Script Kiddies 2002 - A continued threat to online business

By Michael Bloch
Posted Tuesday, September 7, 2004

A bit of a break from writing about web marketing and ecommerce this week - on to the subject of Internet security and protecting your online business.

About 18 months ago, I released a series of articles in relation to the Script Kiddie problem (see below). I thought I'd carry out some follow up research to see what the situation was in 2002 and I'm sorry to say it's no better - it's gotten a whole lot worse.

To summarize; a Script Kiddie is typically a young male, usually not by any means a computer expert, who exploits weaknesses in security systems discovered by someone else.

A script kiddie is a wannabe hacker who scans the Internet for compromised systems using freely available tools - in other words, an absolute pain in the ass and at the bottom of the pile in the hacking world. Unfortunately, they don't see it this way.

As an example of their often lacking knowledge, I recently read of a case where Script Kiddies used a sophisticated piece of hacking software to break into an operating system and then proceeded to attempt to run commands that weren't even compatible with that system!

They are of particular annoyance to online businesses such as ourselves as we spend many hours each day connected to the Internet. Script Kiddies constantly probe away at our systems, looking for a point of entry. This mosquito like method of attack has made it necessary for us to move most of our records to another PC that is not connected to the Internet or even to our network while we are online. We now use and monitor firewall services, anti-virus and kiddie tracking software as part of our day to day business - a great deal of time, money and energy is expended on these things, but it's become a necessary evil.

While the prevalence of Script Kiddies has been widely covered in articles and tutorials such as this, it hasn't stemmed the flow of attacks or the "breeding" of these packet monkeys. It seems that as fast as these socially challenged individuals are apprehended, another crop of graduates emerges from Moron University.

Script Kiddie attacks have more than doubled over the past two years according to figures sourced from Cert.org. CERT is a center of Internet security expertise, located at the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University.

Some of the increased activity seen below is due to rapid growth in the numbers of online destinations, some of it also attributable to the availability and simple operation of tools for carrying out attacks.

Year - Incidents reported

1988 6
1989 132
1990 252
1991 406
1992 773
1993 1334
1994 2340
1995 2412
1996 2573
1997 2134
1998 3734
1999 9859
2000 21,576
2001 52,658
2002 (Q1-Q2) 43,136

Note: a single incident may refer to one or thousands of web sites in one attack.

Source: (http://www.cert.org)

While these figures also include "real" hacker activity, the vast majority is script kiddie related, and it looks as though 2002 is going to be a bumper year.

Script Kiddies cost the ecommerce community many millions of dollars each year, not so much through them "stealing" money from our accounts (most of them aren't that skilled), but in the expenses associated with the purchase of security software and the downtime incurred when they deface our web sites, delete files from our drives or infect our computer systems with viruses.

Thankfully, there's a wide range of security software available to help protect your systems against script kiddie attack, including attacks originating from within your business. It's not uncommon for these people to compromise their own employers systems. If you have a home based business and other members of your family use your business computing equipment to access the Internet, this also poses a serious risk as family members can inadvertently leave your systems wide open to attack. To review a range of Internet and computer security software, view:

(http://www.tamingthebeast.net/tools/security-software.htm)

For further information about the Script Kiddie problem, and what you can do to minimize risk, the following articles are also available:

Script Kiddies - Vermin of the Internet

People with no lives, and how they can adversely affect yours. An overview of the Script Kiddie problem and the security threats to your online and offline business systems.
(http://www.tamingthebeast.net/articles/scriptkiddies.htm)

Script Kiddies II - An advice to parents

Script Kiddies tend to be teenagers - Parents, do you know what your kids are up to on your computer and while surfing the Internet?
(http://www.tamingthebeast.net/articles/scriptkiddies2.htm)

Script Kiddies 3 - Grill a Kiddie

Slowly, slowly catchee kiddee - how to report a wannabe hacker and other security breaches. Protect your online business by grilling a kiddie!
(http://www.tamingthebeast.net/articles/kiddies3.htm)

It's in your clients' interests and ultimately that of your online business to be aware of the hazards posed by Script Kiddies. While the figures from authorities such as CERT.org don't look encouraging, with education and following up on web based attacks, we can make a difference and not become a statistic. I feel that it's also important that schools and parents begin educating children a great deal more in responsible computer usage - a bit like the "Just Say No" anti-drug campaigns.

Being a script kiddie is not a cool Internet hobby - it wrecks peoples lives - both online and offline. Their immature activity also endangers the continued viability of many ecommerce based ventures - and I'll be damned if I'm going to let some socially maladjusted teenager who has no sense of consequence or conscience threaten my livelihood - how about you?

About the Author
Michael Bloch
Taming the Beast.net
(http://www.tamingthebeast.net)
Tutorials, web content software and tools.
Web Marketing, eCommerce & Development solutions.