This article can also be found in the Premium Editorial Download "Information Security magazine: Reflections on the impact of Sarbanes-Oxley."

Download it now to read this article plus other related content.

Evolution of a Hacker
by Adam Stone
Internet pranks give way to crime.

Like kids playing with a pointy stick, the perpetrators of Internet-based malfeasance keep raising the stakes. "Can-you-top-this" hackers have given way to criminals stealing identities and committing fraud for profit. The chronology is clear, but the real interest lies in the causes.

The game, if it is a game, starts in the early 1990s with students and whiz kids breaking into corporate and government systems just to show it can be done. They leave calling cards, tokens of their presence: a bit of harmless nose-thumbing.

So much for the fun.

By the end of the decade, hackers begin tampering with systems as a means of humiliating corporate know-it-alls. The temperature rises as black hats leave systems hanging, stop traffic, destroy files and deface Web sites. Worms self-propagate throughout systems, delivering payloads that grow steadily more malicious.

By 2001 and 2002, password stealers, keyloggers and other crimeware enter the scene, harvesting personal data from users' computers. Trojans commandeer online banking and other secure services.

By 2004, the rapid rise of phishing schemes shows there is money to be made, at least in theory, but initially there is no market for this data,

    Requires Free Membership to View

no infrastructure to convert scams into cash. "It was analogous to stealing a Picasso or a van Gogh and then saying, 'OK, now where do I sell this thing?'" says Jose Nazario, a senior security researcher at Arbor Networks.

But by 2005, organized criminals geared up for lucrative profits. Today, complex international criminal interests scrub cash gained through diverse schemes and move it across borders, while underground organizations sell and lease do-it-yourself kits with all the code you need to commit your own online fraud.

Welcome to the world of professional crimeware.

This was first published in January 2008

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: