Is this the golden age of hacking?

Hacker

Stewart Mitchell reveals how guerrilla groups, a recession and ever more complex networks are creating a boom time for hackers

Hacking dates back to the pre-internet era, but with a seemingly continuous wave of attacks hitting the public and commercial sectors there has never been a more prodigious period for hackers.

In only the past few weeks, Sony alone has been breached no fewer than 16 times, CitiGroup has seen its servers hacked and Google has pointed the finger at China for targeted attacks on Gmail.

That’s not all. A recent breach of RSA’s verification system led to further attacks on defence company Lockheed Martin, while in the past few days the International Monetary Fund has admitted its network was breached and the NHS saw its security flaws exposed by a hacker group posting details on Twitter.

In the past, there might have been lot of houses in the street with the same vulnerability, but no-one was going along and knocking on all those doors

Where mainstream alerts used to be rare, they are now daily news fare. But what is behind this unprecedented level of attacks? Security professionals warn of a perfect storm of better-informed hackers, more accessible networks and corporate cost cutting – never before has it been so hard to secure a network. And that's without an outbreak of state-driven cyber warfare. Are we embarking on a golden age of hacking?

Rise of the social hacker

Hackers use social networks and bulletin boards to club together into groups such as Anonymous and Lulz Security – and from these platforms they publicise their work, highlight vulnerabilities and exploit a WikiLeaks-inspired wave of public civil disobedience.

“It is something of a golden age because there are so many issues and people are highlighting those issues more than ever,” said Kevin Wharram, an independent security consultant. “A lot of this stems from WikiLeaks, because people suddenly realised there's much more information around and they're interested in what information they can get.”

Ease of access to tools has also led to an explosion in the numbers of people actively looking for companies with weakened defences; whereas a break-in might previously have been opportunistic, current attacks are far more methodical.

“In the past, there might have been lot of houses in the street with the same vulnerability, but no-one was going along and knocking on all those doors,” said Wharram. “But now they have been highlighted, so people are looking to expose more data.”

Twitter has also provided a highly visible noticeboard for hackers, many of whom are primarily motivated by the kudos of being the first to discover a vulnerability and expose companies that haven't patched publicised weaknesses. Lulz Security, for example, was virtually unheard of until it hacked into Sony Pictures at the beginning of June and now boasts 130,000 followers. Perfect fodder for anyone with an appetite for attention and a set of hacking skills they wish to show off.

Read more

Analysis

Pages