Security Attacks Increasingly Motivated By Greed

earthstar writes "E-commerce has emerged as the "single most targeted industry" according to the latest Internet Security Threat Report from security software provider Symantec, with hackers now appearing to be motivated by economic gain rather than notoriety. "We're seeing an increase in profit-motivated attacks," says Vincent Weafer, senior director of Symantec's virus research team. Also in Information week"

In other news.

[by Anonymous Coward]

It was discovered recently, that majority of activities of humans are driven by economic gain ...

Re:In other news.

[savagedome (742194)]

Absolutely. Nothing in this article except another futile observation passed on as a study.

If it contains money, they will come. Nothing new here. It has always been like that through the history of humankind. People used to keep money in the form of gold and *they* came. People started keeping money with their head of village and *they* came. People put the money in lockers/safes and *they* came. People started using banks and *they* came. Now people are using the web to store/trasnfer money and *they* are here.

Re:In other news.

[tomhudson (43916)]

... as if Symantec's activities aren't motivated by economic gain? Seems to me that Symantec needs virus writers, and that Symantec makes more $$$ than all the virus writers put together.

Re:In other news.

[Jakhel (808204)]

Infamous bank robber Willie Sutton was finally nabbed after his illustrious 30+ year career of theft and prison breaks. When asked by reporters why he chose to continue robbing banks after being incarcerated several times, he replied 'because that's where the money is'. Go figure, criminals committing crime for financial gain. Who woulda thunk it.

In OTHER other news.

[Artifakt (700173)]

But the Dillenger gang sometimes took a break from robbing banks to knock over a police station or two. There wasn't much money there, but it was fun freaking out the cops. In WW2, the US organized crime syndicates turned down repeated financial incentives from the Overseas espionage division of Hitler's SS, with the arguement that they were patriotic American citizens, not saboteurs and Nazi stooges.

Re:In other news.

[Tim C (15259)]

Nevermind "economic", the majority of human activities are gain driven, whether it be monetary, sexual, power/prestige/social standing or whatever.

Re:In other news.

[TykeClone (668449)]

Then you must not be married.

Because...

[Short Circuit (52384)]

...being a l337 hax0r isn't good enough for some people.

Yeah...

[Trigun (685027)]

They want to be a r1c|-| 1337 h4x0r.

Re:Because...

[Otter (3800)]

Yes, apparently the previous rounds of security attacks motivated by "Now this oughta get me laid!" fell short of their objectives, as it turned out there weren't enough Angelina Jolies and Halle Berrys to go around.

If we were all passing around those women,

[by Anonymous Coward]

Where do I sign, and where do I wait patiently for my turn?

the way it always works

[by Anonymous Coward]

This is the equivalent of the pinhead bosses for attackers. The creative ones lead the way and did something interesting (though morally problematic) by working out attack strategies. Now the PHB-equivalents come in and focus solely on lining their pockets. Yawn.

Trickle down Hacking

[by Anonymous Coward]

Hacking (despite what the movies tell you) has more often than not had a profit motive. From people screwing around with banks, to corps trying to get info on their competitors ect...

It seems now though more and more of the stupid amateurs are trying to get in on the Hacking for Fun & Profit gig.

Re:Trickle down Hacking

[Savage-Rabbit (308260)]

"It seems now though more and more of the stupid amateurs are trying to get in on the Hacking for Fun & Profit ..."

And unfortunately it seems to be working [theregister.com]. This little beast should be locked up, or at least made liable for damages. As is he will probably get a very lenient sentence which translates getting off more or less scot free. Let's just hope enough of his victims sign up [theregister.com] to ensure that he will spend a long while paying off the price of his little joke. If the norm for virus authors becomes a slap on the wrist in court closely followed by a fat job offer and not having to pay any substantial damages we are in for a Noah's flood of these idiots.

That's why...

[by Anonymous Coward]

...they are called crackers, not hackers.

Re:That's why...

[BRSloth (578824)]

... 'cause everybody knows that "A hacker do for love what others wouldn't do for money".

Re:That's why...

[arose (644256)]

So the guy tries to change the use, get over it.

Curiosity....

[Himring (646324)]

Many "kiddies" start out to "see what they can see" and end up stumbling upon something they perceive as serendipitous: a database of credit card numbers, a company's financial statements, etc. Once just curious, they "see green" and the gears start churning. Before too long they are making purchases with credit card numbers not theirs and/or they're trying to threaten/extort/blackmail a company into paying them money so they'll not release some damning information they've uncovered.

So for those who advocate the freedom to "see what I can see" take note of the small leap toward real criminal behavior....

Re:Curiosity....

[sczimme (603413)]

So for those who advocate the freedom to "see what I can see" take note of the small leap toward real criminal behavior....

Circumventing security measures (however weak) on someone else's system without permission is already real criminal behavior [cornell.edu].

