Vulnerability Management

Real-world web abuse: Identity theft

For hackers, the holy grail of online abuse is money and credit card theft. However, strict financial and identity theft are only a portion of the attacks targeting websites today. There is a growing underground gray market economy for abuse, and while it often doesn't make headline news, it causes real problems for online companies and individuals.

Hackers are not always motivated by money. For example, recently a former California high school senior pleaded guilty to breaking into his school's computer network to alter his grades. He used hacking skills to ultimately enhance his appeal to colleges. It is difficult to measure the damage of this student's actions. In the underground gray market economy, these skills can be used to improve or lower students' grades for barter or money, or simply for bragging rights.

Money doesn't have to be stolen to financially impact companies. Another area of web abuse is exploiting points-based systems. By increasing the number of frequent flier miles in an account, free flights are the obvious benefit. Legitimate users would be disadvantaged by not having access to seats, and airlines would lose revenue. In the same vein, hackers can alter online game scores to improve rankings and then sell these points to others players anywhere in the world. This behavior creates revenue, increases online status and has a relatively low risk of detection.

Potentially, one of the most damaging forms of web application abuse is voting fraud. This season, the popular TV show American Idol announced it would use Facebook to pick this year's winner. The impact of voting fraud extends far beyond reality TV voting and could also affect political elections. Just think: a script to command a botnet to record millions of votes could affect the outcome of world politics in a significant way.

Sometimes, hacking is not only about credit cards and identity theft. The underground gray market economy is a marketplace where hackers – whether individuals or organized gangs – use their skills for personal gain or for street cred. As the scenarios above illustrate, its effects reach far beyond just financial gain. Various forms of web abuse impact public image, customer relations and more.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.