For many, the term ‘hacker’ conjures images of basement-dwelling teens, sipping Mountain Dew and launching their attacks on underprotected computers.
For others, the word conjures memories of this guy.
But Shuman Ghosemajumder with Shape Security in Mountain View, California, says the modern hacker is exponentially more dangerous: think of them as members of a digital mafia:
“We’ve seen organized crime getting involved in data breaches for a number of years now,” Ghosemajumder explains. “Now, it really has reached a scale that it wasn’t operating at five or ten years ago. That’s where you have folks that are well-funded that are developing technology that is custom-built to be able to create these types of large scale harm.”
Dan Guido, founder of computer security company Trail of Bits, says the cyber security game changed about ten years ago, when hackers began leasing their skills and packaging kits to help others launch attacks. “[Around] that time period is when you could buy things like exploit kits and different pieces of malware on the internet that would let somebody that doesn’t really know what they’re doing perform much more sophisticated attacks,” he says.
Ghosemajumder says most hackers are motivated by the same thing: “In the vast majority of cases, the goal is money,” he says. “For criminal organizations, they have always been interested in money and it turns out that computers are now the most effective means of getting money out of other organizations.”
Compromised credit card and social security numbers are a hot commodity on the ‘Deep Web,’ a special version of the internet that requires a special browser to access. Criminals use cryptocurrencies like Bitcoin to pay for illegal services. It’s fast, it’s secret, and it’s virtually untraceable. With such a formidable force of hackers active online, many wonder why companies aren’t doing more to protect consumer information. CNN’s Tal Kopan says it’s possible that many companies don’t see enough financial incentive:
“Even the banking sector, where cyber security is arguably one of the most important things to their business model, [when] you put the percentage of money they spend on cyber security next to their total budgets, it’s a relative drop in the the bucket for a lot of them, and it’s not clear what it would take necessarily to get a company to recognize that this is going to take a serious investment.”
Kopan contends that consumers and businesses alike should make it a point to better understand the threats that are out there:
“When people hear ‘cyber security,’ their eyes may glaze over a little bit. It may sound too scary, but there’s a lot that’s quite understandable. [It’s] really important to make yourself understand, as a business and as a consumer, what those basics are.”
Press the play button above to hear Take Two’s cyber security roundtable.