Saturday, 15 de June de 2024 ISSN 1519-7670 - Ano 24 - nº 1292

Who are the hackers? Profiling the masters of data disruption

 

As anybody who has installed anti-virus software on their home computer knows, technology carries risks and vulnerabilities which are evolving over time. But why do people seek to exploit them? Is it all for personal gain, or have new motivations taken over?

Orla Cox, Symantec's senior manager, security response, believes personal gain is still a major motivator. But that isn't all, she says. Sometimes the hacker simply wants to disrupt.

"2012 saw a number of denial-of-service attacks, and we think we'll see a lot more of those," Cox explains. "These are from people who may have political motivation, although some are just doing it for mischievous purposes."

Denial of service

These are the so-called "hacktivism" attacks, carried out by groups such as Anonymous, aimed not at profit, but at furthering a purpose, such as protesting net censorship. Inevitably, terrorists have adopted these tactics, and within the last couple of years there have even been allegations (denied) of governments using these methods.

These parties often use denial-of-service attacks to disrupt their target, clogging up their network with so much data that it can't cope. They are a particular problem because they don't require much skill to engineer, but can be difficult to defend against.

Other computer viruses are designed to disrupt their targets in more insidious ways, says Cox. "One, called Shamoon, actually wipes infected machines all at the same time."

So an attack on a business in the energy industry, for instance, where many Shamoon incidents have happened, would take down many systems at once. Again, the motivation isn't profit or pure mischief – these infections, although not particularly prevalent, appear to be politically motivated.

More traditional breaches of security persist and are becoming more common, such as Advanced Persistent Threats (APTs), generally aimed at obtaining intellectual property from the victim.

"APT threat actors have the time and resources to identify targets, understand what these people are working on, and know who some of their colleagues might be," explains Scott Algeier, head of US-based non-profit information security group IT-ISAC. "They use this information to craft emails, increasing the likelihood that these targets will open the attached malicious files."