Hackers sell kits on auction site
Daily news headlines
LONDON – Hacker toolkits previously restricted to hidden specialist online forums are now being sold openly on global auction sites such as eBay. It marks another disturbing development as the tools of e-crime are becoming far more accessible.
"This is a serious development," says Geoff Sweeney, chief technology officer at IT security firm Tier-3. Until now, novice hackers were required to prove themselves to their peers before getting access to the coveted hacking forums where such kits can be found. Sweeney describes the spread of these kits as “very worrying”.
Their availability on eBay puts complex hacking tools at the disposal of any member of the public with internet access – including stealthy Trojan loaders and website hacking utilities – at the disposal of almost any internet user with a standard eBay and Paypal account. Sales of these kits, although facilitating crime, are legal in most countries. However, there are a growing number of notable exceptions, such as Germany’s ‘anti-hacker’ law.
The tools are usually sold within ethical hacker training courses – legal practice under a contract between company and hacker – whereby the intruder has permission to probe and crack online security systems to highlight weaknesses for improvement. These courses also include educational utilities and certification.
Online crime is growing quickly, with internet fraud figures now outstripping conventional fraud. Companies need to consider extending their security umbrella to protect from the growing number of known and unknown threats to their online enterprises, says Sweeny.
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@risk.net to find out more.
You are currently unable to copy this content. Please contact info@risk.net to find out more.
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Printing this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. Copying this content is for the sole use of the Authorised User (named subscriber), as outlined in our terms and conditions - https://www.infopro-insight.com/terms-conditions/insight-subscriptions/
If you would like to purchase additional rights please email info@risk.net
More on Regulation
SEC cyber rules risk creating web of confusion and costs
Proposals would require breach notifications, public disclosures and annual cyber assessments
Indonesia readies close-out netting after passing P2SK Law
Bankruptcy law changes remove close-out netting obstacles
Behnam comments fan JSCC hopes for US client clearing
Japan clearing exec welcomes CFTC chair’s pledge to keep discussing OTC clearing status for non-US houses
Top 10 operational risks: The umpire strikes back
Tougher regulatory enforcement, new consumer rules and rise of ESG are ringing alarm bells
SVB wouldn’t happen in Europe, says Deutsche CIB head
Campelli also thinks Credit Suisse’s bailed-in AT1 bonds acted as originally intended
How Finma milked Credit Suisse’s CoCos to close UBS deal
An unusual clause in Swiss AT1 bonds allowed them to be written off, but could others follow suit?
Fed’s climate stress test whips up storm for banks
Long-awaited US climate risk exercise puts tough pressure on banks’ data and models
