Is this the golden age of hacking?
Posted on 15 Jun 2011 at 09:00
Stewart Mitchell reveals how guerrilla groups, a recession and ever more complex networks are creating a boom time for hackers
Hacking dates back to the pre-internet era, but with a seemingly continuous wave of attacks hitting the public and commercial sectors there has never been a more prodigious period for hackers.
In only the past few weeks, Sony alone has been breached no fewer than 16 times, CitiGroup has seen its servers hacked and Google has pointed the finger at China for targeted attacks on Gmail.
That’s not all. A recent breach of RSA’s verification system led to further attacks on defence company Lockheed Martin, while in the past few days the International Monetary Fund has admitted its network was breached and the NHS saw its security flaws exposed by a hacker group posting details on Twitter.
In the past, there might have been lot of houses in the street with the same vulnerability, but no-one was going along and knocking on all those doors
Where mainstream alerts used to be rare, they are now daily news fare. But what is behind this unprecedented level of attacks? Security professionals warn of a perfect storm of better-informed hackers, more accessible networks and corporate cost cutting – never before has it been so hard to secure a network. And that's without an outbreak of state-driven cyber warfare. Are we embarking on a golden age of hacking?
Rise of the social hacker
Hackers use social networks and bulletin boards to club together into groups such as Anonymous and Lulz Security – and from these platforms they publicise their work, highlight vulnerabilities and exploit a WikiLeaks-inspired wave of public civil disobedience.
“It is something of a golden age because there are so many issues and people are highlighting those issues more than ever,” said Kevin Wharram, an independent security consultant. “A lot of this stems from WikiLeaks, because people suddenly realised there's much more information around and they're interested in what information they can get.”
Ease of access to tools has also led to an explosion in the numbers of people actively looking for companies with weakened defences; whereas a break-in might previously have been opportunistic, current attacks are far more methodical.
“In the past, there might have been lot of houses in the street with the same vulnerability, but no-one was going along and knocking on all those doors,” said Wharram. “But now they have been highlighted, so people are looking to expose more data.”
Twitter has also provided a highly visible noticeboard for hackers, many of whom are primarily motivated by the kudos of being the first to discover a vulnerability and expose companies that haven't patched publicised weaknesses. Lulz Security, for example, was virtually unheard of until it hacked into Sony Pictures at the beginning of June and now boasts 130,000 followers. Perfect fodder for anyone with an appetite for attention and a set of hacking skills they wish to show off.
SciFi predicted it all....
Science Fiction predicted this state of affairs a long time ago. The best-known prophet of this particular doom is William Gibson, whose noirish take on the "information age" introduced the world at large to Cyberpunks.
Virtually every novel that plots the future is currently a dystopian one. They almost invariably point to a world where information is valuable, accessible (if you know how) and alarmingly malleable.
Any notion of "privacy" as we might currently define it goes out the window as we become increasingly locked-in to our gadgets.
Once most of the world is defined by and (metaphorically) re-created inside Data Centres we all become increasingly vulnerable to various kinds of Cyber Attack. At the simplest level there is individidual identity theft \ impersonation \ robbery etc. This escalates to "re-writing" someone's identity: at the simplest level simply re-directing email, bank-statements etc, at the other end of the spectrum re-writing criminal records, Bank Accounts and DNA profiles...
Corporations are already dipping their toes into Cyber Warfare, and I'm sure some have gone much further. States too are happy to infect one another's systems with worms, trojans and viruses. A few well-placed bits of false data fed into the automatic transaction systems that are becomiong the "world economy" doesn't bear thinki8ng about.....
Its a brave new world and those of us who live a virtual, as well as a real life need to be aware of the risks. I take what I believe to be adequate precautions, and make a calculated risk where I don't.
Corporations and Governments need to get wise to these threats and do likewise.
By wittgenfrog on 15 Jun 2011
A fair and insightful article
The possibility of commercial espionage in the Sony hacking saga was something that I had not considered, so that was enlightening! After all, who might be behind these hacking groups? Panasonic and Apple are both renowned Sonyphobes, so their covert sponsorship of these hackers would not be completely inconceivable!
