Hackers go underground

Alex Kayle
By Alex Kayle, Senior portals journalist
Johannesburg, 21 Apr 2009

The underground cyber crime industry is booming.

Richard Stiennon, chief research analyst for IT-Harvest and founder of, says the largest threat is industrial-scale espionage.

Stiennon will discuss trends around cyber war and its consequences at the three-day ITWeb Security Summit 2009 being held at Vodaworld in Midrand at the end of May.

Mass infiltration

According to Stiennon, industrial scale espionage is the biggest threat facing the online world. “There has been systematic infiltration of the seats of power in Washington (Pentagon and Whitehouse mail servers owned), the UK (Whitehall mail servers compromised), Germany (Chancellery e-mail server invaded), India, Australia, and France. Major research labs in the US and just about every industry have had process and financial data stolen.

”We also see outbreaks of what I call crowd-sourced denial-of-service attacks, such as those which damaged Estonia, Ukraine, Hamas, and Israel. Both espionage and targeted attacks are threats that incur collateral damage that could catch innocent bystanders.”

Stiennon says the Internet infrastructure is the biggest target for hackers, as the routing protocol opens up a huge vulnerability that could be exploited by cyber criminals to shut down the Internet, partially or completely. It also has the potential for loss of critical information.

Securing assets

ITWeb Security Summit 2009

More information about the ITWeb Security Summit 2009 conference, which takes place from 26 to 28 May 2009 at Vodaworld is available online here.

He calls for organisations to examine their cyber defences: “Viruses and worms are still a threat, but the game changes completely when an individual or group is targeting your digital assets. They will not even bother to knock; they will just barge in and steal your information or destroy your resources. Firewalls, strong authentication, activity monitoring, and DDOS defences are required to counter these new threats.”

Stiennon believes cyber criminals looking to make a profit as well as low risks to the hacker are fuelling the cyber crime industry: “Hackers are re-investing the money they garner from extortion, phishing and credit card theft into developing weapons-grade malware that is self-defending and purposeful.

“The negligible law enforcement activity means there is little downside to engaging in cyber crime.”

Small pickings

Arthur Goldstuck, MD of World Wide Worx, says SA is still a young market when it comes to being a target for security infiltration: “SA is still viewed by cyber criminals as small pickings; however, SA does appear on the radar by cyber criminals when it comes to phishing and malware attacks.”

Goldstuck says the majority of phishing attacks on SA stem from Eastern Europe and Russia. He notes that five years ago, it was common for SA to be targeted in Nigerian phishing attempts, which promised users thousands of dollars if they would provide their confidential banking details.

These days, Goldstuck points out, people are more aware as criminals become more tech-savvy. He notes the banks are organised crime's biggest targets. “It boils down to the fact that banks and big companies need to apply best practice in security administration.”

Related stories:
Fighting fire with fire
Cyber-crime takes off
Network security crucial
Fraudsters cash out
Is open source safer?
Privacy not a guarantee
Speakers reveal top security issues
Top black, white hats at Security Summit