I've heard hacker chatter can be a helpful defense against potential exploits, but where are the best places to...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
find it, and how can I determine if what hackers are talking about could pose a threat to my enterprise?
Hacker chatter can be helpful in determining defenses against potential attackers, but it might be more effective for the general industry to track hacker chatter, not necessarily the average enterprise.
For enterprises under targeted attack with sufficient resources, however, independently tracking hacker chatter might make sense. Rob Rachwald, director of security strategy at Imperva, describes hacker chatter as the discussion found on black market or cybercriminal websites that includes attack tools for sale, information on how to automate attacks and the business side of cybercrime. Some of the attacks under discussion include SQL injection, compromised accounts and passwords, DDOS, spam and zero-day attacks. If you are curious about visiting hacker websites, you could visit some of the sources Brian Krebs lists on his blog like antichat.ru, mn0g0.su or rock3d.cc, but you should be prepared to do so securely in order to not put yourself or organization at risk.
Much of the same information could be obtained from more legitimate sources, and potentially even from just following some interesting people on Twitter, such as Dave Aitel, CEO of vendor Immunity Inc. (@daveaitel), or reviewing conference presentations from Defcon or Black Hat.
To determine if your enterprise is under attack by looking at hacker chatter, you could search for usernames and the word "password" (including other translations of the word "password") to see if there is a list of compromised accounts, your IPs or DNS names, or names of internal projects or internal sensitive data examples. You could even use Google hacking to look for internal vulnerabilities. Once you have found specific examples, you could determine effective strategies to prevent or remediate the attacks, and to build support internally for these efforts.
Dig Deeper on Hacker Tools and Techniques: Underground Sites and Hacking Groups
Related Q&A from Nick Lewis
The new Trochilus RAT can avoid detection in cyberespionage attacks. Expert Nick Lewis explains how it works, and if enterprises need to adapt their ...continue reading
The Asacub Trojan has new banking malware features. Expert Nick Lewis explains how it made this transition and what enterprises should be watching ...continue reading
BlackEnergy malware may have been part of the attacks on Ukrainian utility and media companies. Expert Nick Lewis explains how this malware works and...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.