Tech tips: Script kiddies

Much has been made in the last few weeks of script kiddies, and how they're all off writing software to steal your credit card details.

The reality is that the term is pejorative, with the word kiddie not necessarily defining someone as young, but as inexperienced.

Script kiddies are looking for an easy kill. That is, their disruption is usually accomplished by expending the least amount of effort necessary in the exploitation of their desired targets. This usually involves leveraging toolkits developed by more experienced hackers.

Carnegie Mellon University published a report stating that the typical script kiddie used existing and frequently well-known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the internet - often randomly and with little regard or understanding of the potentially harmful consequences.

These inexperienced exploiters are reviled by the vast majority of the hacking community as lacking sophistication and diversity.

However, it's the lack of diversity which makes their attacks easy to spot, and detect, since they reuse commonly known exploits.

When running up-to-date antivirus and firewall software on your machine, many attempts to infect your machine from websites will be blocked. Even if a script kiddie manages to install a keylogger, your firewall software can often intercept the malware's attempt to "phone home", the process of sending your personal details that it has collected to the hacker's server.

David Hallett is the chief nerd of Need A Nerd in the Waikato. Need A Nerd can be reached on 0800 633 326 (NEED A NERD). To ask a question email and be in with a chance to win ESET Smart Security 6 for PC and Apple Mac ($144).