Breaking News Bar
posted: 8/13/2011 6:00 AM

Experts: Small targets no match for savvy hackers

hello
Success - Article sent! close
  • The best hackers can beat the tools meant to stop them and many potential victims don't know it.

      The best hackers can beat the tools meant to stop them and many potential victims don't know it.

 
Associated Press

LITTLE ROCK, Ark. -- An online attack against dozens of rural American law enforcement agencies in which emails, credit card numbers and crime tips were stolen and posted on the Internet has left some officials wondering how they can ward off future hacking attempts, if at all.

The attack by the hackers' collective Anonymous on agencies in five states -- Arkansas, Kansas, Louisiana, Missouri and Mississippi -- was likely so broad in scope because many sites were hosted by the same company, Brooks-Jeffrey Marketing, of Mountain Home, Ark.

Order Reprint Print Article
 
Interested in reusing this article?
Custom reprints are a powerful and strategic way to share your article with customers, employees and prospects.
The YGS Group provides digital and printed reprint services for Daily Herald. Complete the form to the right and a reprint consultant will contact you to discuss how you can reuse this article.
Need more information about reprints? Visit our Reprints Section for more details.

Contact information ( * required )

Success - request sent close

But the theft exposed a "dirty little secret" about hacking -- the best hackers can beat the tools meant to stop them and many potential victims don't know it, said Anup Ghosh, the co-founder and CEO of the software security company Invincea.

Most of the technology meant to prevent hacking was developed in the mid- to late-1990s, yet hackers have continued to develop their trade, Ghosh said.

"The guys writing the attack codes have evolved their technologies considerably," he said.

What has changed is that "hacktivists" such as Anonymous want the world to know about their crimes, breaches that were once kept quiet or that went unnoticed by hacking targets are now being trumpeted.

After posting the stolen law enforcement data online on Saturday, Anonymous members taunted local sheriffs on Twitter and the group's website, saying they wanted to embarrass and discredit law enforcement after a series of arrests targeting alleged members of the group.

Much of the pilfered information appeared to be benign, but some emails contained crime tips, profiles of gang members and other sensitive information.

The attacked websites appeared to be back up Monday, and the stolen information remained online elsewhere.

Kevin Mitnick, a Las Vegas security consultant and a former hacker, said simple security audits, in which someone like him tries to hack into a site, can show a website's vulnerabilities.

But Heather Egan Sussman, an attorney in Boston who specializes in information privacy, said she wondered if cash-strapped government agencies can afford the privacy measures they need.

"I think what we're seeing are state and local agencies that are underfunded, overworked, overstressed," she said. "And yet they are housing some of the most sensitive data about citizens and residents."

Share this page
    help here