[OPLIN 4cast] OPLIN 4cast #447: The business of hacking
OPLIN Support
support at oplin.ohio.gov
Wed Jul 22 10:30:13 EDT 2015
Email not displaying correctly? View it in your browser.
<http://www.oplin.org/4cast/> [image: OPLIN 4Cast]
OPLIN 4cast #447: The business of hacking
July 22nd, 2015
[image: hacker]Hacking into the computer files of a company or government
agency often is not a very lucrative occupation, unless the hacker has some
way to convert stolen information to cash. So a current trend seems to be
for hackers or hacker groups to sell their services, before the hack, to
someone who wants specific information. The business side of hacking has
been highlighted in some recent news reports, like news about the Hacking
Team
<http://www.theguardian.com/technology/2015/jul/20/hacking-team-police-investigate-employees-inside-job-claims>
company being hacked themselves, and the takedown of the Darkode
<http://www.darkreading.com/cloud/darkode-shuttered-but-cybercrime-still-alive-and-well--/d/d-id/1321359>
forum for hackers. You may think that libraries are safe from this kind of
cyber crime (why attack a library?), but by that logic, we also should not
be seeing denial of service attacks on libraries - yet we are.
- Hackers on demand
<http://www.fastcompany.com/3043016/the-cybercrime-service-economy>
(Fast Company | Steven Melendez) "At Hackers List
<https://hackerslist.com/projects>, for instance, hackers bid on
projects in a manner similar to other contract-work marketplaces like
Elance. Those in the market for hackers can post jobs for free, or pay
extra to have their listings displayed more prominently. Hackers generally
pay a $3 fee to bid on projects, and users are also charged for sending
messages. The site provides an escrow mechanism to ensure vendors get paid
only when the hacking's done."
- Hackers for hire: How online forums make cybercrime easier than ever
<https://www.washingtonpost.com/blogs/the-switch/wp/2015/07/16/how-cybercriminals-have-turned-forums-into-sophisticated-blackmarkets/>
(Washington Post | Andrea Peterson) "These forums and black markets
offering physical goods as well as digital services - such as the now
defunct Silk Road - have helped drive the popularity of cybercrime, because
the sites contain almost everything someone would need to get into hacking
for profit, [Raj] Samani [of Intel Security] said. Even those without
technical knowledge can visit the forums or black markets and hire people
to do the individual components of a scam - or outsource it altogether in a
subcontractor-style set up, he said."
- Sophisticated hacker group strikes for profit, not politics
<http://www.toptechnews.com/article/index.php?story_id=020000MIVK1S>
(Top Tech News | Jef Cozza) "Almost as unnerving as Morpho's habit of
targeting enterprise assets is its familiarity with the inner workings of
its victims. The group has successfully compromised commonly used e-mail
servers such as Microsoft Exchange and Lotus Domino, according to Symantec.
It has also targeted enterprise content management systems, where it could
have gained access to valuable documents such as financial records, product
descriptions, and legal documents. And unlike attacks by other hacker
groups suspected of working for the Chinese, Russian, or North Korean
governments, Morpho's malware tools are well documented in fluent English."
- Hacker for hire
<http://www.itweb.co.za/index.php?option=com_content&view=article&id=144418>
(ITWeb | Jon Tullett) "Managing consultant [Tyrone Erasmus] at security
specialist firm MWR InfoSecurity, he and his teams are hired to audit their
clients' security, mimicking the behaviour of criminal syndicates that are
after the same valuable details: financial systems, intellectual property
and trade secrets. 'I'm a bad guy who plays by good guy rules,' he
proclaims, with a nearly straight face. Since the '70s and '80s, when
hackers like Kevin Mitnick and John Draper burst onto the scene, corporate
information security has improved greatly, it's far stronger and...haha.
Just kidding. 'We have a 100-percent success rate,' Erasmus says, deadpan."
*Articles from Ohio Web Library <http://ohioweblibrary.org>:*
- The business of hacking and birth of an industry.
<http://web.a.ebscohost.com.proxy.oplin.org/ehost/detail/detail?sid=4be14fb1-ee95-4b17-9ef3-534d0d9de920%40sessionmgr4001&crlhashurl=login.aspx%253fdirect%253dtrue%2526db%253dbuh%2526AN%253d84503895%2526site%253dehost-live&hid=4101&vid=0&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=buh&AN=84503895>
(*Bell Labs Technical Journal*, Dec. 2012, p.5-16 | Matt Bowles)
- IT security for you and your library.
<http://web.b.ebscohost.com.proxy.oplin.org/chc/detail?sid=5fb8cbb5-e93f-4077-b428-61e219071140%40sessionmgr113&crlhashurl=login.aspx%253fdirect%253dtrue%2526db%253dcmh%2526AN%253d94311325%2526site%253dehost-live&hid=124&vid=0&bdata=JnNpdGU9Y2hjLWxpdmU%3d#db=cmh&AN=94311325>
(*Computers in Libraries*, Jan/Feb. 2014, p.13-16 | Blake Carver)
- The rising strategic risks of cyberattacks.
<http://web.a.ebscohost.com.proxy.oplin.org/ehost/detail/detail?sid=68a82ec8-f497-44e3-9639-c185c6b89534%40sessionmgr4004&crlhashurl=login.aspx%253fdirect%253dtrue%2526db%253dbuh%2526AN%253d102092395%2526site%253dehost-live&hid=4101&vid=0&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=buh&AN=102092395>
(*McKinsey Quarterly*, 2014 2nd Quarter, p.17-22 | Tucker Bailey, Andrea
Del Miglio, and Wolf Richter)
------------------------------
The *OPLIN 4cast* is a weekly compilation of recent headlines, topics, and
trends that could impact public libraries. You can subscribe to it in a
variety of ways, such as:
- *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
subscribing to the following URL:
http://www.oplin.org/4cast/index.php/?feed=rss2.
- *Live Bookmark.* If you're using the Firefox web browser, you can go
to the 4cast website (http://www.oplin.org/4cast/) and click on the
orange "radio wave" icon on the right side of the address bar. In Internet
Explorer 7, click on the same icon to view or subscribe to the 4cast RSS
feed.
- *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
http://mail.oplin.org/mailman/listinfo/OPLIN4cast.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20150722/0b934d6d/attachment.html>
More information about the OPLIN4cast
mailing list