Re:Curiosity....

[grasshoppa (657393)]

So for those who advocate the freedom to "see what I can see" take note of the small leap toward real criminal behavior....

What, from your imaginary made-up scenario? That's like the government leafs talking about how pot is a gateway drug. If you smoke pot, you'll do all these other drugs.

As with everything else, there are gradients. I do not doubt that some happen to do what you outline, but others get into "cracking" to learn how to steal, while others stumble on to something and quickly decide the

Is it me?

[Paulrothrock (685079)]

Is it Obvious Day on /. or am I just crazy?

In other news...

[by Anonymous Coward]

people have two legs! seriously, why was this posted? really, does taco have nothing better to post? quizzes about staplers and aol policies. YAWN! man, this site's goin downhill

Ha!

[StevenHenderson (806391)]

"We're seeing an increase in profit-motivated attacks," says Vincent Weafer, senior director of Symantec's virus research team."

Apparently Symantec's current marketing strategy wasn't working, so now they have to use profit-related scare tactics. "Vested interest" anyone?

It's more than just security...

[blcamp (211756)]

"Companies using e-commerce also retain a lot of data about customers, account numbers and personal information, and a lot of smaller businesses conducting transactions online don't put the money into security, so they become easy targets," said Donovan.

According to Donovan, many small businesses still do not have an "appropriate level of security".

The larger problem is that many small business do not have an appropriate level of *clues* about security.

Small business owners that are not tech-savvy are no better off than the average Joe Six-Pack that gets on the internet. Most unfortunately wouldn't know what it means to update your anti-virus/malware/spyware signatures, much less do it. By the time they do finally call for tech support their network and much of their IT assets, have been 0wn3d.

It's what happens when hackers go legit

[Progman3K (515744)]

When you're young and living in the basement of your parents, you can create network disruptions for fun, but when you get older and move out, you have bills to pay.

So you get a job, naturally, with your skillz, the people willing to hire you aren't exactly altruistic.

Re:It's what happens when hackers go legit

[Paulrothrock (685079)]

So one might say they have the skills to pay the bills? [lyricsondemand.com]

Re:It's what happens when hackers go legit

[Progman3K (515744)]

I figure it's a lot like gravity, Paul.

You gravitate towards what you're attracted to (hacking) and the more you run in those circles, the more there'll be people there to exploit you.

It's too bad hackers (should I be using the term "crackers", really?) don't have a highly-developed sense of ethics.

Like other scientists, they end up making tools that can be used to harm people, but maybe a combination of factors makes them even LESS ethically pre-occupied than most scientists.

If you can indeed call hack

Stats? oh.

[wombatmobile (623057)]

.

"We have seen a pretty rapid shift in the style of threats by hackers as they focus more on key-logging and phishing scams for financial gain," he said.

Oh really? Is Symantec able to quantify an increase in the number of "hackers seeking financial gain" that would qualify the headline of the article? I don't see any stats.

"Companies using e-commerce also retain a lot of data about customers, account numbers and personal information, and a lot of smaller businesses conducting transactions online don't put the money into security, so they become easy targets," said Donovan.

Oh. So businesses should give money to Symantec, right?

The article is lacking in a lot of detail

[antifoidulus (807088)]

I mean are these people like convience store robbers or jewel thieves? Convience store robbers are thieves of opportunity, they just see a place that seems vunerable and hit it. Do the attackers just release exploits out into the wild(or just use other peoples exploits) and see what sticks?
Or are they more along the lines of jewel thieves, carefully staking out their victim and carefully planning their heist. My guess is that they are more like the former than the latter, but the study doesn't really sa

Turnabout

[freeze128 (544774)]

This is just payback for all the hackers that became day-traders a few years ago. Now, stock brokers are trying their hands at hacking....

What is amazing ...

[WindBourne (631190)]

is that this is purely about money. And yet it is IIS and MSIE that are targeted, not Apache and *nix. I guess that must be becuase IIS has the vast majority of the market and therefor the money folks go for the larger number of machines. [netcraft.com]

Re:What is amazing ...

[antifoidulus (807088)]

From TFA:
"We're seeing an attempt in exploiting Linux environment and as it becomes more widely deployed it will become more of a target," he said

Money vs. FXP

[Sheepdot (211478)]

I disagree entirely with the conclusions the media proposes on a regular basis. I suppose being a moderator of a "script kiddie" security forum (or so it has been called by those that don't like our audience) at www.governmensecurity.org means that I'm out of the loop as to what true hackers are doing.

The reality is that North and South American hackers are primarily motivated to participate in FXP, or file-sharing using their compromised computers. Russian hackers work with US companies to sell spam drones. German hackers do a mix of both but mainly use their computers to compromise more. Canadians DDoS other hackers. I don't intend to generalize, but it is important to note that the primary objective here is *still* file sharing.

