10 reasons why the Black Hats have us outgunned

So, you want to be a hacker? It's as easy as...


Here they are:

  1. The Black Hats form a well integrated community that shares knowledge effectively.

    Should you, after months of research and effort, create an exploit that allows you to hack Windows or any other frequently used software product, you can auction the exploit on the internet in a well organised manner. Yes, the hackers have their own auction sites (it's true). And if you're looking to write a virus, say, well, there are hundreds of sites out there that can provide you with source code to help you construct something really fiendish. Different modules for setting up a mail server or planting a specific Trojan or whatever. Open source is all the rage, even among hackers.

  2. Becoming a Black Hat is a career option even for those who are not super geeks.

    Time was when Black Hats needed to have a computer science degree or a similar level of exposure to computer technology in order to operate effectively. It's comforting to know, should you want to become a Black Hat, that the barriers to entering the trade are much lower now. It's true that you'll never become a "legendary Black Hat" if you can't cut a little C++ code. Nevertheless, out there on the internet there are websites where you can buy fully functional software for launching exploits that others have written for you. Yes, there are indeed hacker-devoted software products freely available for purchase by anyone capable of installing software. $200 or so should buy you something useful (including updates).

  3. There are even specialist virus tools designed to circumvent specific AV products.

    You know how it is. You want revenge on some company or other who sold you something that turned out to be dud and refused to allow you to return it. So you send them a virus or two, but you just can't seem to infect them because the AV technology they use has the signature of every virus at your disposal. Have no fear. The same software vendors that can sell you exploit tools also have specific viruses for sale which are guaranteed to get around any specific AV product that you can name. There's one for Norton, one for McAfee, one for Kaspersky, and ones for AV products that you may never even have heard of. Hell, there's lots of specialist software out there. If you have a budget in the $1,000 to $5,000 region, you can even buy Trojans that are purpose built to steal credit card data and mail it to you.

  4. There are SDKs for the more advanced hackers.

    "OK, nice to know that lame-brains can become hackers, but I'm more ambitious than that. I want to cut code with the best of them. I want to be a genuine fully fledged bad-ass Black Hat". Well Cinderella, you can indeed go to the ball. To get started all you'll need is one of those comprehensive hacker SDKs (cost about $320, but hey you can't be a carpenter without tools can you?) Yes, there are indeed such products for sale out there. It helps if you can read Russian, by the way, given the limitations of Babel Fish.

  5. There's a market for your data.

    "OK, I go out onto the net and try an exploit here or there and I hit pay dirt - a whole file of thousands of credit card details. What do I do now?" My advice to you dear boy, is forget about trying to buy stuff on eBay or Amazon with all that stolen data. Simply sell the data and leave it to someone else to do all the dirty work. How much to sell for? Well it depends, but you should be able to get $30 per credit card as an absolute minimum and if you've got really lucky and managed to get the PIN number of the card (a difficult data item to get your hands on) then it should be close to $500 per card. Yes, there are markets out in cyberspace where you can sell data - not just credit card data, but Social Security Card data (for US citizens), birth certificate data, billing data, and driving license data (all of which can be used to set up bogus bank accounts).

  6. There are botnets to rent.

    Don't tell me, let me guess. You've got a great scheme in mind to flood the world with a particular kind of spam and it's bound to pay off. But you just don't have the computer power you need. Let me introduce you to an Asian friend of mind who's been established in the Black Hat trade for a year or two. He repeatedly floods the internet with Trojan viruses to continuously assemble and grow a botnet. He has to keep on doing it because every now and then PCs get cleaned and fall out of the net and anyway the bigger the botnet the more the commercial opportunity. My friend will rent you a portion of his botnet for 20 cents per PC per day (roughly current rates) and he'll throw in a whole database of email addresses too. He thinks of himself as an Internet Service Provider.

  7. Some rogue websites are very subtly managed.

    You're thinking of setting up a website with some "poisoned downloads" and perhaps even a script or two which runs in the browser and will infect visitors with a virus given half the chance, but you've heard of security companies that send spiders round the web examining sites and testing for malware, so they can put you on a blacklist. So what's the point in putting in the effort if it all comes to nothing? Well don't despair. I know a Black Hat who keeps an up-to-date list of the IP addresses of all those spiders. He'll rent it to you and you can build the site so that it presents innocuous executables to the spiders and infects everyone else. Would I steer you wrong?

  8. Good hackers know how to stay safe (they stay abroad)

    It's what may keep you up at nights. You've pulled off some real coups; stealing data here and there, setting up a healthy spam business, arranging a few rogue auctions on eBay, assembling a sizable botnet and so on. Then the news breaks that a hacker in Denmark has just been arrested and the net is awash with pictures of him. It looks like he's going to spend years and years in a place where champagne is never served. That must be the third hacker arrest this year - dammit this is becoming a dangerous profession. Sometimes hackers even get caught. Well, please bear in mind that 30 percent of all Black Hat activity is in the US and, well, it's not often that you hear of a US hacker getting banged to rights. I mean the average bank robbery with a gun in the US nets less than $10,000, while the average bank robbery with a PC nets more than 10 times that figure. Many more of the gun-toting bank robbers get caught than the PC-toting ones and some of them even get shot. Your chances of getting caught are slim to zero - especially if you initiate it all remotely through a server somewhere in Moldova. Well, OK, you're a worrier, so move to Moldova. Sensible hackers don't hack in their own back yard - so change back yards. And when was the last time you heard of a hacker from Moldova getting caught?

