Information Warfare: March 29, 2002

Archives

One of the little known effects of the War on Terror is the impact on Internet hackers. While the amateur hackers (the "script kiddies") continue to attempt break ins at military web sites, many of the professional (or simply more skillful) hackers have stopped going after military sites. The reason is not patriotism, but fear. America considers itself at war and defenses at military web sites and computer installations has gone way up. Not only does this make it more likely that a hacker might get caught, but given the war fever, it's also likely that the penalties would be more severe than usual. But this is part of a trend that has been developing over the last few years. While always a popular target of hackers, most of the serious attacks on military networks increasingly tend to come from foreign governments, not skilled civilian hackers.

The script kiddies continue to provide most of the action, making sweeps of the Internet looking for vulnerable systems. Mostly adolescents or men in their 20s, this group is largely a threat to (usually small) organizations that cannot afford a skilled staff to run their Internet site, and home users with high speed (cable modem or DSL) connections. The more experienced hackers are directing their efforts more at being the first to find and exploit Internet software flaws. One of the hot areas right now are wireless Internet systems. These have a number of known security flaws and provide entertainment for those skilled enough to slip into PCs on wireless networks. 

The experienced hackers fall into two categories; the crooks and the thrill seekers. The criminal hackers are looking to make money, and they have many opportunities. Oddly enough, banks are not a favorite target. Financial institutions have the best network defenses and, perhaps more importantly, have a reputation for going after anyone who penetrates, or comes close to penetrating, their systems. A favorite new criminal angle is industrial espionage. This pays well, and provides more use stuff to be gotten out of a penetrated site. In the past, credit card information was the most valuable item sought. This could be quickly sold to gangs that would then quickly use the stolen credit card data before the card companies cancelled the accounts. This was pretty risk free for the hackers. Industrial espionage is another matter. Here you have to work with more vulnerable contacts and go after better defended sites. The credit card gangs were willing to let hackers remain pretty anonymous and, perhaps most importantly, were often based outside the United States. This made the credit card gangs harder to catch. Industrial espionage is usually done by U.S. firms against U.S. companies. The target companies have more lawyers, security people and friends in the FBI. The middlemen arranging the hacks try insulate themselves from illegal acts and are more willing to give up their hacker contacts if the FBI closes in. 

The business and law enforcement is becoming more capable of going after and catching illegal hackers, which is making illegal hacking a more dangerous proposition. Expect to see more hackers caught and prosecuted in the future. Catching these guys is actually becoming easier because the "hacker underground" is more organized. There are regular (although hidden and password protected) hangouts for the black hat hacker elite. Moreover, the black hats are losing the one trait that made them useful. In the past, the bad guys would often pass around security flaws they found in Internet software. No more, especially since the software publishers increased the speed with which flaws were fixed. A few years ago, it might take months for a security flaw to be fixed. Now, most are fixed in days or weeks. So the black hats tend to keep flaws they have found to themselves, and then try to exploit the flaw before other find out and the problem is fixed. 

Another vulnerability is the increased "can you top this" competition. This is how the pecking order is established among the black hats; who has pulled off the most impressive hacks. Find one big security flaw, exploit it and let the media run with it, and your reputation is made. But that also tends to get you on the FBI target list.

At the moment, the FBI is distracted with the war on terrorism. This, of course, is why the black hat hackers are staying away from military sites. But gradually, the hacker cops will move back to chasing civilian hackers. And because of the war on terror, the police have hired and trained more people who can go after Internet criminals. The heat is on Internet criminals long term, because the police have noted that these black hat hackers often don't care who they work for. Some would perform "industrial espionage" against governments for terrorist groups. This makes Internet crime a potential act of war. The results of this shift in attitude should be as interesting as it will be unpredictable.


 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close