Wall Street & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Trading Technology

09:44 AM
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

The Multi-Billion Dollar Hacking Industry

It is a multi-billion dollar industry. Today's IT attacks are regional, targeted, going after specific people and companies in the world, and entirely driven by profit, according to David Rand, CTO of security firm Trend Micro. "Yesterday's hacker was typically aged 15 to 34, had no girlfriend and was living with his parents. This is no longer true today," Rand told the audience at the SIFMA trade show.

It is a multi-billion dollar industry. Today's IT attacks are regional, targeted, going after specific people and companies in the world, and entirely driven by profit, according to David Rand, CTO of security firm Trend Micro.

"Yesterday's hacker was typically aged 15 to 34, had no girlfriend and was living with his parents. This is no longer true today," Rand told the audience at the SIFMA trade show.Hackers used to break into computers just to prove a point. "But today, hackers are professional, motivated, have lots of cash and are doing it for the cash. It's all about the money and the money is huge. It's all profit driven. That's a remarkable change in the last ten years," he said.

Rand said that in today's underground economy, users' stolen account information is currently priced at $1000-$5000, a credit card number with pin is valued at $300, birth certificate information goes for $150, while a credit card number with security code and expiration date is currently valued at $7-$25.

Rand pointed to a dramatic shift to web-based threats. Users are clicking on a malicious URL in an email or an instant message, and redirected to compromised Web sites. "Often software or freeware is bundled surreptitiously with malware," Rand said.

He cited the example of a malicious site claiming to show a Web video of Saddam Hussein's execution. But when users clicked on it, they unwittingly downloaded spyware.

Last week, the FBI and the Department of Justice said they had identified over one million potential victims of botnet cyber crime.

A botnet is a collection of compromised computers under the remote command and control of a criminal "botherder." Most owners of the compromised computers are unknowing victims. They have unintentionally allowed unauthorized access and use of their computers facilitating crimes like identity theft, denial of service attacks, phishing, click fraud, and the mass distribution of spam and spyware. Infections today are designed not to interrupt normal business, Rand said. They stay hidden to users as long as possible. "They install updates but they're clever - they don't even ask you to reboot, so you never notice. They're more clever than legitimate software makers," he said.

In the last two years, there have been more than 300,000 new versions of malware - more than in the last 15 years as a whole, Rand said. Melanie Rodier has worked as a print and broadcast journalist for over 10 years, covering business and finance, general news, and film trade news. Prior to joining Wall Street & Technology in April 2007, Melanie lived in Paris, where she worked for the International Herald ... View Full Bio

Register for Wall Street & Technology Newsletters
Video
Exclusive: Inside the GETCO Execution Services Trading Floor
Exclusive: Inside the GETCO Execution Services Trading Floor
Advanced Trading takes you on an exclusive tour of the New York trading floor of GETCO Execution Services, the solutions arm of GETCO.