that you don't find are the ones to worry about.
Consider the following. Let's say I wished to change my transcript
from college to reflect better grades that than what I got. Do I hack
into the registrar computer and give myself all A's?
No that sloppy and will call attention to itself and me.
Rather I would hack in and write a program that changes at random
thousands of records by very, very small amounts over a long period of
time. My transcript would be just one of thousands that would have
been changed and by changing them very sightly, some grades going up
while other going down, it is not going to call particular attention
to mine over those of others.
The program would be set to run silently for a long period of time. It
would fire up run a few changes and then die for a random amount of
time. It would only change the records of graduates not current
students and it would make sure to time stamp the records in such a
way as to be logical taking the original last modified date and using
that for each change for example.
Current students tend to look at their transcripts far more often than
graduates. Ask yourself this when was the last time you looked at your
college transcript? Could you even remember what grade you got in
freshman English? Could you tell if it had gotten bump up by a half a
grade point all these years later?
Once the program had achieved the desired results, say increasing my
grade point average in college from a 3.01 to a 3.87 the program would
then delete itself and any support files it had used. I'd hide such a
program in the tmp or window temp directories, no one ever checks those.
My point is that we only catch the careless hacker the really good
ones, the ones who could do real damage never get found.
Greg
[ For info on ISED-L see http://www.gds.org/ISED-L ]
Submissions to ISED-L are released under a Creative Commons license.
