More hackers targeting financial institutions?

A recent internetnew.com article Sean Michael Kerner, points out the rise in “hacks” against financial institutions. Kermer states that out the 100 top financial institutions surveyed, 31 were attacked. But is this a real rise? And are these really hackers? Kermer goes on to confuse issues of viruses, malicious code, sabotage, and identity theft with this apparent rise in “hack attacks”.

Funny enough, when I was still in high school my 12th grade instructor’s mother was arrested for identity theft. She had no computer experience and was 86 years old. Is this woman a hacker or just a con? I think this is yet again another writer is confusing what a hacker really is. Let’s try and simplify. If you steal you’re a thief, if you talk some one into doing something they shouldn’t be doing you’re a con. But if you break into a computer system for the soul reason to play with it and learn that system you’re hacker, in it's purest definition. It’s really that simple.

As for the rise in viruses, worms, malicious code, and sabotage… let’s look at each of these. Most virus writers write viruses to test there programming skills never intending for there code to be released. If and when it is, there code gets modified by what some would call script kiddies. These kiddies re-release this code for fame, fortune, reputation, and practical jokes. The truth is, is that any real operating system is normally immune to viruses. So if big business moved there mission critical systems over to operating systems that were written correctly (Bsd, UNIX, Linux, OSX) these children wouldn’t be affecting there computer systems.

As for malicious code(exploit code), most code such as this usally starts off as proof of concept code. Security professionals and hackers find holes in software; they then send complete details of these holes and exploits to the responsible companies and corporations. When these companies fail to make any attempt to patch there system, a proof of concept (exploit code) is released. This makes company’s work to release patches for there software because this exploit codes are released in public forum. This means that any one, even kids, can take and use this code to create to do with there hearts desire. This is commonly how worms are created; both the Sasser and the Blaster worms were created based on this method.

So the real question isn’t “Are more hackers targeting financial institutions? “ The question is “Is my software company so bad at writing software that children are able to bring my organization to a stand still?” Keep in mind the Sasser author was only eighteen years old. Jeffrey Lee Parson was only eighteen years old when he created his variant of the blaster virus. These aren’t computer geniuses; these are kids who don’t know any better. If you have any doubt as to the quality of your operating system. Just get on Google, type in “(your operating system) AND Virus OR Worm”. For Linux, there’s less then a hundred viruses. For windows there’s hundreds of thousands.