An anonymous foe
Hackers hit big companies, the IMF and the headlines
Jun 16th 2011 | SAN FRANCISCO | from the print edition
DEFENCE companies such as Lockheed Martin have seen some of their cyber-defences penetrated. Sony, Google, Citigroup and other firms have had sensitive customer data swiped by high-tech intruders. The IMF has been the victim of a digital attack, as has the website of America’s Senate. And a hackers’ collective, called Anonymous, has threatened to launch an online assault on the computer systems of America’s Federal Reserve unless its chairman, Ben Bernanke, agrees to step down.
These and other events—such as the attack on the public website of the CIA, which was disrupted briefly on June 15th—have led to speculation that there has been a big increase in the threat posed by hackers in recent months. They have also reinforced a belief in some quarters that America is already engaged in a cyber war of sorts, most notably with China. Yet such claims are controversial.
Although some security experts think hacking activity has hit a new high, others say such claims are overblown. They point out that laws in some states in America now require firms to reveal if their defences have been breached, which means more hacking cases are coming to light that would previously have been buried. High-profile attacks, such as the ones on the Senate website, also get plenty of media coverage, fuelling talk of an epidemic.
The vast majority of the hacking that does take place is still perpetrated by different sets of private hackers rather than by cyber spooks. Take “hacktivists”, members of such groups as Anonymous and Lulz Security, the outfit that has claimed responsibility for attacking the Senate’s and the CIA’s sites. (To “lulz” means to laugh at someone’s misfortune in jargon.) Loosely organised and motivated by causes rather than money, these online rebels shot to prominence last year. They targeted firms such as MasterCard that shunned WikiLeaks after the transparency group began releasing secret diplomatic cables. And they thrive on the oxygen of publicity, boasting of their exploits on Twitter and other social-media services. Anonymous even announced its intention to target the Fed by posting a video on YouTube. This listed all kinds of recriminations against the central bank, including plenty of bizarre ones such as “crimes against humanity”, scrolled down against a backdrop of eerie face masks that have become Anonymous’s calling card (see picture above).
Hacktivists’ assaults on state targets have prompted governments to try rounding them up. On June 10th Spanish police arrested three men that they claim are core members of Anonymous, which responded by causing a police website to crash. Then on June 13th police in Turkey rounded up another 32 alleged hackers from the group, which had recently attacked a couple of official websites, protesting plans to increase policing of web traffic.
Dmitri Alperovitch of McAfee, a web-security company, reckons that these and future raids will ensure that hacktivism declines as a source of online attacks within six to 12 months. But other experts warn that by trumpeting the arrest of Anonymous members, instead of simply labelling them as common-or-garden hackers, governments are boosting the outfit’s standing. In the eyes of potential recruits such as young “script kiddies”, who first turn to hacking chiefly as a test of their programming skills, Anonymous may now seem more attractive.
While hacktivists are gathering speed, another source of hacking—organised-crime groups—are going about their business as usual. But that means they are using increasingly sophisticated techniques to extract passwords and other personal information from their victims. This then gives them access to data they can profit from in various ways. These gangs are behind some of the biggest data breaches that companies have owned up to (see chart). They also often launch cyber-attacks using “botnets”, or networks of computers that have been taken over without their owners’ knowledge.
Code red 红色代码
Such ploys can make it hard to identify exactly who is behind a particular online assault, says Adam Vincent of Cyber Squared, another security firm. In China things are particularly unclear. Jayson Street, a security researcher who has written a book on dissecting hacks, reckons the Chinese government itself is struggling to contain hacking within the country. He recounts how the website of one regional government he studied turned out to have been compromised by hackers who had made it part of a botnet. Chinese cyber-crooks are only too happy to rent out their networks to other gangs and governments who want to launch attacks using them. North Korea and Russia are said to be among the countries that have taken advantage of such offers.
来自另一家网络安全公司Cyber Squared的Adam Vincent说，这样（僵尸网络的）形式的攻击真的很难定位到某次入侵的幕后真凶是谁。在中国事情就更扑朔迷离了。研究网络安全的Jayson Street曾写过一本剖析黑客行为的书，他认为中国政府自身也在挣扎着控制黑客行为于境内。他详述了他所研究的一个地方政府网站是怎么在黑客们的控制下“蜕变”到僵尸网络的一部分的。中国的网络犯罪分子倒是希望能够把他们的网络租给其他黑客帮派或者政府，供其发起攻击。朝鲜和俄罗斯据说也是利用这种机会来获取好处的。
This does not mean that the Chinese government is innocent of all of the hacking charges levelled against it. A recent study by McAfee of “SQL injections”, a technique used to penetrate databases, showed that around half of the reported attacks in the first quarter of 2011 originated from China. Given the scale of such activity, it is likely that at least some of these were launched by Chinese cyberspies. Google has also dropped heavy hints that the Chinese government was behind a recent hack of Gmail, its web-based mail service, which let online snoopers read the e-mails of high-ranking American officials and those from some other countries.
But China is far from the only country engaged in cyber-espionage. It is surely no coincidence that according to McAfee’s statistics the second-largest source of SQL injections in the first quarter was none other than America. Such probing of a rival’s systems is hardly new, though it has assumed an exaggerated importance because of all the feverish talk of “cyber-warfare”.
According to a report on cyber-security issued earlier this year by the Organisation for Economic Co-operation and Development, the chances of a conflict fought solely in the electronic world are extremely slim. The same report also warns that many high-tech attacks described as acts of cyberwar, including the antics of hacktivists, do not merit the label. That is surely right. Even so they are no laughing—or lulzing—matter.