Tracking the hackers

yeppydeppy

http://www.rte.ie/news/special-reports/2013/0503/390289-internet-security/

Does anyone go along with this? In the article it states:

Sometimes the aim is espionage, with hackers first stealing valuable or critical information, before unleashing code which devastates the system it infects.

I've worked in IT for more than 10 years and have never heard of this actually happening. I also noticed there are no documented cases mentioned in the article.
Sure there is a lot of malware out there and it's easy to get infected but a quick scan with malware bytes and it's all fine.

Is this just more media hype? I think it is.

Torqay

yeppydeppy wrote: »

Is this just more media hype? I think it is.

Of course it is. Just paving the way for more cyber surveillance. And if you have nothing to hide, you have nothing to fear anyway.

Why would "Hackers" devastate their source of information by "unleashing" some evil code? Going undetected is the name of the game. Destruction of enemy computer systems is a job for cyber warriors.

Khannie

HAHAHA. That is gas. It's like watching hacking in a movie. Cringeworthy.

I am also unaware of any case of corporate of governmental espionage that resulted in mass destruction after the fact. Why would you bother when you can leave a nice little back door for yourself?

CreepingDeath

yeppydeppy wrote: »

http://www.rte.ie/news/special-reports/2013/0503/390289-internet-security/

Does anyone go along with this? In the article it states:

Sometimes the aim is espionage, with hackers first stealing valuable or critical information, before unleashing code which devastates the system it infects.

I've worked in IT for more than 10 years and have never heard of this actually happening.

No company likes admitting that it's computer security was compromised.
Sometimes a company might be held to ransom, like an online betting company just before a major sports event, by a denial-of-service attack.

If a hacker gets into a company to steal valuable/critical information, I seriously doubt they'll burn their bridges afterwards. They're likely to keep that backdoor into the system open as long as possible.

There's all sorts of hackers out there, script kiddies, white hat hackers, organised criminals and state sponsored hackers/agencies.
They'll each have an agenda.

For the average IT user who gets infected with malware, they'll either try logging their usernames & passwords for banks and the like, or use their computer as part of a larger automated "botnet" to launch denial-of-service attacks on websites.

The likes of Symantec probably trace the IP address that the malware is trying to contact (the botnet command and control server(s)), and attempt to take them over to disable them.

If you're interested in this field, then the "Security Now" podcast on Twit is definitely worth listening too.

yeppydeppy

I still think it's blown out of proportion. I realise companies wouldn't want to admit they have been hacked but you'd expect the news of a major hack to get out, especially with a large mutlinational.

syklops

I was quite enjoying the article until I got to the below quote and then I got annoyed.

Strong passwords and good password management are a must.

Don't use the same password for multiple systems, avoid using your own name, or the names of family or pets and use a mixture of numbers and letters.

Who is perpetuating this bullsh!t? Please tell me this was the article's writers wisdom and it didn't come from some expert in Symantec?

Ah jaysus, after watching the interview, this rubbish advice came from Sarah Cox of Symantec. Length Sarah, length! Forget your special characters which simply make the passwords harder to remember so users are more inclined to write them down, store them insecurely and re use them on all their websites.

I was setting up a new online banking thing with a well known card provider, and their password requirements were really ridiculous. Must be 8 characters or more and must have 1 uppercase and 1 number. Specifically 1 uppercase and 1 number. What this means is if I want to pre-compute possible passwords, you have made my job easier, because there are less possible combinations.

... before unleashing code which devastates the system it infects.

In my experience, code which physically harms the machine is very very rare. You could argue that "devastates the system", means the OS has to be re-installed, but thats hardly devastation.

syklops

The likes of Symantec probably trace the IP address that the malware is trying to contact (the botnet command and control server(s)), and attempt to take them over to disable them.

TBH, I doubt Symantec do that. There is no money in taking down botnets, selling updates is where the money is.

yeppydeppy

And promoting fear.

Dr Silly Bollox MD

Torqay wrote: »

Just paving the way for more cyber surveillance.

This.

stricter laws and reigning in the net.

syklops wrote: »

TBH, I doubt Symantec do that. There is no money in taking down botnets, selling updates is where the money is.

They do yea, mostly Microsoft though.

http://www.bbc.co.uk/news/technology-21366822
http://nakedsecurity.sophos.com/2012/10/05/microsoft-settles-lawsuit-against-3322-dot-org/

Kenny Logins

Oh, and not surprisingly, they say good up to date internet security software is useful too!

:pac:

Dr Silly Bollox MD

Nato has guidelines now for killing someone hacking infrastructure.


Was skimming a us report on all this "hacking" (clowns opening phishing mails) plastered all over the headlines for the last while, "No Damage Done, No Secrets Stolen". All bull.

I can't even find it now:rolleyes:, they don't want that plastered everywhere.

syklops

Dr Silly Bollox MD wrote: »

They do yea, mostly Microsoft though.

http://www.bbc.co.uk/news/technology-21366822
http://nakedsecurity.sophos.com/2012/10/05/microsoft-settles-lawsuit-against-3322-dot-org/

Well it is in Microsoft's interests for there to be less botnets and malware out there, but it's not in Symantecs.

From the BBC article:

"Because this threat exploited the search and online advertising platform to harm innocent people, Microsoft and Symantec chose to take action against the Bamital botnet to help protect people and advance cloud security for everyone."

Call me cynical, but I don't think they took it down because it was harming "innocent people", but it was affecting their revenue from online advertising.