Rabitə və İnformasiya Texnologiyaları Nazirliyinin elektron xəbər xidməti
Hackers get busy training a new generation of attackers
Security researchers have analysed the online conversations of a quarter of a million hackers to uncover the lengths cyber crooks are going to to train the next generation of black hats.
Researchers at security firm Imperva tracked an explosion of activity on the forums, raising fears that swathes of new would-be hackers are being taught how to instigate business-crippling and illegal hacks.
The researchers identified the number of discussions about attacks growing on average 157 per cent year-on-year from 2007 to the present, with the variety of attacks also rocketing.
“There’s been a debate over whether hacking is on the rise or whether we just take more notice of it. I think our research shows there’s more hacking going on,” said Rob Rachwald, director of security strategy at Imperva.
Imperva undertook the research in an attempt to “get a good glimpse into the heads” of these would-be attackers, said Rachwald.
Many of the discussions around distributed denial of service attacks, zero-day exploits, SQL injection techniques and brute force attacks, were expected, but what stood out was a readiness to help budding hackers, said Rachwald.
Hackers are intent on creating social networks to help train newcomers and perfect strategies for launching attacks on others, said Rachwald. “They dedicate a lot of time and effort to training,” he told Computing.
Such willingness to welcome new members will make life more difficult for those trying to secure their organisations' data.
“You can deploy whatever technology tools you like, and change businesses processes, but until you can understand the psychology of hackers and do something to prevent young people – primarily young boys – being attracted to hacking, it will remain a problem,” added Rachwald. The activities of hacking groups such as LulzSec, which attacked numerous high-profile organisations this year, may have created a mythology and appeal around hacking.
Earlier this week the US Department for Homeland Security circulated a memo warning government agencies that members of the online group Anonymous were likely to increase the number of attacks on industrial control systems. Rachwald called on computer science courses to pay greater attention to hacking, so that students would be more aware of the risks.
“You need to teach people that what we’re fundamentally talking about here is information theft, that it’s illegal, and the price you pay for getting caught is high,” he added.
19/10/11 Çap et