By Malyssa Woodward
What is a hacker? For some, the term inspires a vision of a bespectacled youth in a basement bedroom, surrounded by monitors, gadgets and empty soda cans. For others, the impression is darker: a shadowy figure that exists on the edge of society, poised to strike at any moment and wreak havoc on the innocent, stealing identities and bleeding bank accounts of millions of dollars.
And of course there’s the Hollywood version depicted in popular movies like 1995’s Hackers. In it, Angelina Jolie and Johnny Lee Miller head up a gang of gifted teens whose attempts at one-upping each other’s abilities land them in hot water with the Secret Service.
The film glamorizes the hacking subculture, summed up in a line by the character called “The Plague”: “Governments and corporations need people like you and me. We are Samurai...the Keyboard Cowboys...and all those other people who have no idea what's going on are the cattle...Mooo.”
Real life “keyboard cowboys” have garnered much media attention recently, to the dismay of the security experts at Panda Labs. In its April – June 2011 Quarterly Report, Panda chastises the media for spending so much time covering the antics of these groups, specifically the “hacktivist” group Anonymous and its offshoot Lulz Security (“LulzSec”), a short-lived collaborative of hackers claiming the mission “to have fun by causing mayhem.”
The authors make their disdain for these two groups abundantly clear, calling their actions “deplorable” and attributing at least a portion of what Panda refers to as “a disastrous quarter” in cyber security to their hacking activities.
Dubbing itself a group of “hacktivists,” Anonymous claims to be acting in the interest of the masses to protest various injustices. Its members launch attacks against the computer systems of companies or government entities with which they disagree, often as retaliation for anti-hacking views or policies. The group typically organizes distributed denial of service, or DDoS, attacks against these organizations’ networks and web sites.
In February, the group launched an attack on HBGary Federal, a security company that performs classified work for the U.S. government. The firm was investigating Anonymous, and claimed to have uncovered the names of some of its members. In retaliation, Anonymous breached the HBGary network and stole around 60,000 internal emails, which they later released to the public.
Recently the group defaced Turkish government web sites in protest of new internet filtering rules to be implemented next month. The Turkish government responded by arresting 32 suspected members of Anonymous. The arrests came just days after Spanish law enforcement officials arrested three alleged leaders of the group.
Seemingly undeterred, on Monday Anonymous released a database stolen from government consulting contractor Booz Allen Hamilton. The database contained the passwords and email addresses of around 90,000 U.S. military personnel. The Booz Allen attack is the latest in a string of hacks targeting private sector firms that work with what Anonymous deems a corrupt U.S. government.
The focus of LulzSec’s attacks was far less purposeful – just for “lulz,” which in hacker terms is “for laughs.” The group primarily targeted entities with lackluster security such as PBS as well as computers at the U.S. Senate, stealing and posting private information online. Though no critical information was lost in the Senate attack, the stunt could land the culprits in prison for five to 20 years if convicted under the Computer Fraud and Abuse Act.
LulzSec also took down gaming sites Eve Online, Escapist, Minecraft and League of Legends for a three hour period, and then boasted about the attacks on their Twitter account. When accused of attacking only soft targets, the group carried out a DDoS attack on the CIA web site. After “50 days of mayhem” and the arrest and charging of a suspected key member, the group disbanded. Experts speculate, however, that LulzSec’s leaders were merely reabsorbed by Anonymous and their activities continue under that umbrella.
Hacking collaboratives like Anonymous and LulzSec proudly wag their accomplishments under the noses of the public via social media outlets like Twitter and message boards. Their high profile stunts draw followers and get plenty of media attention, and that has security experts like the folks at Panda Labs shaking their heads.
The spotlight has shifted to these high profile breaches and meanwhile, according to the Panda report, malware creation and distribution continues its staggering rise. There are 42 new malware strains created every minute, according to the report, with Trojans being the most popular attack tool for crooks to gain personal information. More than 68 percent of malware consists of Trojans, followed by traditional viruses at just over 16 percent.
The Panda report deems the past quarter “one of the most negative quarters ever judging from the number of cyber-attacks launched.” During this quarter, the first large-scale attack on the Mac OS appeared in the form of MacDefender, rogueware intended to trick users into purchasing fake anti-virus software.
Apple at first denied such an attack took place, despite the malware affecting thousands of users. A few days later, Apple conceded and released a patch, but within hours, new variations of the malware appeared and skated easily past the intended fix.
Two major breaches occurred during this quarter: the RSA breach and the attack on the Sony PlayStation Network (PSN).
In the first, security company RSA reported their systems had been breached and proprietary data relating to their hardware-based two-factor authentication system SecurID had been pilfered. The thieves used the stolen data to forge SecurID tokens, creating one-time passwords that granted them access to the networks of government defense contractors Lockheed Martin and L3 Communications. RSA has begun replacing the SecurID authenticators of nearly 40 million customers worldwide.
The Sony PSN breach was likely the most infamous attack of the quarter according to the Panda report. Cyber crooks stole data affecting 77 million users of the popular gaming platform in what is to date the largest theft of data ever. On top of that, Sony officials chose not to disclose the breach until days later, and when they finally announced the intrusion, greatly downplayed the seriousness of the breach.
The stolen data included users’ names, billing addresses, usernames and unencrypted passwords, as well as birthdates, photos of the users and in about 10 percent of the cases, their credit card information. Days later, another 25 million Sony Online Entertainment customers were affected by a different attack.
Sony pointed fingers at Anonymous, but the group continues to deny responsibility, claiming “for once, it wasn’t us.”
While the spotlight that currently shines on the antics of groups like Anonymous and LulzSec frustrates experts, it is perhaps drawing important attention to the bigger security picture for business owners. Companies can hopefully learn from the mistakes of the large-scale hacking victims and take their own IT security needs seriously.
Whether or not you find yourself in the crosshairs of hacking group, a tightly-secured network is imperative to protect your company’s valuable data. Your Net Guard specializes in network security implementations and can help you determine the best solution for your company. Call Ron with your questions - he’ll be glad to help.