The report provides insight into hacker psychology, and details the technical strategies they learn, develop, and deploy. Forums are used by hackers for training, communications, collaboration, recruitment, commerce, social interaction, and selling of stolen data and attack software.
The hacker forums are also a valuable source of intelligence for information security professionals, noted Rob Rachwald, director of security strategy at Imperva. “You can discover the types of attacks they are thinking about”, he told Infosecurity.
“For example, you go and see if your company is mentioned on some of these sites. You can look at the type of attack tools they use so you can find out what the attack may look like”, Rachwald said.
According to Imperva’s examination of a major hacker forum with 250,000 members, the most discussed topics were distributed denial of service (DDoS) attacks, with 22% of discussions, and SQL injections, 19% of all discussions, the report found.
“They are spending a lot of time discussing DDoS evasion techniques and new forms of DDoS attacks….I thought the SQL injection would be a little higher. SQL injections require technical knowledge; they are not necessarily difficult but you need to know enough to be dangerous”, he explained.
Rachwald said that close to two-thirds of the hacker forum discussions were focused on data theft, and the rest was about DDoS.
The report also found that attack discussions in hacker forums increased exponentially over a four-year period, growing an average of 157% year over year since 2007.
Chat rooms are filled with technical subjects ranging from advice on attack planning and solicitations for help with specific campaigns. Forums are also a place where neophytes can find “how-to-hack” tutorials on various methods.
The majority of discussions focused on “beginning” hacking, with members devoting 25% of their time sharing “how-to” tutorials and discussing basic methodologies, indicating a strong, steady interest from new talent.
Mobile hacking has seen very strong growth in discussion forums, with iPhone hacking leading the way, the report found.
Rachwald said that sometimes smaller groups break off from the larger hacker forums to discuss issues that are not available to the public; these are called VIP groups. “A lot of groups break off and create their own forum, perhaps 20 to 30 people, and they can be very effective. No one can monitor their activities”, he related.