Kaspersky Lab CEO Eugene Kaspersky
Tech Sinan News, February 8th - In the middle of Beijing time, Kaspersky Lab CEO Eugene Kaspersky stated on Tuesday that hacktivism is not much different from cybercrime.
Kaspersky said at a conference in Cancun, Mexico: "To me, there's no difference between the hackers who destroy the Internet environment and the radicals who set fire and smash things on the streets. Their actions have caused tremendous damage to Internet services and economies."
Uncontrollable Attacks
Hacktivist groups are usually loose organizations made up of many computer enthusiasts. Currently, LulzSec and Anonymous are two of the more famous hacker organizations. Last April, due to dissatisfaction with the unhealthy lifestyle promoted by video games, Anonymous attacked Sony's PSN network service. Due to this attack, 77 million users worldwide were affected, and a large amount of user data was leaked during the attack. Anonymous launched another attack on PSN last October, making outsiders feel that hacking is very easy.
Last week, members of Anonymous Brazil attacked the networks of banks such as Itau and Santander. This attack was to protest corruption, but it led to international customers of these banks being unable to use services for a long time. In fact, these banks did not anger the protesters due to any special practices; they merely charged transaction fees and profited from them. Although the hackers claimed their purpose was to protest political and corporate corruption, what actually got attacked was Itau's computer network, and the victims were account holders of Itau Bank.
Members of Anonymous stated that they did not attempt to steal account data from Itau's customers. However, the problem lies in that if they wanted to steal data, they could do so. Some hackers might accidentally obtain the account information of a bank customer. And once the system is breached, just one or two hackers can access a large amount of sensitive data. There are no measures that can stop them.
Sometimes, hackers eventually steal data and publicly release it. Kaspersky said: "Some members of hacker organizations are experienced hackers and won't act like beginners. But some people within the organization may be controlled by criminal organizations in the future or cooperate with them in some way. They may become terrorists or use their skills for digital terrorism."
Increased Police Crackdown
As the Internet matures and becomes more open, hacktivism and information crime have become part of the network, making it less secure. The police have started treating some hacktivist activities as crimes, but cracking down on hackers isn't easy.
Forbes magazine reporter Andy Greenberg reported on Tuesday that in the case where Symantec was attacked by LOD under Anonymous, leading to the leakage of software codes, the police had already intervened in the investigation. The police have traced individuals involved in the hacking activities but haven't disclosed detailed information. The police currently haven't arrested any suspects.
The cat-and-mouse game between Symantec and LOD hackers resulted in a member of the group, YamaTough, uploading the source code of Symantec software to the file-sharing website bittorrent.com on Monday. This will help hackers with criminal intentions develop tools to attack products like Symantec's PCAnywhere.
The boundary between hacktivism and information crime has been crossed. Similar to information crime organizations, hackers have gone too far, and law enforcement agencies have begun tracking their activities. For hackers, the longer they participate in hacktivist activities, the more radical their thinking becomes, making actions similar to YamTough more likely, and thus getting noticed by the police and information security companies.
Difficult to Track Activities
Not long ago, the information crime organization Koobface based in Ukraine and Russia was exposed, with its members' names made public. However, the founders of Koobface, such as Anton Korotchenko, remain hidden. Their activities in the real world are hard to discover, and all traces of their online activities have been erased. Senior Security Researcher Stefan Tanase of Kaspersky said that Koobface has deleted all records of their online activities, including Twitter messages, Facebook accounts, and Foursquare check-in records.
Assistant Director of Cyber Security Michael Moran said that information crime organizations like Koobface, as well as the hackers behind LulzSec, have already broken the law. However, they are difficult to track, and finding them in the real world is even harder. From Moscow to São Paulo, and then to Mountain View, California, law enforcement agencies lack sufficient capacity to combat them.
Moran said: "All law enforcement agencies are putting in 110% effort; they are overwhelmed. However, I'm not sure if any agency has enough resources, and it's also very complicated. Therefore, you need to assist companies like Symantec. Finding those tech-savvy individuals is not easy for law enforcement agencies. The most important thing is to protect online safety, which is also the direction of effort. The Internet should be a trustworthy network, and we should protect this trustworthiness to prevent situations from getting out of control."
For Kaspersky, hackers are akin to information criminals who write malicious software codes. They try to infect users' phones with malware and steal phone credit. Such actions erode the Internet system. (Weijin)