Script Kiddies 2002 - A continued threat to online business
A bit of a break from writing about web marketing and ecommerce this week - on to the subject of Internet security and protecting your online business.
About 18 months ago, I released a series of articles in relation to the Script Kiddie problem (see below). I thought I'd carry out some follow up research to see what the situation was in 2002 and I'm sorry to say it's no better - it's gotten a whole lot worse.
To summarize; a Script Kiddie is typically a young male, usually not by any means a computer expert, who exploits weaknesses in security systems discovered by someone else.
A script kiddie is a wannabe hacker who scans the Internet for compromised systems using freely available tools - in other words, an absolute pain in the ass and at the bottom of the pile in the hacking world. Unfortunately, they don't see it this way.
As an example of their often lacking knowledge, I recently read of a case where Script Kiddies used a sophisticated piece of hacking software to break into an operating system and then proceeded to attempt to run commands that weren't even compatible with that system!
They are of particular annoyance to online businesses such as ourselves as we spend many hours each day connected to the Internet. Script Kiddies constantly probe away at our systems, looking for a point of entry. This mosquito like method of attack has made it necessary for us to move most of our records to another PC that is not connected to the Internet or even to our network while we are online. We now use and monitor firewall services, anti-virus and kiddie tracking software as part of our day to day business - a great deal of time, money and energy is expended on these things, but it's become a necessary evil.
While the prevalence of Script Kiddies has been widely covered in articles and tutorials such as this, it hasn't stemmed the flow of attacks or the "breeding" of these packet monkeys. It seems that as fast as these socially challenged individuals are apprehended, another crop of graduates emerges from Moron University.
Script Kiddie attacks have more than doubled over the past two years according to figures sourced from Cert.org. CERT is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.
Some of the increased activity seen below is due to rapid growth in the numbers of online destinations, some of it also attributable to the availability and simple operation of tools for carrying out attacks.
Year - Incidents reported
1988 6
1989 132
1990 252
1991 406
1992 773
1993 1334
1994 2340
1995 2412
1996 2573
1997 2134
1998 3734
1999 9859
2000 21,576
2001 52,658
2002 (Q1-Q2) 43,136
Note: a single incident may refer to one or thousands of web sites in one attack.
Source: http://www.cert.org
While these figures also include "real" hacker activity, the vast majority is script kiddie related, and it looks as though 2002 is going to be a bumper year.
Script Kiddies cost the ecommerce community many millions of dollars each year, not so much through them "stealing" money from our accounts (most of them aren't that skilled), but in the expenses associated with the purchase of security software and the downtime incurred when they deface our web sites, delete files from our drives or infect our computer systems with viruses.
Thankfully, there's a wide range of security software available to help protect your systems against script kiddie attack, including attacks originating from within your business. It's not uncommon for these people to compromise their own employers systems. If you have a home based business and other members of your family use your business computing equipment to access the Internet, this also poses a serious risk as family members can inadvertently leave your systems wide open to attack. To review a range of Internet and computer security software, view:
http://www.tamingthebeast.net/tools/security-software.htm
For further information about the Script Kiddie problem, and what you can do to minimize risk, the following articles are also available:
Script Kiddies - Vermin of the Internet
People with no lives, and how they can adversely affect yours. An overview of the Script Kiddie problem and the security threats to your online and offline business systems.
http://www.tamingthebeast.net/articles/scriptkiddies.htm
Script Kiddies II - An advice to parents
Script Kiddies tend to be teenagers - Parents, do you know what your kids are up to on your computer and while surfing the Internet?
http://www.tamingthebeast.net/articles/scriptkiddies2.htm
Script Kiddies 3 - Grill a Kiddie
Slowly, slowly catchee kiddee - how to report a wannabe hacker and other security breaches. Protect your online business by grilling a kiddie!
http://www.tamingthebeast.net/articles/kiddies3.htm
It's in your clients' interests and ultimately that of your online business to be aware of the hazards posed by Script Kiddies. While the figures from authorities such as CERT.org don't look encouraging, with education and following up on web based attacks, we can make a difference and not become a statistic. I feel that it's also important that schools and parents begin educating children a great deal more in responsible computer usage - a bit like the "Just Say No" anti-drug campaigns.
