One "white hat" hacker may have saved the Internet by turning his discovery of a serious flaw in DNS servers worldwide over to officials instead of selling the exploit on the black market.
Def-Con, a military term used to describe the state of readiness of the armed forces, is also the name of a convention in Las Vegas that draws hackers from far and wide. Some are definitely up to no good, but there are those out there, called "White Hat" hackers, who make their living as security consultants or network administrators. Def-Con draws hackers from the entire spectrum of the community, and it is best for the uninitiated not to have a Wi-Fi connected device anywhere in the vicinity during this convention. These guys can do some pretty amazing things, and one, Dan Kaminsky, may have saved the Internet by turning his discovery of a serious flaw in DNS servers worldwide over to officials instead of selling the exploit on the black market.
RAM Raiders: Inside Secrets of the Cyber Hackers (Times Online)
We aren't even in September yet and 2008 has already surpassed last year in the pure number of data breaches, according to the Identity Theft Resource Center. Even though new security procedures and software are coming up all the time, ultimately consumers bear the price of cybercrime, just as they do shoplifting and theft. Even the hacks that are discovered are usually minimized by the affected companies as these companies are more afraid of liability than just about anything else.
This Year's Data Breaches Surpass 2007 Totals (Information Week)
Purdue Expert Says Consumers Absorb Cybercrime Costs (Inside Indiana Business)
Best Western Disputes Depth of Suspected Breach (Information Week)
The incredible lengths to which some people will go to break security are amazing. Spending hours on end researching, discovering, and exploiting weaknesses in security requires a singular mind and a lot of caffeine. Fighting off such attacks takes time, dedication, and a whole bucket of money. Fortunately, the main requirements are common sense, proper procedures, and good user training. In my job, one of my main tasks is to maintain the security of the part of our network that secures credit card processing data. All it takes is one major breach to threaten our ability to take payment for the services we render, which does wonders for my stress level when I read about how easily some hackers are able to compromise networks. How much security does your network require?