptop Showcase
- Great year-end deals
for small business! -
Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!
-
HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!
- *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.
People who read this also read:
Best Prices on Security Software
Norton Internet Security 2010 - 3 UsersPrice: $26.30
Norton Internet Security 2010 - 3 UserPrice: $26.30
Internet Security 2010Price: $31.89
Norton 360 Version 3.0 - 3 LicensesPrice: $39.99
Total Protection 2010 - 3 UserPrice: $26.97
Norton 360 Version 3Price: $41.10
- 15 Minutes to a Secure Business Get the Secure in 15 toolkit starting with the "15 Minutes Month-at-a-Glance" calendar. McAfee will send you additional tools and tricks to stay protected around the clock.
- A Buyer's Guide to Data Protection Implementing data protection products and processes can be daunting. Make the right decisions by exploring what is available and what makes sense for your organization. Use this simple guide to evaluate different vendor offerings.
