Monday

10 reasons why the Black Hats have us outgunned

An interesting article from TheRegister: 10 reasons why the Black Hats have us outgunned

  1. The Black Hats form a well integrated community that shares knowledge effectively.
  2. Becoming a Black Hat is a career option even for those who are not super geeks.
  3. There are even specialist virus tools designed to circumvent specific AV products.
  4. There are SDKs for the more advanced hackers.
  5. There's a market for your data.
  6. There are botnets to rent.
  7. Some rogue websites are very subtly managed.
  8. Good hackers know how to stay safe (they stay abroad)
  9. The banking system has its channels
  10. Not all businessmen are entirely averse to the odd hack (on a competitor)
It's no longer just a serious threat—it's a well organized and expanding industry.

We , Security Professionals, need to 'network' more and share knowledge. In that perspective, don't forget about the ISSA-BE (Monday) and OWASP (Friday) meeting in Belgium this week.

Bonus: A Security Market for Lemons (Schneier.com)
Bonus: Zero-Day Threats, Part 2: Who’s Behind Them and Why? (McAfee Avertlabs)

Posted by Security4all at 18.6.07

Labels: , , ,

3 comments:

Didier Stevens said...

I also saw this list, it's not thought out. For example, I fail to see why 7, 9 and 10 give BH and edge over WH.

June 19, 2007 10:26 AM
VikTor said...

The list surely looks a little strange and not something that someone investigated properly. But hey, Benny is right, there isn't a real cooperation going on in Belux security land, surely there are some initiatives going on but nothing structured, on the other hand there also isn't a lot of movement in the awareness area. Maybe we should do something there ... Belgian Security Podcast, joined blogging, events, as long as it is open en not vendor-related I'm surely up for anything.

June 19, 2007 1:10 PM
Security4all said...

The actual article expains each point more in detail:

Point 7: There are security companies using spiders to detect malware loaded wabsite, but there are hackers out there that have blacklists of these ip address spaces. It's a cat and mouse game.

Point 9: There are ways of receiving money that is hardly tracable (accepting money for DDoS

Point 10: Not all business people are afraid of using hackers to gain a competetive advantage.

Thank you for your feedback. Some of us are talking and trying to get the Belgian security community together. Keep up the good work and we might get there.

June 19, 2007 1:34 PM

Post a Comment

Subscribe to: Post Comments (Atom)