Description: Charles Renert says the answer might surprise you. The bad guys couldn't spread the worms if the good guys hadn't first found the vulnerabilities and created the break-in code.
I'm here to talk about "who writes the worms." So worms, we're talking about those threats that spread to hundreds of thousands of machines in minutes. You all I'm sure are aware of them. The question is who is doing the writing of them, I mean I get that question a lot. Well the answer actually might surprise you.
So the first group of people I'd like to talk about are what I call the white hats. These are a group of very highly technical individuals. Their job is to dig into software and find vulnerabilities, extremely difficult to do. Very few folks can actually pull this off so it's not a very large group of people but what they'll do is they'll take the information that they've built and they'll generate a disclosure. So your intent, it's a very pure motive, they're going to create some text. They're going to send it to the vendor. They're going to send it to the public, not a lot of details, but enough to recreate the issue so that vendors can get on the problem and fix them.
So the second group is what we're going to call the gray hats. So somewhat less technical, but still pretty good and what they're going to do is, they want to take this disclosure and they want to generate something that actually can prove that it can break systems. So they're going to turn this into break-in code. So this is what these folks deliver; you take the disclosure, you do additional analysis, you create source code, you put it on the web, now you've proven that you can actually break into these vulnerabilities. But they won't do much else so they're really not trying to break into systems and do bad things, they're just trying to prove the case, and you know, these folks are motivated possibly by fame. You know, "hey great, I'm the guy that made this code," or maybe, you know, they'll sell some break-in code to vendors or to customers so that they can do pen testing essentially on their system.
The last group is the one that we're all worried about, these are the black hats, these are not technical at all typically, and what their job is, their job is to take the break-in code that's out there on the web and add a payload. So when we say payload what are we talking about? Well guess what: worms - spread yourself, trojans, viruses, spyware so all the bad things that we're trying to protect ourselves against, this group of people are the ones that are doing all the writing and they are motivated by all kinds of things, but we know these are the activities we really don't want them to do.
So back to the question "who writes the worms," the interesting point is, is that this group of people wouldn't be able to write the worms unless this group actually generated disclosures and then this group generated the break-in code. Even though these folks are trying to do the right thing, these folks are using that information to do the wrong thing.
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- ZDNet video: Intel® vPro™ technology and Cost Savings
-
Randy Nystrom, an IT systems engineer at Intel, shows how vPro saves time and money by diagnosing PC problems remotely. (1 of 4 new videos with Intel engineers on ZDNet).
- Watch the video and more at Intel's Power Center >>
- Which solar technology will survive?
-
At the Cleantech Forum in San Francisco, Todd Glass of Heller Ehrman moderates a discussion, among tech execs, on the various solar technologies making a difference in the green movement.
- Watch the video >>
- Learn how collaboration fuels success with this FREE Economist report
-
According to a new study from the Economist, future success belongs to those who collaborate effectively. Learn how successful collaboration can improve profits, problem-solving, and competitive differentiation.
- Visit Cisco's Collaboration Resource Center today!
