Hackers Evolve to Target Our Information.
While we are all aware that the amount of information we store digitally is increasing, what we may not be so aware of is that the type of information we are storing online is changing and that hackers are looking to leverage that new information and use it to make hundreds of millions of pounds.
A (http://www.ibtimes.co.uk/articles/356391/20120626/data-worth-50-company-value.htm) recent survey by security firm Symantec, called (http://www.symantec.com/connect/blogs/digital-information-costs-businesses-11trillion-are-we-getting-our-moneys-worth?om_ext_cid=biz biz
Noun 1. _socmed_twitter A Web site and service that lets users send short text messages from their cellphones to a group of friends. Launched in 2006, Twitter (www.twitter.com) was designed for people to broadcast their current activities and thoughts. _facebook_marketwire_linkedin_2012Jun_worldwide_StateofInformation) State of Information , put the global cost of digital information at [pounds sterling]714bn, with 50 percent of every business' value tied up in this data. According to according to
1. As stated or indicated by; on the authority of: according to historians.
2. In keeping with: according to instructions.
3. Symantec, there is currently 2.2 zettabytes of information being stored by businesses around the world, including confidential customer information to intellectual property to financial transactions. It is this information which hackers are now targeting.
So, not only has the threat from cyber-criminals changed completely, but the data which we now need to protect has evolved too. Digital data used to be fairly structured and relatively easy to protect. It was lists of numbers and account names.
Today however the information criminals are after is much less structured and therefore harder to defend against. The type of information we are taking about is ideas, knowledge, intellectual property, designs, blueprints, contracts etc.
"It used to be that data, when we were looking at it through our IT systems, was very structured. We understood what it was, we understood where it was located, and we understood who had access to it, because it was a fairly limited amount of access points into that data," Didier Guibal, executive vice president of global sales at security firm Websense told
Guibal added that not only is the type of information stored by companies different, the systems used to store it are different too. "The last three or four years has seen an explosion in different infrastructures and different access points from more staff or employees into the world."
"The bad guys have leveraged those opportunities. To us, these are an opportunity from a business perspective and that is exactly how the bad guys think about it too."
Back in the 1990s security companies and IT managers only had to worry about kids looking to make their mark on the newly-minted World Wide Web, by simply tagging it, Today however things are very much different.
Kids soon grew tired of hacking for the sake of it, and discovered hacking was a very lucrative way of making money. The most profitable hack that is known of was carried out by (http://en.wikipedia.org/wiki/Albert_Gonzalez) Albert Gonzalez who stole details of 170 million credit and ATM card An ATM card (also known as a bank card, client card, or cash card) is an ISO 7810 card issued by a bank, credit union or building society.
Its primary uses are:
Guibal said this morning that while stealing credit card and banking information is still taking place, increasingly companies calling Websense are seeing different types of information being targeted.
"They [hackers] are trying to leverage information to generate huge amounts of money." One high profile example of this was when hackers attacked the Nasdaq's computer system and remained inside the system for 6 months without being noticed.
During that time, they were able to spy on directors of publicly held companies, according to (http://www.reuters.com/article/2011/10/20/us-nasdaq-hacking-idUSTRE79J84T20111020) sources who spoke to Reuters at the time. Listening to what is going on at board level would allow them to sell information collected for a very high premium.
An even more profitable system is the currency market and Websense has been previously contacted by the International Monetary Fund (IMF IMF
See: International Monetary Fund
See International Monetary Fund (IMF). ) who had detected that hackers were trying to access its network and uncover confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job"
steer, tip, wind, hint, lead which they could use to make hundreds of millions of pounds. "Where there is money there is motivation," Guibal added.
One of things which preoccupies many IT managers these days is where the threat is coming from. Who is out there trying to steal their information? Martin Jordan, Director of Information Protection at KPMG KPMG Klynveld Peat Marwick Goerdeler (accounting firm)
KPMG Kaiser Permanente Medical Group
KPMG Keiner Prüft Mehr Genau (German)
KPMG Kommen Prüfen Meckern Gehen said that it is so-called "script kiddies" who are keeping him in a job.
"I wouldn't be in business today [without a young hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. ]. He's my best salesman out there. No skills, doesn't know how to hack, but knows how to press a button. And he's got every chief executive in Europe worrying today that they are going to be published in the FT."
Jordan says that he and his fellow security professionals have been warning companies for years about potential threats to their data security, but it is only with the emergence of these young, inexperienced in·ex·pe·ri·ence
1. Lack of experience.
2. Lack of the knowledge gained from experience.
in hackers that CEOs have become switched-on to the threat.
Jordan, who has been in the business for over 20 years, says he has seen the hacking world "tilt on its access" in the last two years, with criminal gangs no longer looking to steal specific information, such as credit card numbers, but are instead brokering access to networks, which people can buy per day or per megabyte One million bytes, or more precisely 1,048,576 bytes. Also MB, Mbyte and M-byte. See mega and space/time.
(unit) megabyte - (MB, colloquially "meg") 2^20 = 1,048,576 bytes = 1024 kilobytes. 1024 megabytes are one gigabyte. .
"For some large defence contractors that could be $20-30,000 dollars per day to get access to the network." This system allows those paying for access to networks, be it companies, individuals or government, a level of deniability.
"It's allows the criminal gangs and governments yet one further edge of deniability. The internet offers fantastic deniability but then if you go through a criminal gang to access a network, you go one stepped removed from that."