  9. The banking system has its channels

    "OK so I've moved to Moldova, but how am I going to pick up the money I'm earning?" Gosh, you don't know much about the international banking system do you? Here's my advice. Set up a convenient little off-shore account in the Cayman Islands and pass the money through there. Even in this internet era when it is oh-so-difficult to ensure the secrecy of data, no data ever seems to escape from those Cayman banks. And as regards your Black Hat activity, my advice to you, as a Moldovan, is to specialise in denial of service attacks (software to carry them out available from the usual suppliers). The DOS ransom fees are around $50,000, if you hit a big company, and you can usually extort $10,000 from the smaller ones. That's good pay for a week or two's hard hacking.

  10. Not all businessmen are entirely averse to the odd hack (on a competitor)

    As you seem determined to embark on a life of cybercrime I have one last piece of advice for you. Don't ignore the business world as a lucrative source of income. I know what you're thinking. Those guys are my prey. Well it's true that some of them are, but some of them could become your customers - if you make the right contacts and do the right kind of marketing. I mean, which businessman could fail to be pleased when his major competitor suffers a big data hack or loses a few days web business because of a DOS attack. Which businessman doesn't think, "hey what if I arranged for something like that to happen?" And which businessman having formulated a good competitive tactic doesn't put it into practice. There's good money to be made in focused hacks, theft of intellectual property, denial of service and large scale data theft. You might even get paid twice - by the customer and the victim.

Acknowledgments: Some of the information used to produce this article was gathered from presentations given to me by Yuval Ben-Itzhak of Finjan and Patricia Booth of CA, both of whom have a deep knowledge of the extent of the IT security malaise. It's no longer just a serious threat—it's a well organized and expanding industry.

Copyright © 2007, IT-Analysis.com


Other stories you might like

  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading
  • Conti: Russian-backed rulers of Costa Rican hacktocracy?
    Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors

    In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. 

    Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government's computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a $15 million reward leading to the capture of Conti's leaders, who it said have made more than $150 million from 1,000+ victims.

    Conti claimed this week that it has insiders in the Costa Rican government, the AP reported, warning that "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency." 

    Continue reading
  • China-linked Twisted Panda caught spying on Russian defense R&D
    Because Beijing isn't above covert ops to accomplish its five-year goals

    Chinese cyberspies targeted two Russian defense institutes and possibly another research facility in Belarus, according to Check Point Research.

    The new campaign, dubbed Twisted Panda, is part of a larger, state-sponsored espionage operation that has been ongoing for several months, if not nearly a year, according to the security shop.

    In a technical analysis, the researchers detail the various malicious stages and payloads of the campaign that used sanctions-related phishing emails to attack Russian entities, which are part of the state-owned defense conglomerate Rostec Corporation.

    Continue reading
  • FTC signals crackdown on ed-tech harvesting kid's data
    Trade watchdog, and President, reminds that COPPA can ban ya

    The US Federal Trade Commission on Thursday said it intends to take action against educational technology companies that unlawfully collect data from children using online educational services.

    In a policy statement, the agency said, "Children should not have to needlessly hand over their data and forfeit their privacy in order to do their schoolwork or participate in remote learning, especially given the wide and increasing adoption of ed tech tools."

    The agency says it will scrutinize educational service providers to ensure that they are meeting their legal obligations under COPPA, the Children's Online Privacy Protection Act.

    Continue reading
  • Mysterious firm seeks to buy majority stake in Arm China
    Chinese joint venture's ousted CEO tries to hang on - who will get control?

    The saga surrounding Arm's joint venture in China just took another intriguing turn: a mysterious firm named Lotcap Group claims it has signed a letter of intent to buy a 51 percent stake in Arm China from existing investors in the country.

    In a Chinese-language press release posted Wednesday, Lotcap said it has formed a subsidiary, Lotcap Fund, to buy a majority stake in the joint venture. However, reporting by one newspaper suggested that the investment firm still needs the approval of one significant investor to gain 51 percent control of Arm China.

    The development comes a couple of weeks after Arm China said that its former CEO, Allen Wu, was refusing once again to step down from his position, despite the company's board voting in late April to replace Wu with two co-chief executives. SoftBank Group, which owns 49 percent of the Chinese venture, has been trying to unentangle Arm China from Wu as the Japanese tech investment giant plans for an initial public offering of the British parent company.

    Continue reading
  • SmartNICs power the cloud, are enterprise datacenters next?
    High pricing, lack of software make smartNICs a tough sell, despite offload potential

    SmartNICs have the potential to accelerate enterprise workloads, but don't expect to see them bring hyperscale-class efficiency to most datacenters anytime soon, ZK Research's Zeus Kerravala told The Register.

    SmartNICs are widely deployed in cloud and hyperscale datacenters as a means to offload input/output (I/O) intensive network, security, and storage operations from the CPU, freeing it up to run revenue generating tenant workloads. Some more advanced chips even offload the hypervisor to further separate the infrastructure management layer from the rest of the server.

    Despite relative success in the cloud and a flurry of innovation from the still-limited vendor SmartNIC ecosystem, including Mellanox (Nvidia), Intel, Marvell, and Xilinx (AMD), Kerravala argues that the use cases for enterprise datacenters are unlikely to resemble those of the major hyperscalers, at least in the near term.

    Continue reading

Biting the hand that feeds IT © 1998–2022