A script kiddie or skiddie,[1] also skid, script bunny,[2] script kitty,[3] script-running juvenile (SRJ) or similar, is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites.[4] It is also used to describe those who do the previous, but do not have an understanding of programming or computer networks.
Characteristics
In a Carnegie Mellon report prepared for the U.S. Department of Defense in 2005, script kiddies originated at www.FairfaxUnderground.com
Examples
Script kiddies are often able to exploit vulnerable systems and strike with moderate success. Some of the most infamous examples include:
Michael Calce
Calce, a.k.a. MafiaBoy, a high school student from Montreal, Canada, was arrested in 2000 for using downloaded tools to launch a series of highly publicized denial-of-service attacks against high-profile Web sites such as Yahoo!, Dell, eBay, and CNN. The financial impact was estimated at roughly $1.2 billion in global economic damages. Calce initially denied responsibility but later pled guilty to most of the charges brought against him.[5] His lawyer insisted his client had only run unsupervised tests to help design an improved firewall, whereas trial records indicated the youth showed no remorse and had expressed a desire to move to Italy for its lax computer crime laws.[6] The Montreal Youth Court sentenced him on September 12, 2001 to eight months of "open custody," one year of probation, restricted use of the Internet, and a small fine.[7]
Netbus
In 1999, an unknown script kiddie used NetBus to discredit a law student studying at the Lund University in Sweden. Child pornography was uploaded onto his computer from an unidentified ___location. He was later acquitted of charges in 2004 when it was discovered that NetBus had been used to control his computer.[8]
Jeffrey Lee Parson
Jeffrey Lee Parson, a.k.a. T33kid, was an 18-year-old high school student from Minnesota who was responsible for spreading a variant of the infamous Blaster computer worm. Parson only modified the original Blaster worm, already prevalent, using a hex editor to add his screen name to the existing executable, and then attached another existing backdoor, Lithium, and posted it on his website. By making this subtle modification, the new executable was considered a variant, and authorities were able to trace the name back to him. The program was part of a DoS attack against computers using the Microsoft Windows operating system. The attack took the form of a SYN flood which caused only minimal damage. He was sentenced to 18 months in prison in 2005.[9][10]
See also
References
- ^ Cite error: The named reference
Reg01was invoked but never defined (see the help page). - ^ "Script bunny - definition". SpywareGuide.com.
- ^ Baldwin, Clare; Christie, Jim (July 9, 2009). "Cyber attacks may not have come from North Korea". San Francisco; Reuters.com.
- ^ Lemos, Robert (July 12, 2000). "Script kiddies: The Net's cybergangs". ZDNet. Retrieved 2007-04-24.
- ^ Long, Tony (February 7, 2007), "February 7, 2000: Mafiaboy's Moment", Wired magazine, retrieved 2007-03-27
- ^ "Prison Urged for Mafiaboy", Wired magazine, June 20, 2001, retrieved 2007-03-27
- ^ "FBI Facts and Figure 2003 - Cyber Attacks Net Jam". Federal Bureau of Investigation. Archived from the original on 2003-12-10. Retrieved 2010-09-22.
- ^ Olander, Mikael (November 28, 2004). "Offer för porrkupp" (in Swedish). Expressen. (English Tr.)
- ^ Lagorio, Christine (January 28, 2005). "Prison Time For Teen Virus Guru". CBS News. Retrieved 2008-12-22.
- ^ Leyden, John (September 1, 2003). "Parson not dumbest virus writer ever, shock!". The Register.
Further reading
- Tapeworm (2005). 1337 h4x0r h4ndb00k. Sams Publishing. ISBN 0-672-32727-9.