Richard Tocci

Richard Tocci
Just when you thought it was safe, I show up...


The contents of this blog are my own comments and opinions and do not reflect those of my family, friends, colleagues, clients, employers, or anyone else I may know. Additionally, their comments and opinions are not a reflection of me or this blog. Any links contained in posts are maintained by third parties and are not under the control of this blog, and as such, this blog is not responsible for their content. All links are provided "as is" with no explicit or implicit warranty of any kind.

GoDaddy Add

Friday, October 3, 2008

Hacking As A Service

I read a very interesting article this morning that should force professionals like me to rethink the methods and the organization of malicious computing activity:

Researcher finds evidence of massive site compromise

The article goes into some detail about a multitude of web sites that have been compromised by a number of methods, but that was not what impressed me. What impressed me was the author and the researcher referred to the hackers as having a "business model" and using "software-as-a-service"

These are terms typically used when dealing with legitimate businesses. But as crimes go from being curious undertakings to discreet methods, it stands to reason that different organizations would unite on a common cause. They become stronger, and in this case, covert because of their activity.

History shows that large criminal activity run as organized crime (and yes, these people have moved into that area of crime) will eventually subside, to be replaced by another type of crime, but it should be looked at as an organization, and a dangerous one. This type of organization is not a national problem, but a world problem. I believe Interpol should be more involved in this process since they are a world law enforcement agency.

World computing does not need to become an area of fear, lauded over by groups that think they are superior.

No comments: