Year of the cyber war?

[RTGHM]

These are my personal opinions.

So, we've seen a ton of things, like LizardSquad launching denial of services, but what really peaked my interest today is when I was searching on twitter and found what appears to be a group / person named "Armed Antrax" released two banking credentials (administrative), including the whole databases for 1 US-based bank, 1 Bahamas/Barbados-based banking system (From what I have found, it's  RBC co-owned/operated bank), and what appears to be a exploit that is unpatched on a forum software "PunBB". On top of that, there are just a ton of hacking attacks that are already going on on many sites.

Now I'm aware 99% of all "hackers" are really just script kiddies (skids) or, as Brian Krebs refers to them, NPT's (noob persistent threats), however there are still some people who know their stuff whom are not already arrested.

Will 2015 be the year of the cyber war?

 

[DomainBop]

Now I'm aware 99% of all "hackers" are really just script kiddies (skids)

99% of fame driven hackers (think curtisg or hackers who deface a website, or the skids who get pissed at a hosting provider after being terminated) are script kiddies but profit driven hackers like the ones who target banks, retail point of sale systems etc aren't script kiddies, and the government sponsored hackers who target government or corporate infrastructure (think Stuxnet) aren't skids.

For anyone who has some free time: a free 85-page research paper (.pdf) on the economics of hacking http://www.rand.org/pubs/research_reports/RR610.html

Will 2015 be the year of the cyber war?

It'll just be a continuation of the trends of recent years: script kiddies will be an annoyance but the real danger is the organized profit driven hacker gangs and government sponsored (and sometimes corporate sponsored) attacks/hacks against other countries' infrastructure and economies, and hacking done for espionage purposes (state secrets, trade secrets, etc)

 

[Munzy]

no, you just are sheltered and dont see the attacks that happen on a daily basis. If you have a server have you looked in /var/log/auth.log recently?

 

[RTGHM]

no, you just are sheltered and dont see the attacks that happen on a daily basis. If you have a server have you looked in /var/log/auth.log recently?

Everyday. I just enjoy logging into  my server and seeing things like today's failed login count: "201 failed login attempts"

 

[texteditor]

I'm switching cyberpunk gangs from the Detroit Deckers and aligning myself with the  rival gang Toledo Technomancers

I'm jacking in now

 

[RTGHM]

I'm switching cyberpunk gangs from the Detroit Deckers and aligning myself with the  rival gang Toledo Technomancers

I'm jacking in now

That just made my day.

 

[mojeda]

Everyday. I just enjoy logging into  my server and seeing things like today's failed login count: "201 failed login attempts"

If you're seeing that you should probably implement something to help reduce that.

Remember that it does take resources to handle failed logins, and if it's happening on a mass scale then it can affect performance.

Even switching the default ssh port and setting up something like fail2ban is worth doing in any setup.

 

[RTGHM]

If you're seeing that you should probably implement something to help reduce that.

Remember that it does take resources to handle failed logins, and if it's happening on a mass scale then it can affect performance.

Even switching the default ssh port and setting up something like fail2ban is worth doing in any setup.

I have fail2ban in place, however they just use a ton of proxies. Most of the IP's are based out of china, a few in brazil, united states, united kingdom