Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

DDoS and SQL injection are main topics on hacking forums

Forums provide a venue for hackers to sell and exchange information

Distributed denial of service and SQL injection are the main types of attack discussed on hacking forums, according to new research from security vendor Imperva.

Underground discussion forums are an important piece in the cybercriminal ecosystem. They offer a place for hackers to sell and exchange information, software tools, exploits, services and other illegal goods.

"Forums are the cornerstone of hacking -- they are used by hackers for training, communications, collaboration, recruitment, commerce and even social interaction," Imperva stressed.

The company's researchers have recently analyzed discussions going back several years from HackForums.net, one of the largest hacker forums with over 220,000 registered members. Their effort was aimed at determining the most common attack targets, what business trends can be observed, and what directions hackers are leaning toward.

As far as attack popularity goes, the analysts determined that DDoS was mentioned in 22 percent of discussions. SQL injection, a technique commonly used to compromise websites, is the second most frequently discussed attack method, being at the center of 19 percent of conversations.

Unsurprisingly, with a 16 percent discussion occurrence rate, spam is the third most favorite attack type according to Imperva's content analysis. That's probably because it is one of the primary methods of generating illegal income.

Zero-day exploits make up 10 percent of attack discussions on the forum, however, Microsoft's latest Security Intelligence Report (SIR) claims that this type of exploit is used in less than 1 percent of real-world compromises.

Forums are also an important learning tool for new hackers -- Imperva determined that up to a quarter of discussions fall into the beginner hacking category. Another 25 percent of conversations involved hacking tools and programs, while a fifth mentioned Web and forum hacking.

One trend observed by Imperva's researchers was that mobile hacking is increasingly popular. This is also reflected in real-world attack statistics and reports from other vendors. iPhone hacking in particular accounted for half of conversations on this topic.

Overall, discussions about hacking have increased more than 150 percent over the last four years. "We think the growth in hacker forum activity helps explain that, along with automated hacking, there are simply more hackers causing more breaches," Imperva concluded.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Imperva, Microsoft, SIR
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Imperva, security
Latest Blog Posts
Whitepapers
  • Optimised Data Protection for VMware® Environments with Symantec NetBackup™ Appliances
    VMware® remains the most widely deployed virtualisation solution. The explosive growth of VMware infrastructure in organisations both large and small has enabled corporations to more fully exploit their hardware investments. With multiple virtual machines running on few physical hardware nodes, hardware costs are reduced, as well as space, power, and cooling requirements. This white paper discusses in more detail how VMware environments can be protected with the NetBackup appliances. Read more.
    Learn more »
  • How progressive companies are using social technologies
    Social networks and collaborative technologies are now commonplace in many workplaces. Having first been used “on the quiet” by highly-networked employees, in increasing numbers they are now being proactively used by businesses keen to connect more effectively with their internal and external audiences. Web collaboration is now viewed as critical to company success and as having multiple benefits and applications to the business. Read on.
    Learn more »
  • The Top 5 Server Monitoring Battles—and How You Can Win Them
    The role of servers in your organization has changed substantially—with their uses, requirements, and complexity all increasing dramatically in recent years. Many of the traditional tools and techniques that worked in the past don’t suffice any more. Consequently, server monitoring presents several critical battles in today’s demanding environments. This guide looks at some of the most pressing challenges administrators face in ensuring optimal server performance, and it offers insights into the tools and strategies required to address these demands.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments