The Criminal Hacker Fallacy

Why would a master criminal want to hack into your business when they could be making millions of dollars stealing credit card details from large businesses?

A lot of business people think that they are safe from hackers because a hacker has nothing to gain from stealing their data or breaking into their system or network. Why would a professional hacker waste time with their business when there are big corporations to attack?

But hacking is not always about evil geniuses trying to cause the downfall of the world but is more like bored teenagers making mischief. They wander around in cyberspace looking for sites with poor data security or with weak security processes where they can create a bit of mayhem and then go back to their algebra homework.

One of the most troublesome hackers to the US Government this year was Cosmo. Cosmo was recently arrested with many others as part of large FBI exercise targeting credit card fraud in the US. He lives with his mother like most 15 year olds.

A Wired article (click here) describes some of his escapades this year with his group.

  • They DDoS’ed (distributed denial of service attacked) government and financial sites, including NASDAQ, the California government and the CIA, which they took down for several hours in April.
  • They repeatedly posted the Mayor of New York, Michael Bloomberg’s, address and Social Security number online.
  • They broke into one billing agency using social-engineering techniques in May and dumped 500,000 of their credit card numbers online.

Cosmo was the social engineer for the group; a specialist in talking his way past security barriers. He had methods for getting into accounts on Amazon, Apple, AOL, PayPal, and a lot more.

Social engineering in online security terms specifically refers to manipulating people into divulging confidential information that can be used to gain computer system access.

So make sure you use secure software access and use data encryption. For more information about online security contact us.