Data security company Imperva warns that hackers have transformed and automated their attacks to make them more efficient and boost the profitability of their scams.
In its latest security report, released this week, Imperva compares the industrialisation of hacking to the 19th century industrial revolution that evolved from single to mass production. The company says hacking has become a $1 trillion industry - up from a few billion just three years ago.
According to Imperva, a hacking scheme is infecting educational servers worldwide through Viagra adverts that infect Web users with malware when the user visits the malicious page on the legitimate education site.
Imperva CTO Amichai Shulman says: “This attack on academic institutions highlights how hacking has industrialised by infecting servers from major institutions including UC Berkeley, Ohio State, University of Oxford and more. Ironically, this technique is the most prevalent method used to create havoc in cyberspace, yet remains virtually unknown to the general public.”
Supply chain
Imperva says in its report that a clear definition of roles and responsibilities within the hacking community has developed to form a supply chain that resembles a drug cartel.
The security company explains there are researchers that search for vulnerabilities in the targeted organisation while farmers deploy botnets through mass infection. Dealers are tasked with the distribution of malicious payloads.
Another trend Imperva identified is that hacking is no longer done by IT experts, but that anybody can now download malicious software off the Internet.
Imperva claims search engine manipulation is the most common method used to spread bots. This involves promoting Web-link references to infected pages, by leaving comment spam in online forums and infecting legitimate sites. Hackers lure victims onto infected sites by using popular search terms such as 'Tiger Woods'.
Another popular hacking method, according to Imperva, is executing mass attacks through automated software to gain unauthorised access to applications. The software performs a password attack by entering commonly used passwords. Hackers also input a range of URLs to steal personal information.