And I agree that the so-called “plumber’s ploy” (so-called by me!), where trusted professionals induce problems to simply sell a solution, is not new but also worthy of your mention.
I'm surprised that the usual suspects are not here to go hammer-and-tongs!
By Techette on 15 Jun 2011
Missed a little bit out...
Interesting article, but you missed a whole chunk on cyber-terrorism, which is the real threat. A scenario that is not hard to imagine is where cyber attacks occur on country mission critical services - e.g. media, telephone networks, banking. That's where the the real kicker will come. How many people don't own a home phone any more? Or who rely solely on plastic cards to pay for essentials, or who use only digital media to stay informed. And let's not start on energy providers. Although I've been reliably informed that power station networks are "closed".... In any case, if a country decided that they wanted to weaken the UK, what would it really take to send us into relative chaos?
That's the real threat. With a recession on, taking away other forms of income generation would send this whole country into self destruct mode.
You can bet your last penny, that this is exactly what's happening right now.
Anyone stocking up on tins of peaches? ;-)
By CraigieDD on 15 Jun 2011
With the apparent lack of ethics that some of the financial investment house appear to have, an attack like the Sony one(s) are a quick and easy way to sell stock short and make a bundle.
By Ex_Sailor on 15 Jun 2011
It is Cracking Not Hacking.
Hacking is making cool things from improbable combinations of common items.
Cracking is breaking security.
This is just basic English.
By ItIsCrackingNotHacking on 15 Jun 2011
Just basic English?
v. hacked, hack·ing, hacks
1. To cut or chop with repeated and irregular blows: hacked down the saplings.
2. To break up the surface of (soil).
a. Informal To alter (a computer program): hacked her text editor to read HTML.
b. To gain access to (a computer file or network) illegally or without authorization
4. Slang To cut or mutilate as if by hacking
1. A rough, irregular cut made by hacking.
2. A tool, such as a hoe, used for hacking.
3. A blow made by hacking.
4. A rough, dry cough.
By greemble on 16 Jun 2011
What he's saying is that this is a complete misuse of the word hacker, hackers are what built Unix and Linux, they provided the roots of most operating systems, they improve software and find new uses for hardware. The article makes the mistake of equating hackers with crime and illegality, this was a journalistic error that has been perpetuated over the years until now 'Hacker' is synonymous with crime.
By pinero50 on 16 Jun 2011
Jargon, not basic English
Fair enough, the term as originally used by those involved with building *nix may have become misused/changed - see 3.a & 3.b above - but basic English it certainly isn't.
By greemble on 16 Jun 2011
Both points are correct, but i'd simply look at it that modern languages adapt to modern usages.
What where termed hackers are probably better referenced as highly gifted programmers...
To add fuel to the fire Cracking tends to refer more to breaking serials or encryption, and hacking to the other nefarious acts of breach and exploration of networks etc.
By Gindylow on 16 Jun 2011
Whenever I think of hackers, the image of Robert De Niro as Archibald Tuttle in Brazil comes to mind. A hero or anti-hero operating clandestinely who breaks all the rules and causes mayhem.
By fogtax on 16 Jun 2011
For more details about purchasing this feature and/or images for editorial usage, please contact Jasmine Samra on firstname.lastname@example.org
- BBC admits £100 million IT project was a "waste"
- ISPs offer network-level porn filters to dodge "regulatory threats"
- Intel: PC designs "not compelling enough"
- Microsoft reinstates the Start button – on a mouse
- Google considers $1 billion bid for satnav firm Waze
- Hyperoptic extends 1Gbit/sec broadband beyond London
- Lenovo defies PC slump to post 90% profit increase
- Schools warm up to BYOD for tablets
- Xbox One: what it means for Windows PCs
- IBM's Watson answers customers' questions
- Is it worth upgrading a media centre to Windows 8?
- Flickr redesign: is it enough to tempt photographers back?
- Hands on with the new Google Maps
- Nokia Lumia 925 review: first look
- Why I won't subscribe to Creative Cloud
- GoPro camera strapped to a remote-control helicopter: the ultimate boy's toy
- Acer Iconia A1 review: first look
- Acer Aspire P3 review: first look
- Acer Aspire R7 review: first look
- How we produce the PC Pro podcast