Channels ▼

Ken North

Dr. Dobb's Bloggers

Misuse of Computers and Databases: The Bad Guys Get Smarter

October 31, 2010

The first image of computing that's burnt into my memory was a room populated with computer scientists wearing white lab coats. There's been a big change since then and today computing isn't populated only by scientists in white lab coats or good guys wearing white hats.

More Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>

The bad guys in the black hats continue to grow in technical sophistication, which is a nasty trend when combined with ubiquitous computing and universal connectivity.Decades ago the earliest threat from cyber-criminals was persons who had insider access to systems and physical access to facilities. This was how Stanley Mark Rifkin was able to steal millions from a bank using its wire transfer system. Then there was David Prouty, who worked for a company that supplied point-of-sale systems that processed credit cards. That gave him access to credit card information using the systems sold to customers of his employer.

The crimes committed by people who required no insider status or physical access increased with the advent of credit cards, ATMs and debit cards. The paradigm shift in the credit and payment industry permitted low tech solutions to stealing, such as obtaining cardholder information and using card encoding devices.

The Internet explosion dramatically increased the opportunities to make money by cyber-crime. It was no longer necessary to obtain insider status or figure out how to penetrate a physical plant. However, there has been a surge of thefts of laptops and disk drives, not because of the device's value but because of the value of the data they contain.

The value of data is what makes cyber-crime via the Internet an attractive proposition.

This type of crime has attracted a class of criminals who are more technically sophisticated than the carders with their encoding devices attached to PCs. Some recent schemes have involved hackers who've had the knowledge to exploit insecure wireless networks. Their use of private forums, virtual private networks and encryption have enabled them to set up international criminal conspiracies. They've used sophisticated money laundering schemes to avoid detection by the global banking system. They've been able to penetrate systems without detection.

Next we'll look at an example of one such operation that was able to exploit insecure SQL databases.The value of data is what makes cyber-crime via the Internet an attractive proposition.

This type of crime has attracted a class of criminals who are more technically sophisticated than the carders with their encoding devices attached to PCs.

Related Reading






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 


Video