It seems to us that one of the biggest threats that businesses face today is socially augmented malware attacks. These attacks have an extremely high degree of success because they target and exploit the human element. Specifically, it doesn’t matter how many protective technology layers you have in place if the people that you’ve hired are putting you at risk, and they are.
Case in point, the â€œhere you haveâ€ worm that propagates predominantly via e-mail and promises the recipient access to PDF documents or even pornographic material. This specific worm compromised major organizations such as NASA, ABC/Disney, Comcast, Google Coca-Cola, etc. How much money do you think that those companies spend on security technology over a one-year period? How much good did it do at protecting them from the risks introduced by the human element? (Hint: none)
The Good Guys in the security world are no different from the Bad Guys; most of them are nothing more than glorified Script Kidies. The fact of the matter is that if you took all of the self-proclaimed hackers in the world and you subjected them to a litmus test, very few would pass as acutal hackers.
This is true for both sides of the so called Black and White hat coin. In the Black Hat world, you have script-kids who download programs that are written by other people then use those programs to â€œhackâ€ into networks. The White Hatâ€™s do the exact same thing; only they buy the expensive tools instead of downloading them for free. Or maybe theyâ€™re actually paying for the pretty GUI, who knows?
What is pitiable is that in just about all cases these script kiddies have no idea what the programs actually do. Sometimes thatâ€™s because they donâ€™t bother to look at the code, but most of the time its because they just canâ€™t understand it. If you think about it that that is scary. […]