Sites like www.packetnews.com and the like have XDCC searches that help people find free software, like Sims2 the week it comes it. Some movies come out before they are in theatre. I remember seeing Mr. Deeds a month before it came out and Signs about two weeks before it came out.

You don't get that kind of dedication from most hackers. In fact, I would venture to guess that the Russian groups that are doing the majority of the spambot installations have one or two knowledgable people in them, and that is essentially it. The others that work with them are just trying to siphon money. Still, there are a good deal of them with 0-day IE exploits, but unfortunately they haven't been well to adapt to one of the changes Microsoft made blocking an easy way to get files to your computer.

Now, if these guys were bright, they'd keep using the same method and just change the registry so that they can use that method. But it would appear that they don't know how to do that. SP2 also seems to be causing some trouble.

Profit by way of spam relays perhaps

[Maestro4k (707634)]

It's still profit motivated but judging by all the news of late, not to mention the number of spams coming from open (generally zombified PC) relays I'd say the number one motivator for attack is to gain new machines to use to shove spam through.

It's not just attacks though, seems nearly every security threat (worms, viruses, hacking attempts, etc.) are all converging on one overriding purpose -- SPAM!!! Someone hacked your server? They've probably installed a trojan that makes it a zombie spam relay. User clicked on the blatantly obvious virus in their E-mail and infected their system? It's now a zombie spam relay. Worm managed to get into an unpatched system? Yay, another zombie spam relay!

Even a few years back I felt a lot of hacking and virii/worms were caused by script kiddies playing with hackers tools they found online. Nowadays it's starting to look incredibly organized and methodical. It makes you wonder who's really behind the whole thing. It's getting to be far too orderly (from a spam relay acquiral front particularly) to just be lots of independant greedy folks with no morals trying to make a quick buck. Not to sound like I'm wearing a tinfoil cap but I'd say it's a fair bet that organized crime has moved into the arena and taken charge behind the scenes.

wearing a tinfoil cap

[dpilot (134227)]

How about them there Evil Terrororists?

Hide your messages in spam with steganography and broadcast them. This way, traffic-flow-based techniques won't work.

By this premise, the DHS has a valid and critical reason to go after spam and zombies.

In other news....

[by Anonymous Coward]

Enron and many other companies have been seen to steal money from innocent citizens. Flying directly in the face of previous accounts that said this was for charitable purposes, accounts are now saying that these deeds were based strictly on greed.

Crime = greed? Wow! that is news.

Another side effect of the .crash

[qbzzt (11136)]

Five years ago, if you were l33t (= had a few technical skills you could show off), you could work for a .com and get big bucks just for showing up. Now that most .coms are .deads, getting money for technical skills is harder.

It makes sense that as legit jobs are harder to get, some people, especially those who got addicted to the easy money, will look for non legit work.

GREED!

[Prince Vegeta SSJ4 (718736)]

Greed, for lack of a better word, is good. Greed is right. Greed works. Greed clarifies and cuts through and captures the essence of evolutionary spirit. Greed in all of its forms, greed for caffein, for FLOPS, for frags, knowledge has marked the upward surge of mankind. And greed, you mark my words, will not only save OSS, but that other malfunctioning corporation called Microsoft.

A sad sign of maturity for e-commerce

[wheelbarrow (811145)]

This has been the way of things since the beginning of time. For each accomplishment that results from hard work, inventiveness, and bonds of trust there is a group of free loading dirt bags that will exploit it's weaknesses for selfish gain.

E-Commerce is big enough now to attract the attention of criminals. I suppose that's an expected milestone for E-Commerce. The cowboy days of fast progress in an arena of trust and goodwill are over.

Newsflash:

[justforaday (560408)]

Symantec is releasing daily reports, apparently motivated by economic gain.

Helllloooo????

[Pig Hogger (10379)]

Could there be a relation to the fact that IT jobs are going into the crapper????

When times are good, crime is not attractive. But when things are really doing bad, crime becomes more and more attractive...

Wake up and smell the coffee

[gtrubetskoy (734033)]

hackers now appearing to be motivated by economic gain rather than notoriety

So in the past all these people who pay spammers to send out millions of e-mails every hour asking to "update your account", sign up for web hosting accounts to set up phishing sites with stolen credit card numbers, extort money from companies by threatening DOS attacks, set up vast networks of zombies... ...were motivated by notoriety???

Now that cracking has a business model...

[Dr. Manhattan (29720)]

A few dacades back, some paelontologists thought the dinosaurs were killed by plagues that the little mammals were fortuitously immune from. That theory has fallen into disfavor, but I wonder these days if that pattern might actually play out with Windows vs. Linux/Mac/etc.

Now that there's (at least apparently) a viable business model for cracking machines, I think maybe Windows, which is fundamentally unsecurable partly by design and partly by historical practice Microsoft can't/won't break from, will just get overwhelmed. Certainly most of the home Widnows computers I run into have at least one spyware infection, and some are so infested as to be unusable.

