Years ago the typical hacking scenario involved a lone attacker and maybe some buddies working late at night on Mountain Dew, looking for public-facing IP addresses. When they found one, they enumerated the advertising services (Web server, SQL server, and so on), broke in using a multitude of vulnerabilities, then explored the compromised company to their heart's content. Often their intent was exploratory. If they did something illegal, it was typically a spur-of-the-moment crime of opportunity.
My, how times have changed.
[ Verse yourself in 9 popular IT security practices that just don't work and 10 crazy security tricks that do. | Find out how to block the viruses, worms, and other malware that threaten your business, with hands-on advice from expert contributors in InfoWorld's PDF guide. | Keep up with key security issues with InfoWorld's Security Central newsletter. ]
When describing a typical hacking scenario, these days you must begin well before the hack or even the hacker, with the organization behind the attack. Today, hacking is all crime, all the time, complete with bidding markets for malware, crime syndicates, botnets for hire, and cyber warfare gone amok.
Here are the nine biggest threats facing today's IT security pros.
Threat No. 1: Cyber crime syndicates
Although the lone criminal mastermind still exists, these days most malicious hacking attacks are the result of organized groups, many of which are professional. Traditional organized crime groups that used to run drugs, gambling, prosecution, and extortion have thrown their hats into the online money grab ring, but competition is fierce, led not by mafiosos but several very large groups of professional criminals aimed specifically at cyber crime.
Many of the most successful organized cyber crime syndicates are businesses that lead large affiliate conglomerate groups, much in the vein of legal distributed marketing hierarchies. In fact, today's cyber criminal probably has more in common with an Avon or Mary Kay rep than either wants to admit.
Small groups, with a few members, still hack, but more and more, IT security pros are up against large corporations dedicated to rogue behavior. Think full-time employees, HR departments, project management teams, and team leaders. And it's all criminal, no more funny messages printed to the screen or other teenage antics. Most operate in the open, and some -- like the Russian Business Network -- even have their own Wikipedia entries. Kind of makes you wish for yesteryear, doesn't it?
Specialization and division of labor are at the heart of these organizations. A single mastermind, or an inner circle, will run the collective. Sergeants and subdivisions will specialize in different areas, with an arm dedicated to creating malware, another dedicated to marketing, another that sets up and maintains the distribution channel, and yet another in charge of creating botnets and renting them to other evildoers (see below).
It's little wonder why popular IT security practices just don't work against today's malware, given that cyber crime has evolved into a multilevel, service-oriented industry with the blatant goal of fleecing companies and people out of their money and intellectual property.