Slashdot Mirror

← Back to Stories (view on slashdot.org)

BusinessWeek on Hacker Hunters

Posted by timothy on from the what-about-hacker-gatherers? dept.

prostoalex writes "You keep hearing about FBI, Secret Service or other law enforcement authorities involved in pursuing international cybercrime gangs, but who are those people and how does the cyberlaw enforcement work? Business Week talks about hacker hunters and people they're after. A large portion of the article is dedicated to describing the global scope of such activities with Russia, Eastern Europe and China leading the ranks for criminal hideouts."

5 of 155 comments (clear)

  1. The "H" word by rbanffy · · Score: 5, Interesting

    Could we please try to restore the word "hacker" a more positive meaning on mainstream media?

    --
    http://www.dieblinkenlights.com
  2. Hacker Hunter U by panxerox · · Score: 4, Interesting

    Looks like the Ruskis have this available as a course (if you want to go to Siberia) Hacker Hunter U,

    --
    "It's so convenient to have a system where everyone is a criminal" - A. Hitler
  3. Advertising (Re:SCO mydoom) by GQuon · · Score: 3, Interesting

    Yes. Chosing SCO as a target seemed to me to have the following motivations for the crackers:

    1: Advertising. They had a bot net that they wanted to demonstrate the power of. "Behold the might of our bots! It takes down SCO and Microsoft! Now pay protection money or your online casino is out of business."

    2: Social engineering against administrators. Linux-users are more likely to be administrators and have other network-related jobs. The crackers might think that attacking SCO and Microsoft would gain them symphaty from some of the administrators.

    3: The crackers don't like Microsoft. The security updates are a hindrance to them.

    4: The crackers don't like Linux/BSD. Microsoft's saving graces, in the cracker's eyes, is that they at least used to make insecure software, and they made a monoculture fertile to malware. By casting the blame on "linux fans", they might hurt the image of the FOSS community.

    --
    Irene KHAAAAAAN!
  4. Re:Pfft. They care so much. by RM6f9 · · Score: 4, Interesting

    I missed your point, on purpose. Can you see how the issue might seem to someone who does not have your unique vantage point? There's too much work, so you choose the high-profile cases. There's too much work, so you let the small fry continue to break the law. There's too much work, so you need more funding... All of this is more than likely true, however: My point is, to the eye of an average tax-paying citizen, me, it seems very much as if, because the average tax-paying citizen doesn't have large enough businesses or large enough losses, we don't rate any protection at all, and only those who pay larger amounts in taxes or sustain larger losses (regardless of relative ability to *bear* such losses) get their issues even heard, much less addressed. Beyond a massive education initiative so that the people affected are better-prepared to protect themselves (hence reducing the amount of work your beleaguered department has), how would you recommend solving this dilemma? And, really, do we want citizens knowing that we must protect ourselves because the people in the agencies we pay to protect us are so overworked? Methinks that way may lie vigilantism, which seems to get prosecuted much more vigorously for some reason.... Maybe we average folks don't get to see nearly enough of what's going on - maybe some network exec could follow a day/week/month in the life of a law enforcement official in yet another reality show, bring it home that it's not all doughnuts and jaywalkers, but meantime, there's still that pesky problem of appearances. I'm just letting you know how it looks from out here...

    --
    Take the 90-Day Challenge! http://rwmurker.bodybyvi.com/
  5. Re:Pfft. They care so much. by 5cary · · Score: 4, Interesting
    to the eye of an average tax-paying citizen, me, it seems very much as if, because the average tax-paying citizen doesn't have large enough businesses or large enough losses, we don't rate any protection at all


    That's just it... The thresholds are high - not because those are the glamerous cases (the vast majority are sensitive enough NOT to make it to the press), but because they have the greatest impact on our society, and hence, the taxpayers. For example:

    a) A Government contractor housing sensitive information is compromised. The cost to the taxpayer is not obvious, but it *is* there. And it's a greater cost than you might imagine. Compromised technology and data exfiltration -- funded by taxpayers like you.

    b) your company's website is brutalized, and perhaps the customer database is somehow compromized. The cost in rebuiding the servers is (if it's really big) around $10,000 in man hours. Explain to me how a price will be put on the customer database. This will have to be done by the already overworked prosecuter in court (assuming it ever gets there). Prosecution and sentencing are based on damage to society, in most cases.

    Which one do you think the FBI is most interested in (for the sake of the taxpayer)? In the case of the first, *all* taxpayers bear a burden. In the case of the second... not so much.

    Understand this. Cybercrime investigators are overworked well beyond what you can imagine. A threshold *has* to be established. If you fall below that threshold, I'm sorry. Secure your systems.

    The days of sending out the fire department to get little kitty out of the tree are over. This has nothing to do with "ignoring the little guy". It's economy of resources.