Being a script kiddie is not a cool Internet hobby - it wrecks peoples lives - both online and offline. Their immature activity also endangers the continued viability of many ecommerce based ventures - and I'll be damned if I'm going to let some socially maladjusted teenager who has no sense of consequence or conscience threaten my livelihood - how about you?
Michael Bloch
Taming the Beast.net
http://www.tamingthebeast.net
Tutorials, web content software and tools.
Web Marketing, eCommerce & Development solutions.
Copyright information.... This article is free for reproduction but must be reproduced in its entirety & this copyright statement must be included. Visit http://www.tamingthebeast.net to view great articles, tutorials and tools for site owners, web developers and Internet marketers! Subscribe for free to our popular ecommerce/web marketing ezine!
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More How To Articles
More By Developer Shed
 developerWorks - FREE Tools!
|
Poor Requirements Management capabilities in an Enterprise have been linked to excessive project failures, escalating IT costs, and failure to deliver competitive advantage into the marketplace. Join Brianna M Smith from IBM Rational and learn about how successful organizations align IT and Business stakeholders through collaborative processes and tools for effective requirements management, and how an integrated approach across the IT lifecycle can provide unparalleled visibility and traceability to ensure that project teams are delivering on the business vision by "doing the right things" and "doing things right."
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download IBM DB2 Express-C 9.5, a no-charge version of DB2 Express 9 database server. DB2 Express-C offers the same core data server base features as other DB2 Express editions and provides a solid base to build and deploy applications developed using C/C++, Java, .NET, PHP, and other programming languages.
FREE! Go There Now!
|
|
|
|
In this tutorial, you can learn how to install and configure the IBM Rational Asset Manager Eclipse client, explore the different views in the Asset Management perspective, learn various search techniques, work with existing assets, and submit a new asset.
FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference on December 11 at 1:00 pm ET to get tips on building your own plugins with Rational Method Composer. Get your questions answered!
FREE! Go There Now!
|
|
|
|
Join this Rational Talks to You teleconference on November 29 at 1:00 pm ET to participate in an interactive discusssion with Grady Booch around architecture and reuse. Get your questions answered!
FREE! Go There Now!
|
|
|
|
Because access to government information continues to be an area of concern for many U.S. citizens with disabilities, the U.S. government enacted Section 508 of the Rehabilitation Act in 2001 to ensure that government agencies create accessible Web content, enabling all citizens to access the information they need. A fully accessible Web site makes Web content accessible to all individuals, including those with disabilities, who may be accessing Web content via a variety of user agents. Common user agents include standard Web browsers, text-only browsers, assistive devices and mobile devices such as cell phones or personal digital assistants (PDAs).
FREE! Go There Now!
|
|
|
|
This whitepaper provides areas to consider when evaluating any software configuration management solution. It addresses how the IBM solutions (Rational ClearCase and Rational ClearQuest) meet the needs and requirements of both project leaders and developers to provide successful Software Change and Configuration Management.
FREE! Go There Now!
|
|
|
|
Regression testing -- in which code is thoroughly tested to ensure that changes have not produced unexpected results -- is an important part of any development process. But many testing environments neglect the terminal-based applications that still form the backbone of many industries. In this tutorial, you'll learn how the Rational Functional Tester Extension for Terminal-Based Applications works with other Rational Functional Tester to help test terminal-based applications quickly and easily.
FREE! Go There Now!
|
|
|
|
Try the latest version of IBM Rational Manual Tester V7.0.1 by downloading a free trial from IBM developerWorks. This manual test authoring and execution tool promotes test step reuse to reduce the impact of software change on testers and business analysts and addresses the needs of teams performing at least a portion of their testing manually.
FREE! Go There Now!
|
|
|
|
User communities play an important role in communication and collaboration around products, solutions and other areas of special interest to members. Successful communities are able to provide the right mix of content and services to deliver a value proposition that resonates with each audience. Join Tom Inman, VP of Marketing for Information and Platform Solutions as he introduces the new LeverageINFORMATION community. During this webcast, learn about the value provided by the community and how customers and partners derive value from the community in addressing their own technical and business challenges.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
