Online, in print, on TV, and on the radio, report after report claims that malicious hacking is "more sophisticated than ever before." The media seemingly wants the world to believe it's besought by impossible-to-stop uberhackers with supersophisticated tools and skills.
The reality is far different: Malicious hackers are using pretty much the same old tools and exploiting the same old weaknesses. However, companies and end-users aren't doing what they need to defend themselves. Anyone who promotes today's attackers and their tools as near-invincible is doing a serious public disservice.
[ Download Roger Grimes's new "Data Loss Prevention Deep Dive" PDF expert guide today! | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. | Get a dose of daily computer security news by following Roger Grimes on Twitter. ]
Attackers' strategies and techniques have not changed since computers were invented: malware, buffer overflows, social engineering, password-cracking, and so on. With very few exceptions (such as dynamic botnets), nothing has changed -- except for the fact that the intruders are doing more with the access they get.
For example, there's a new rootkit called Mebromi that modifies computer motherboard BIOs to make detection and removal more difficult. That's slightly interesting -- but not new: The CIH virus did this quite successfully in 1998. Malware that encrypts data and holds it hostage for payment always makes headlines. The AIDS Trojan horse program did this in 1989.
The most common ways of compromising servers -- application exploits and SQL injection -- are more than 10 years old. Even the most popular end-user attacks -- fake antivirus programs and exploits of unpatched programs -- have been around forever. The first fake antivirus program appeared in 1989 and masqueraded as McAfee software. John McAfee started using digitally signed programs shortly after, and the rest of the online software industry followed suit.
