Xem mẫu

  1. What Are the Motives? There is no shortage of motives behind the threats that attackers come up with. Perhaps the most dangerous motive is the conscious decision to break the law, typically in an effort to gain some financial or monetary gain. Often, criminals develop attacks and exploits with the sole purpose of gaining illegal access to systems, typically for the purpose of monetary gain. This gain could come from obtaining personal information and committing fraud with that information, gaining access to data and blackmailing the victim into paying for that data, or stealing trade secrets from a competitor's system or undermining the financial stability of the company. A less-driven, but still dangerous motive is the simple desire to cause mischief and wreak havoc on an environment. Mischief covers everything from bored teenagers looking to do something they consider exciting and interesting, to the disgruntled ex-employee who is just looking to cause trouble for his former employer. One of the most difficult aspects of attackers motivated by mischief is that often the attacks they engage in have logical reason, especially if the attacker falls into the category of the bored person just looking for something interesting to do. Many times, their attempts at what they consider mundane and harmless activities can inadvertently cause significant problems or outages. Many virus writers fall into this category, not realizing just how much damage their innocuous virus can cause if someone is able to modify it slightly. Another angle for motivation is simple ego. Attackers are convinced that they are smarter than you, the defender, and an easy way to prove it is to compromise the system. They can then run off to their chat rooms and brag about how they were able to get the best of the company they targeted. However, the most troublesome motive comes from attackers with multiple motives. In this case, the attacker is frequently so driven by boredom, ego, and criminal behavior that nothing short of legal intervention can stop the attacker. Indeed, a number of attacks that may have started as untargeted attacks against an environment have escalated with bad consequences when attackers realized that what they did has been patched. Their ego cannot handle that they were stopped, and they become willing to undertake more riskyand more costlyactivities to prove that they are superior. Motives are not solely the realm of the attacker, however. As administrators, we have to know what our motivation is in protecting our resources. Ensure not only that you are protecting your resources, but that you are doing so in the proper manner. Although it is human nature when presented with an attack to want to lash out and strike back at attackers to teach them a lesson, that is not our place or our role. In fact, in the case of zombies, the system that you decide to strike back against often becomes an unwitting
  2. victim not only of the original hacker's attack on their system, but of your attack in an effort to teach the hacker not to mess with your systems. As cliché as it sounds, there are good guys and bad guys, and as administrators we need to make sure that our motives and undertakings remain on the side of the good guys.