First a threat emerges and then the IT community responds. By then, the bad guys are already looking for a new weakness to exploit. There may actually be hundreds or even thousands of hackers looking for new ways to penetrate perimeter defenses or operating system loopholes. Once an exploitable weakness is found, the methods to take advantage of it are distributed and the race is on for IT to plug the hole.

Previously, the back and forth battle between hackers and IT departments was led by a group of disconnected loners on the hacker side of the fence. Typically under resourced and by their very nature secretive, these hackers went after whatever targets of opportunity they could find. Tips, tricks and best practices were shared, but hacking was more of a social function than a directed attempt to accomplish a mission objective.

Unfortunately there is a very troubling trend emerging in cyber crime; a trend that may actually tip the scales in favor of the hackers. The hackers are uniting and forming organised groups. These groups are well funded and are staffed with large teams who may have higher skill sets than your IT department. They are likely going after a specific target and have a project plan with a goal and milestones along the way.

So who are these criminals? More importantly, what do they want and what can you do to stop them? Forget about Tony Soprano and his stranglehold on the Sanitation Workers’ Union. The gangster you need to be worried about is Sergi Ivanov and his band of Romanian hackers. Over the past few years, Eastern Europe has emerged as the epicenter for identity theft.

Through spear phishing, database cracking and a variety of other methods, these groups are stealing your customers’ credit card numbers, social security numbers and mother’s maiden names (the bastards - Ed!). Stolen in bulk or one at a time, this information is sold on the black market for a high profit. There is even an eBay of sorts for stolen credit card numbers.

Remember those hackers we used to be worried about? A lot of them were teenagers operating out their parents’ houses. Well they grew up. Some of them never got the hang of the nine-to-five job, but they have bills to pay now. Why not just use the skills they’ve acquired and get paid doing what they love to do: hacking.

In fact, there’s a booming economy out there for hackers for hire. These groups have their own conventions and job boards just like legitimate IT contractors. So unlike before when these hackers would look for just any old system to hack into, now they have a specific target to hit and are being paid good money to hit that target. Worse is that they are working in teams; some may even have performance incentives built into their job contracts.

As if the idea of organised groups of hackers wasn’t scary enough, there is now growing proof that some governments are in on it too. Even with all the hackers out there, some people feel safe because there are so many targets available, allowing you to ‘hide in the crowd.’ What happens, though, when a government with seemingly infinite resources at their disposal starts to monitor all the data moving across their networks?

Hiding in a crowd no longer works because every last bit and byte moving across a WAN can be sniffed and stored. Pattern recognition programs can be used to weed out the data that may be valuable to someone, whether it’s financial data, intellectual property or strategic plans. If Chinese hackers (assumed to be backed by the government) are able to breach the Pentagon’s network, it’s a good bet that they are sniffing packets on China’s Telecom networks too.

The really bad news in all of this is that we don’t get what these hacker groups are after - and because of this, we make it easy for the hackers to retrieve the sensitive data. Companies in particular are just about handing over the data on a silver platter.

The hackers don’t care about taking down your network or disrupting your e-commerce solutions. In fact, they want your network to be up and running because when it is, you are moving data around on it, lots and lots of data, which is exactly what they are after. Your data is worth money. Your data is what they want.

“But I have data protection solutions installed,” you say. “I have IDS and firewalls,” you shout. And the hackers smile because they won’t bother breaching your network (unless you leave the door wide open). No, instead they will monitor the WANs and wait patiently for you to send the data beyond the firewall and other perimeter based defenses; over the service provider network you think is secure; and then maybe even over the Telecom system where the hackers have an inside guy or even completely own outright.

Ultimately, the data arrives at the destination and gets safely brought behind another set of perimeter defenses. The data is all there on the receiving end so nobody has stolen it, right? Wrong! As soon as the data leaves your perimeter, criminals can siphon it right out of your hands. If you are not protecting your data ‘between the rings,’ that is, as it moves between the various perimeter defenses you have set up on all your LANs, then you might as well just send the criminals a disk with the data on it. It would save them a step, which they would surely appreciate.

So what can you do about it? The first thing is to recognise that these criminal groups are after data, not the network. Therefore, any and every security strategy should have data protection as its primary purpose. Firewalls only keep people off your LAN and for the most part can easily be breached. IDS systems do not protect your data; they just let you know when the rest of your security solutions have failed.

Get ahead of the game and break the cat-and-mouse cycle by adopting proactive security measures. If your security solutions are set up to alert you in the event of a breach, it’s already too late. Deploy solutions that keep the bad guys from getting your data in the first place. Encryption is especially effective here because even when hackers get access to the data stream (and you never really know when they do, especially ‘between the rings’), the data is useless and worth nothing. The best protection you can ever have from data thieves is to have nothing they can profit from. You have two choices: stop moving data around or encrypt it.

Written by Jim Doherty, a confessed paranoid obsessive