Tuesday, March 6, 2012

Hacking for Money

Hacking has changed.  It used to be a college kid who liked to explore networks late at night, sitting in his dorm room at his computer, sipping Mountain Dew.  Or maybe a thief trying to steal credit card numbers--a criminal, but not a violent, gun-toting criminal.

That has changed.  Consider the new term in use:  Advanced Persistent Threats.  That's what they call it now.  Instead of independent actors, hackers have become employees of governments, corporations and criminal syndicates.

Hacking has gone from being a tool of exploration to a weapon of choice.  It is flexible and provides those who engage in it with plausible deniability.  In this weaponized version, hacking can steal intellectual property and technology for economic or military gain, sabotage enemy infrastructure and crush internal dissent.

An article by Adam Piore in the January issue of Popular Mechanics provides some good examples of these variations.  In 2011, a cyber attack on Japan's Mitsubishi corporation targeted both military data about submarines and missiles, and civilian data on nuclear power plants.  After an investigation, Japan concluded that China was behind the attack.

Back in June of 2010, Iran's nuclear program discovered its computers were infected with the Stuxnet worm, a type of malware which loads faulty code into the system.  Because the United States and Israel have openly opposed Iran's pursuit of nuclear weapons, they were the main suspects in the sabotage.

One of the scariest applications of hacking is for political oppression.  Iranian hackers invaded the Dutch company DigiNotar and used the data to intercept and identify 300,000 Gmail users in Iran.  In a tightly controlled regime like Iran, opposition parties use email and social networks to communicate, so this type of hacking poses a direct threat to their safety.

In addition to all these, criminal hacking has expanded into well-funded groups using very clever methods.  But according to Piore's article, the most aggressive hackers are countries, especially China, Russia and Israel.

As an online individual, you're probably not of interest to anyone other than identity thieves and spammers (and advertisers and your own government.)  But if you work in any industry related to military technology, computer services, telecommunication or infrastructure like water and electricity, you may find yourself targeted through social network messages and email containing bait links that will load malicious software onto your home or work computer.  So think carefully before you click that next link.

(The pic is of a Venus Flytrap trying to eat a frog and is from www.animalseatinganimals.com)

No comments:

Post a Comment