Thursday, December 13, 2007

How can you stop Hacking? You can't.

The United States Government, Playboy, Western Union, and CD Universe are just a few of thousands of businesses and government departments that have been hacked into resulting in over a billion dollars of damages per year and climbing. The number of hackings will continue to climb because finance to hackers and organization by hackers will keep hackers ahead of the law.

Playboy's nightmare began when a hacker broke into the company's database and stole the company's customer credit card and personal information. Playboy was then extorted over a period of months with the thief brazenly taunting law enforcement officials and company executives. The thief unfortunately could not be traced.

Majority of Hackers Are Never Caught
The news is quick to showcase the achievements of law enforcement agencies when they achieve an occasional victory against hackers, however most highly sophisticated hackers are NEVER caught and most also NEVER spend a day behind bars. This fact has led to the continual question of:

Why Are Hackers Able to Get Away From Capture So Easily?
The Answer

Pundits may debate what authorities already know and that is the Internet has created an extremely elite, intelligent and sophisticated group of criminals who are very well funded and extremely more technologically advanced than most law enforcement officials will ever be. Simply put, hacking is a world class business.

How Do The Hackers Do It?
Cleaning the Crime Scene

Experienced hackers are able to escape investigators by bouncing between multiple servers before executing an attack. Once they have captured the credit card information, the thieves immediately delete the log files on the servers that they have passed through to get there. Research shows that about 10% of hackers are able to operate consistently in this fashion and successfully elude capture all their lives.

Speed is the hackers primary weapon. As the hackers are being pursued, the government must obtain records that require subpoenas and additional time delays. Even though the FBI may be able to get a subpoena relatively quickly, the process of serving the company is time consuming. By then, the hacker has been terrorizing the hacked company for months with no traces or is sitting on an island sipping margaritas purchased by your credit card.

The Government's Response
In recent years, the FBI has stepped up its offense against cyber crimes by creating a cybercrime unit within the FBI and President Bush added new federal prosecutors nationwide to address the problem. These attempts may increase the presence however will not slow down the problem as even more people cross into this illegal business.

The fact of the matter is that there are simply not enough resources dedicated to catching these criminals. To catch these people, you must employ these people. You must give them a sense of fulfillment by working with you to catch others like them. This is an approach law enforcement has been somewhat reticent to take. Law enforcement will often require specific educational credentials and work experience. Meanwhile, a 19 year old hacker with no education and no work experience hacks into the United States Government's database.

Some Recent Prominent Hacks

Playboy - Undisclosed number of credit card numbers stolen - EXTORTED

Ecount - Personal customer information stolen - EXTORTED
Western Union - 15,000 card number stolen - 55,000 credit card numbers stolen - EXTORTED - 3.7 million credit cards exposed
CD Universe - 350,000 card numbers posted - EXTORTED

The Solution
The solution is not simple and cyber crimes will never be eradicated. The government however must look to expand the cyber crimes divisions at the local and federal level. Law enforcement must also look to employ the services of the young, sharp, sophisticated hackers before they decide to cross the line of legality and engage in illegal hacking. These people will help increase security measures for companies and help apprehend some of the hackers that continue to terrorize companies and individuals on a daily basis.


I find even more interesting the comments:

December 13, 2007 - 8:20am
As far as I'm concerned the U.S.government is the most inept organization in the world. It consists of thieves and crooks and the most useless people in the world bar none.

December 13, 2007 - 8:52am

It's a good thing nobody cares what you think - Take a look at Russia.
Post a Comment