Good-guy hackers and other infosec anomalies

Summary:IBM's Michael Montecillo talks through good-guy hackers, click fraud, and his views on the profile of hacktivism, following the arrest of key Anonymous and LulzSec members.

We're always hearing about the current trends in the threat landscape, and they're always the same. So, for a change, let's hear about some of the anomalies.

Take, for example, the sudden demise of the SQL Slammer worm. Once the scourge of the internet, about a year ago SQL Slammer suddenly all but vanished. Some speculate that a good-guy hacker or hackers cleaned it up.

"There are folks out there that break into systems specifically for the reason of fixing them up," said Michael Montecillo, a threat research and intelligence principal with IBM Security Services.

In this week's Patch Monday podcast, you'll hear an interview with Monticello, recorded at the recent IBM Security Symposium in Sydney, covering good-guy hackers, click fraud, and his views on the profile of hacktivism, following the arrest of key Anonymous and LulzSec members.

There has certainly been a drop in the number of hacktivist incidents, and, in May, Barrett Brown lamented the loss of political sophistication in Anonymous' actions . But technical sophistication is harder to measure.

"This is one of the things in security; we've never come out with a comprehensive measuring strategy for what we say is sophisticated and unsophisticated. It's kind of finger-in-the-wind measurement of the temperature, right?" Montecillo said.

"Certainly, there are [sophisticated] attacks ... but even in HBGary, some of the methodology that they used has existed for quite some time."

To leave an audio comment on the program, Skype to stilgherrian or phone Sydney +61 2 8011 3733.

The Black Hat presentation on click-fraud reference by Montecillo was: Get Rich or Die Trying — Making Money on the web the black hat way.

Running time 19 minutes, 07 seconds

Topics: Security, IBM, Malware, Privacy

About

Stilgherrian is a freelance journalist, commentator and podcaster interested in big-picture internet issues, especially security, cybercrime and hoovering up bulldust. He studied computing science and linguistics before a wide-ranging media career and a stint at running an IT business. He can write iptables firewall rules, set a rabbit tr... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.