Why do hackers hack?James Walsh
Those days of easy assumption are gone. Hackers come in all guises, and are very ingenious about their methods. When it comes to corporate hacking, it can be your well-dressed, middle-aged, and very respectable neighbour too.
Hacking is a profession now, and definitely not confined to college-kid pranks any more. A hacker axing his way into a business computer has a purpose, and is mostly very well-paid for it. Some of the most common motives of corporate hackers are:
Ambition: An ambitious employee getting ready to move into another company will want to take his company's business strategy, future plans, and customer information with him. It is an essential part of the 'package' his next boss is paying him for.
Own business: More common in the USA, than in the UK, this is a great jump-start for people about to quit a company and start their own. An established company's database is obviously going to be his greatest capital.
Revenge: An employee who feels aggrieved or has been fired would resort to this. It is not just an eye for an eye – one can have an arm and a head as bonuses. There are two ways of functioning here. The employee may fight it out alone, or better still, join the nearest rival group. Sometimes, a rival group 'baits' a dissatisfied employee into hacking for it.
Money: This is a rising trend. A business may hire a professional hacker / a hacking team to steal IP from several companies. It is the best way of collecting information, and despite the hacker's fees, the most cost-effective.
Which Computers Get Hacked?
Any computer is liable to hacking. It may or may not be a business computer, because the hacker is looking simply for a way to get the information. A home PC belonging to a customer can prove to be an excellent source of information for the hackers. The idea is to achieve a targeted package of data; it does not necessarily mean breaking into a company work station only. Another interesting idea is to plant indecent pictures, links to pornography sites, spam mail or 'advertisement' of 'useful products' on employee computers. Thereby the hacker gains the access he needs, while the employee gets safely fired from the company – or just too confused about why his computer has gone crazy. Chat rooms are another favourite with hackers. Innocent information like a customer's personal details, gaming ideas, and family details – can all become important leads. In an interesting case, a hacker got through to a company's details by posing as a salesman. He asked simple questions like" What is your son's name?" to an unsuspecting employee. The son's name was also the password to his office PC. By the time the company could unearth this 'route', a lot had been lost.
Cases In Point
The internet is agog with debates about the SAP-Oracle war now. Oracle has accused SAP of stealing some 10,000 tech support files from its database. Interestingly, this was filed exactly two days after Oracle did a conference with much fanfare, reporting its business success, with transparent digs at SAP. Oracle CEO Lawrence J. Ellison had hired a team to sift through the trash cans of companies with business sympathy for Microsoft in 2000, defending it as his 'civic duty' (?). It is equally interesting that SAP shares have seen a steep climb over the past year. Apparently, they used the information from customers about to shift from Oracle into using SAP to gain the entry. SAP employees posed as customers and hacked their way into Oracle's database. The 44-page accusation by Oracle often sounds like a detective thriller.
There is also the enchanting case of TK Maxx. The firm claims that the accounts of some 45.7 million customers have been exposed and rifled by patient and organised hackers. This is currently being slated as the greatest 'card theft' case in history. Apparently, the thieves had entered as early as July 2005, and steadily 'harvested' sensitive account details over quite sometime. Debit and credit transactions of all kinds have been affected in all TK Maxx holdings – just to name one disaster of this theft.
Well, then – pirates ahoy! We all need to protect ourselves – and no one's overreacting.
About the Author