
[2] Computer security insiders are usually careful to use the term cracker for someone who tries to gain unauthorized entry into a computer system, reserving hacker as a complimentary term for someone adept at programming. But we'll stick with the popular usage of hacker as an intruder.
[3] As with many high tech ventures in today's robust economy, finding good people will be our biggest challenge. Programmers with malicious or criminal bents tend not to be the exceptionally talented; most of those make pretty good money in legitimate jobs. If the bloom fades on the tech stock market, however, there could be a lot of high-living programmers who suddenly don't have jobs. In the meantime, we could use "false flag recruitment" techniques, convincing candidates that they would be serving a bank.
[4] Though our heist will be electronic, it would probably be close to impossible to pull it off without someone providing information from the inside. Levin had an inside partner on the Citibank job.
[5] Preferably we target a midsize bank that has moved aggressively into information technology and Internet banking, because competitive pressure from technology-savvy big banks has probably caused them to get in over their heads, opening up security gaps. Says Higgins: "Those banks are rushing into technology, and they don't comprehend it completely."
[6] According to Jim Settle, founder of the FBI's original computer crime squad and now CEO of security consultancy SST, a successful electronic bank heist should take about six months.
[7] To get our seed money, we can form a private syndicate of the sort that has cropped up to support computer credit card fraud operations in Russia. You'd think we'd be able to work with organized crime, but for now these people "are way behind the curve, for reasons nobody understands," says Settle. In any case, a syndicate or crime boss is going to want a near-guaranteed ROI. If we can't be convincing in that regard, and we lack even the tiniest shred of ethics or patriotism, we can always approach a hostile foreign government--Iraq, North Korea, Russia, and so forth--or even a terrorist organization. Saudi terrorist Usama bin Laden would probably be an eager backer, according to Kawika Daguio, a security expert who heads the bank-supported Financial Information Protection Association, because bin Laden has publicly declared his interest in disrupting U.S. financial institutions. Besides providing ready cash, these sorts of backers won't be on our case about ROI, says Daguio, because "the theft of money could trigger a crisis of confidence, and it doesn't have to be a huge amount."
[8] We should be able at least to match Levin's initial haul from Citibank, but we could expect to steal as much as $1 billion because of lax standards over the past few years, Friel says.
[9] Most midsize banks don't bother to do more than the most cursory of background checks of blue-collar employees and contractors.
[10] This is the opposite of what David Remnitz, CEO of New York information security consultancy IFsec, calls the "Catherine Zeta-Jones" approach--a big-bang, instant hack of the sort popularized by Hollywood and the New York Times that bears little resemblance to the sort of hacking that organizations really need to fear.
[11] Virtually all banks, and most midsize and large companies, have by now installed a combination of hardware and software firewalls that sit between the outside world and the main gateway to the internal network. Some firewalls are harder to defeat than others, but we won't really care because we won't want to go through the network's main gateway anyway. Hackers usually look for the digital equivalent of rickety back doors and unlocked or easily breakable windows. By the way, larger banks and other businesses sometimes spend as much as millions of dollars apiece on automated "intrusion detection" software. But Settle points out that his company is often hired by companies to try to break into their networks, and in 40 break-ins his team's incursion has been detected only once.
1 komentar:
I'm hacker and Services provider
intersted in any thing i do fair deals.
I will show you everything to be sure
that all is legit and risk free
also teaching hacking / Spam / mobile hacking / Carding
...Western Union transfer
...Bank Transfer
...Credit Card / Debit Card
...Grade Change
...Bill payment
...Fake Documents
...College Fee
...andriod hacking whatsapp
...Social media Hacking Email/ facebook
I have all tools that you need to spam
Credit cards.. money adders.. Bank Account
Social Media..
Contact:
gmail : omoskovitz@gmail.com
Post a Comment