Sunday, March 4, 2007

Evolution: Fun, Bragging Rights and Profit

In the Beginning

Back in the old days it was the curious looking to expand their understanding of systems. They could hack together a program in fact the best hack was the most concise and elegant code.

Organic Evolution

Some of these hackers turned their focus deep into the bowels or the computers and their operating systems. Of course this required a higher privilege level so cracking into accounts with greater privileges, usually called root on unix systems, and thus began the evolution of the modern day hacker.
Sidenote: Crackers are hackers that use their skills for breaking into systems, in much the same way as an assassin uses their abilities as a marksman to kill. Alas the public has picked up the term hacker so life goes on.
Pressure to be the best

As time passed pride demanded that these hackers proclaim their victories to the world. hackers would post their conquests on underground communication channels and then started proclaiming them to the world in the form of defaced web pages.

As time passed and tools automated finding and breaking into systems. At first these where transfered "underground," but many migrated to the mainstream. Additionally security researchers and administrators began to write their own tools to find and patch the holes before the hackers did.

Scavengers Appear

These tools gave rise to the script kiddies. People that learned how to run the tools, but did not know how to use them. These are the people that scan large blocks of the internet looking for something to attack. They tend to attack based on port not application. in other words these are the ones that launch Microsoft IIS attacks on Apache Web Servers.

The hard core criminal element eventually caught wind of this new avenue for illegal profits. This has given rise to two basic criminal categories the botnet herders and the professional crackers.

Botnet herders initial growth and expansion is very similar to script kiddies. In their recruitment phase spam, drive-by-downloads and scans are used to recruit new bots, or zombies, into the herd. These botnets can then be used doe DDoS attacks, SPAM prorogation, and other nefarious for profit motives.

The professional cracker will case their target and look for vulnerabilities and unprotected avenues to launch their attack. The professionals will learn their prey including partners, remote workers, IP addresses, key employees, environment.
Amateurs hack systems, professionals hack people.
— Bruce Schneier
Update: The professional hackers tend to be freelancers or directly controlled by organized crime.

No comments: