Pirates sell access to databases

The rise of online databases and storage systems is leading to a new type of piracy.

It seems that giving people access to databases has become rather lucrative.

According to the Education Chronicle,  one site, SciFinder, which offers an extensive database of scholarly articles and information about chemical, is finding that stolen or leaked SciFinder account information is making the pirates a bundle.

Michael Dennis, vice president for legal administration and applied research at the Chemical Abstracts Service, which runs the database, said that it has noticed reseller Web sites in China where it is possible to buy access to the site for a few cents.

Dennis said that he was shutting down hundreds of these every couple of month. he says but sometimes it is impossible.

The pirates use the Chinese eBay, Taobao, giving buyers hacked user names and passwords and instructions on how to remotely log in to a college Web site so that they appear to be at the university.

Part of the problem is that the universality stuff have a lackadaisical attitude to security and do not appear to care who has access to their accounts.

Another site that gave away hacked journal passwords, called journalpasswords.com, was shut down thanks to the efforts of the Association of American Publishers.

Hackers normally break into universities in search of user names and passwords so that they can flog them to spammers. But they are discovering that since scientific journals cost an arm and a leg it is worthwhile using them to sell access.

What might be more alarming for those who see a cloud-based future, it shows what hackers will be doing next. After all data sitting on a cloud will be an all you can eat buffet while users think that it is safe to use Username: username: password: password.