The second annual Imperva Hacker Intelligence Initiative report, this one entitled Monitoring Hacker Forums, is out and reveals that the threat surfaces being discussed by the hacker community are very different from those that businesses are spending money on defending against attack.
The Imperva research analysed the content of a number of online hacker communities, including many lesser known forums in order to get a more accurate snapshot of what those doing the hacking are actually discussing. By looking at a total of more than 400,000 different conversational threads, Imperva was able to determine that SQL injection and DDoS, with a 19% share of the total conversational traffic each, were the most talked about threat topics. That's just over a third of all discussions in the hacker forums being focused on training and tutorials for data theft techniques which are not high on the enterprise security strategy agenda.
Yes, Imperva reckons, only 5% of the average enterprise security spend is actually dedicated to preventing the SQL injection threat. Most of the money, it seems, continues to be poured into 'traditional' defence measures such as antivirus and Intrusion Prevention Systems which are totally inept at identifying SQL injection threats.
“By examining what information hackers seek out or share in these forums, we can better understand where they are focusing their efforts,” said Amichai Shulman, CTO, Imperva. “If organizations neglect SQL injection security, we believe that hackers will place more focus on those attacks.”
Other highlights from the report include:
The market for social network endorsements are on the rise: In a keyword search relating to social networks, Imperva found that Facebook (39 percent) and Twitter (37 percent) were the most frequently discussed social networks. In reviewing social network related posts, Imperva observed a black market for buying and selling illegitimate social network likes, followers, and endorsements, with particular attention given to the origin of these likes and followers.
Hacker education comprises a third of all forum conversations: Of the total conversations analyzed, roughly 28 percent were related to beginner hacking and hacker training, while another 5 percent related to hacking tutorials. Both aspiring and veteran hackers frequent forums to exchange techniques, build credibility and publish their hacking successes.