Electronic Civil Disobedience and Politics
I suspect I'm not the only one expecting a politically-charged computer worm to emerge any minute. Hacktivism--or "electronic civil disobedience" as it has been called--is not a new phenomenon.
More than six years ago, Chinese engineers hijacked a government communications satellite and propagated their own content over the airwaves (or through the ether). That was just the beginning.
The dust had started accumulating on the once-sexy concept of the hacker and a new paradigm was needed: hacking for political ideals. This concept got some press and actually materialized, although never to the theoretical degrees that were thought to be possible.
Since 9/11 we have seen all sorts of groups express themselves by breaking into Web servers and changing their contents to get their political viewpoints across. Most notably, Brazilian and Asian hackers who target popular sites in an effort to maximize their impact in the same way that billboard ads try to distract us on the Gardiner Expressway.
Web site defacements now occur on a daily basis. As a security professional, I don't pay much attention to them. They don't tend to be destructive and the situation is easily rectified with a site refresh, patch application and password change.
In most cases, they're simply crimes of opportunity committed by anyone who follows a simple formula: locate vulnerable sites by using popular search engines (Google is often a hacker's best friend), use a documented bug in the server software to gain access to it and replace site pages with your own.
Usually accompanied by poor grammar and shocking images, the messages are typically anti-government--but we have seen a number that denounce the wearing of fur and environmental causes.
Ultimately, they are ways to embarrass and intimidate the victim as seen in this archive of recent government site defacements: www.zone-h.org/en/defacements/special.
Now following the hotly contested US Presidential Election which illustrated strong differences of opinion among voters and people in general, one can't help but expect some kind of activity from incensed "hacktivists."
Thousands of civilians have been killed in terror attacks and more notably in various war-related situations in Iraq. This has ostensibly produced anger and a need to speak out, making the Internet the tool of choice for private opinion and public outcry.
In the past, we have seen hacker activity from countries like Spain, Brazil, Russia and Pakistan; most of which are opposed to the current administration's policies to some degree. It certainly wouldn't be far-fetched to expect a few unfriendly messages on hacked sites.
For the most part, it seems that we are seeing mostly distinct groups flex their hacking muscles.
The Muslim Council of Britain has reported being bombarded with thousands of hate e-mails. With the Iraq and Israel conflicts, there is some indication that groups in countries such as Morocco, Turkey, Saudi Arabia and Kuwait are joining forces to cover more ground and perhaps create attacks that have a greater impact.
The thing that should be a concern is the fact that the threats have changed. It is now really easy for anyone to confuse search engines with cloaking software and get to the top of listings, or even to use a simple virus creation kit to get their message across.
More sophisticated (read: connected) hackers can now use "bots" and "botnets" to control hundreds--and sometimes thousands--of computers to knock just about any target off the Internet with a co-ordinated, distributed denial-of-service attack (DDOS).
Ever more serious would be attacks on public utilities or critical infrastructure such as nuclear plants (now directly connected to the Internet) that have been described as inherently insecure by many experts.
So what's next from the outspoken groups that seem to command more Internet resources than average people? Will it be an eruption of civil electronic disobedience, or will we see just a few Web site defacements and maybe a computer worm with a chip on its shoulder?
I'm leaning towards the latter scenario. I believe we will see some evidence of discontent, but it will be in short, disorganized bursts. Most viruses tend to be largely ineffective and quickly subdued.
Site defacements are usually carried out by individuals--not groups--in an effort to show off and spray paint some digital graffiti on someone else's property. Web servers today are much better prepared to withstand hacking attacks than they were even two years ago.
Most importantly, hackers with a true agenda are usually after money, so they tend not to expose their valuable botnets and resources--especially in light of the fact that governments today are much better funded and more aware of information security threats and countermeasures.
By Claudiu Popa
More than six years ago, Chinese engineers hijacked a government communications satellite and propagated their own content over the airwaves (or through the ether). That was just the beginning.
The dust had started accumulating on the once-sexy concept of the hacker and a new paradigm was needed: hacking for political ideals. This concept got some press and actually materialized, although never to the theoretical degrees that were thought to be possible.
Since 9/11 we have seen all sorts of groups express themselves by breaking into Web servers and changing their contents to get their political viewpoints across. Most notably, Brazilian and Asian hackers who target popular sites in an effort to maximize their impact in the same way that billboard ads try to distract us on the Gardiner Expressway.
Web site defacements now occur on a daily basis. As a security professional, I don't pay much attention to them. They don't tend to be destructive and the situation is easily rectified with a site refresh, patch application and password change.
In most cases, they're simply crimes of opportunity committed by anyone who follows a simple formula: locate vulnerable sites by using popular search engines (Google is often a hacker's best friend), use a documented bug in the server software to gain access to it and replace site pages with your own.
Usually accompanied by poor grammar and shocking images, the messages are typically anti-government--but we have seen a number that denounce the wearing of fur and environmental causes.
Ultimately, they are ways to embarrass and intimidate the victim as seen in this archive of recent government site defacements: www.zone-h.org/en/defacements/special.
Now following the hotly contested US Presidential Election which illustrated strong differences of opinion among voters and people in general, one can't help but expect some kind of activity from incensed "hacktivists."
Thousands of civilians have been killed in terror attacks and more notably in various war-related situations in Iraq. This has ostensibly produced anger and a need to speak out, making the Internet the tool of choice for private opinion and public outcry.
In the past, we have seen hacker activity from countries like Spain, Brazil, Russia and Pakistan; most of which are opposed to the current administration's policies to some degree. It certainly wouldn't be far-fetched to expect a few unfriendly messages on hacked sites.
For the most part, it seems that we are seeing mostly distinct groups flex their hacking muscles.
The Muslim Council of Britain has reported being bombarded with thousands of hate e-mails. With the Iraq and Israel conflicts, there is some indication that groups in countries such as Morocco, Turkey, Saudi Arabia and Kuwait are joining forces to cover more ground and perhaps create attacks that have a greater impact.
The thing that should be a concern is the fact that the threats have changed. It is now really easy for anyone to confuse search engines with cloaking software and get to the top of listings, or even to use a simple virus creation kit to get their message across.
More sophisticated (read: connected) hackers can now use "bots" and "botnets" to control hundreds--and sometimes thousands--of computers to knock just about any target off the Internet with a co-ordinated, distributed denial-of-service attack (DDOS).
Ever more serious would be attacks on public utilities or critical infrastructure such as nuclear plants (now directly connected to the Internet) that have been described as inherently insecure by many experts.
So what's next from the outspoken groups that seem to command more Internet resources than average people? Will it be an eruption of civil electronic disobedience, or will we see just a few Web site defacements and maybe a computer worm with a chip on its shoulder?
I'm leaning towards the latter scenario. I believe we will see some evidence of discontent, but it will be in short, disorganized bursts. Most viruses tend to be largely ineffective and quickly subdued.
Site defacements are usually carried out by individuals--not groups--in an effort to show off and spray paint some digital graffiti on someone else's property. Web servers today are much better prepared to withstand hacking attacks than they were even two years ago.
Most importantly, hackers with a true agenda are usually after money, so they tend not to expose their valuable botnets and resources--especially in light of the fact that governments today are much better funded and more aware of information security threats and countermeasures.
By Claudiu Popa
posted by ZachO at 10:18 AM
0 Comments:
Post a Comment
<< Home