Knowing your adversary's next move is an invaluable advantage when it comes to securing corporate networks. And although hackers are a notoriously unpredictable lot, researchers from Imperva recently gathered some insider intelligence that suggests which threat vectors cybercriminals are most likely to explore.
Imperva security researchers recently replicated a unique task they attempted for the first time last year: posing as a fly on the wall in underground hacking forums. This year they listened in on discussions across 18 different platforms, including one that boasted 250,000 members. While the talking points were as various as they were colorful, a number of common themes emerged.
According to the Imperva report, distributed-denial-of-service (DDoS) attacks and SQL injections continue to be the most popular topics of discussions – respectively attracting approximately 20 percent of all forum threads.
DDoS attacks have dominated the headlines in recent weeks as several big-name U.S. financial institutions have been afflicted. While some see these as relatively harmless – albeit annoying – distractions, several experts insist that they are being used as a smokescreen to cover more elaborate attacks targeting sensitive assets.
SQL injections have also returned to prominence in recent times, according to InformationWeek. The data security breach that may have compromised as many as 3.6 million Social Security numbers and 387,000 credit card accounts in South Carolina has been widely attributed to this database exploitation technique.
This mode of attack could also be particularly damaging considering the relative lack of dedicated defenses in place to stop it. Citing Gartner statistics, Imperva analysts suggested that just 5 percent of IT budgets are allocated toward investment on data center security solutions.
"By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts," explained Imperva CTO Amichai Shulman. "If organizations neglect SQL injection security, we believe that hackers will place more focus on those attacks."
Finally, it is important to note that these underground hacking forums are populated with much more than idle banter. According to Imperva, approximately one-third of all content can be classified as cybercriminal education – from tips for beginners to comprehensive walkthroughs and tutorials.
What's more, some are treating these platforms as a marketplace for illicit services. Whether it's an exploit kit for a credit card scam or 5,000 fraudulent Facebook likes for a burgeoning brand, all manner of black market amenity seems to be within a few mouse clicks.
Data Security News from SimplySecurity.com by Trend Micro