Of course, in nature the really virulent pathogens tend to evolve into less nasty forms - killing off all your hosts is not a good long-term strategy. The spyware and zombie bots might become less overtly intrusive and more 'asymptomatic'. Imagine the future of computing... most computers carry some 'viral load' more or less constantly... [shudder].

Online fraud... helping Linux/OSS adoption?

[terrencefw (605681)]

As the owner of an online store (see .sig), I get to see the nasty end of online fraud more often than the average Joe.

I get at least one purchase made by a stolen card every week, and in some instances I've been able to trace the owner of the card details.

In every single case, they've told a tale of how their PC got trojaned a few weeks back and they had to get it cleaned up. They're always quite shocked to learn of the real effects of what happened. Up until then, they just see it as an inconvenience and something you just have to put up with once in a while, like unblocking the kitchen sink.

Sometimes though, they review their credit card statements and find other small purchases that they're overlooked, then realise that they had been screwed little by little over a long period.

In every case, they've been more than happy for me to send them a copy of TheOpenCD or Knoppix so they can either install Moz or use Linux at least for their online stuff.

The recent activities of the botnet barons and phishers have certainly caught the attention of the mainstream press though, which is great publicity.

Linux under attack, sez Symantec

[SysKoll (48967)]

Quoteth the ZDNet article: Donovan predicts that phishing and spam will increase by the next report, and open-source software, such as Linux, will become a bigger target on the hacker agenda.

"We're seeing an attempt in exploiting Linux environment and as it becomes more widely deployed it will become more of a target," he said.

Oh really? Donovan being the Director of Symantec, this means his company is seeing exploits on Linux?

That's front page news. Who? Where? What vuln? Which distro?

Or do you mean "we think we will see"? That's not quite the same thing, Sym-boy. Careful with that FUD gun, will ya. You're gonna shoot your other foot too.

Then again, if you think of it, companies like Symantec are part of the vast cottage industry that popped up for the sole purpose of plugging the leaks of Windows. The last thing they need is more Linux boxes around. Hence the FUD.

virus scanning like using a condom with a hole

[codepunk (167897)]

All of this virus scanning stuff is like using
a condom with a hole in it. I cannot even remember the number of owned machines I have fixed the last couple of months with a virus scanner installed and sitting behind a firewall. In nearly every case the machines are being exploited through the browser or preview in outlook. I run a virus scanner on a system now as a initial pass but then go to the process list to see how many bots are running on the machine collecting and sending data.

If enjoy sharing your credit card information with internet vandals keep using Windows and Internet Explorer.

Security Articles Increasingly Motivated By Greed

[m1kesm1th (305697)]

earthstar writes "Fear among pc users has emerged as the "single most targeted industry" according to the latest opinions from IT users with news releases by security software provider Symantec now appearing to be motivated by economic gain rather than information. "We're seeing an increase in profit-motivated attacks," says Area man. Also in Information week"

No "Economic Gain" Here

[IAmMaxHarris (750973)]

It's wrong to use a phrase like "economic gain" to describe the money stolen through criminal actions like fraud and extortion. People who do this are destroyers of economic value, not creators of it.

Self-Administration Needed

[ObsessiveMathsFreak (773371)]

The problem with computer security, with windows PCs in paticular, is that the OS administration is still designed with the expectation that the PC resides on a token ring network with no net connection, or one that goes through a Unix mainframe. Currently all operating systems seem to expect a sysadm to be a phone call away in order to be updated, patched and administered.

This is clearly unrealistic. We already know that this expectation coupled with the obvious lack of systems administrators for lone PCs, has lead to a great many slashdotter being the de facto sysadm for their friends and family. Clearly this solution falls on its ass when faced with PC owners with no such tech head to call upon. These PCs are probobly doomed to become spam zombies or to take part in DDOS attacks.

It's 2004, not 1984. Most PCs will likely never even be looked at by someone who can admisister them. I'm not just talking about patching and updating virus scanners. What about simple tasks like defragging? Does anyone really think that Aunt Tilly will defrag her PC? What about firmware updates?

At this point PCs should support self administration and self diagnostic and repair. Before you laugh me out off the board, I know that feeble attempts at this have failed miserablely(Windows autoupdate, system restore). But in the age where four year olds, business students, lawyers and Aunt Tillies everywhere are using broadband connected PCs and haven't a clue how to keep them up and running, it's either MUCh better selfadm or you and I will have to become fulltime sysadms.

Re:Payoff

[lachlan76 (770870)]

Well, any investigation will probably be a lot faster and more thorough if there's money involved than if someone just gets root access and leaves.

Most things people do are for money. Sex too, but if you can hack, you're already precluded from the latter ;)