The best way to protect your networks is to think like a hacker, and the best way to find out what hackers think is to spend some time on their public discussion boards. This is exactly what the analysts from Imperva, a security research firm, did and the results are intriguing. In last month's Hacker Intelligence Report #13
, they looked at one of the largest discussion forums (they don't reveal which one, but it has a quarter of a million members) and found the following:
- SQL injection is now tied with DDoS as the most discussed topic. Exploits are still quite popular, and defenses are still inadequate.
- Social networks today are a major interest of hackers, and quite useful exploit tools.
- E-whoring (selling fake porn) is becoming one of the most common methods for beginner cyber criminals to gain easy money.
New hackers, said the report, come to this particular forum to learn, while the more experienced gain "street cred" and recognition by instructing them. "Typically, once hackers have gained enough of a reputation, they go to a more hardcore, invitation-only forum." Imperva also looked at more than a dozen smaller venues, many of which make money through advertising and offering other paid services. They even have a freemium model: offering modest tools for free in the hopes that buyers will come back and pay for more capable ones. All transactions are done to assure anonymity, using BitCoin or Paypal, for example. Lists of Twitter or Facebook followers can be had for pennies per individual ID. The term e-whoring was new to me, but the con is as old as the second oldest profession it it stems from. A mark is sent an email or a chat room message from someone purporting to be a model with photos or videos of herself. He's sent a few samples, then transfers money directly to the scammer. The hacker forums are filled with sample language to get the best results, and lessons on how to be more believable online. With all the free porn available online, you wouldn't think that this scam would be so popular, but when someone can convince a mark that he's dealing with a real person, it works. Essentially, this approach is all about the sale of special moments. So what can we learn from this? Hacking forums are the gateway drug for this subculture, the place where beginners learn the tools of their trade. For those of us who need to get into the heads of these people, cruising around to see what's offered can help. Next, learn about how SQL injection works. (You can read my own white paper on the subject. The link's below. I published it years ago but it's still valid.) Finally, get smarter about social networking. Look at advanced firewalls or IDS's that can examine their behavior and get some visibility across your network.
Image: Mind Power