No one is safe.

• Author: Berman, Alan
• Position: Cyber Security

IT IS HARD not to be aware of the threat of cyber terrorism. Media in all of its forms has assaulted us with the risks of hacking on a daily basis. No industry, government, or media outlet source is safe: Twitter, Target, Home Depot, SONY, J.R Morgan, the Internal Revenue Service, U.S. Office of Personnel Management, and Ashleymadison.com's adulterers' site, with its 37,000,000 members, all have been hit. There is no doubt that cyber terrorism has made us question the safety of using any cyber site or resource.

Despite the best efforts of cyber security professionals armed with a variety of intercept, detection, and deterrent software, successful attacks still are taking place at an alarming rate. The apparent ease of penetration and inability to identify threats until after an incident occurs has made it possible to create a new industry of thieves that have found back doors and other intrusion means through which they can extort, compromise, sell, and destroy information while being any place in the world.

In support of these invaders is a collection of software tools: password and wireless crackers, sniffers, spanners, vulnerability scanners, e-mail flooders, and other instruments of intrusion and disruption. While cyber security breaches have been a present threat for decades, much of the hacking performed in the past was done for the sheer sport of showing off prowess and gaining bragging rights. Those days are gone. The new breed of hackers is not the benevolent hackers of old, but a new group interested in the profits that can be derived from its efforts. Hacking has turned into an industry--and a very financially rewarding one.

Credit card hacking and the sale of information is a big business. Like all well-defined industries, hacking has a distribution system worthy of any major information network. Credit card data stolen from retailers, for instance, is sold in an underground hacker market (forums). The information containing customers' card numbers, names, and addresses are put up for sale and priced to match the value of the product. One such website, registered in Latvia, lists the credit card information (name, credit card number, expiration date, authentication code, etc.) along with zip codes, security codes, and e-mail addresses from the information stolen from the hacked site--in this particular case, Target. Like any good merchant, the seller enhances the product's effectiveness by making it easier for the buyer to use...