Termination: It’s Hacking Season
It’s Hacking Season
Text:/ Matt Caton
Have you noticed the spate of internet hacking that seems to be becoming far more prevalent in the last six months? If you answered no, then you – unlike myself – probably haven’t had your website hacked. Twice in the last seven weeks, the sanctity of my humble little blog has been soiled, and it still leaves me with a rather sour taste in my mouth. I awoke from my alcohol induced daze on January 1, only to find that I was unable to access my WordPress blog. Luckily for me, I seemed to catch it ‘live’ (as in, while it was happening), and was able to get around the small hacking scare with little or no damage done. Further investigation showed that I had left security holes in my WordPress installation that were akin to leaving the keys in my unlocked and still-running car, while I was away on an overseas holiday. So I knuckled down, fixed the permissions, fixed a few of the obvious WordPress glitches, and breathed a heavy sigh of relief.
So imagine my horror when I got hacked again last week, only to find that this time, they left a lovely little malware virus in there. This time real damage was done, and to make matters worse, it filtered down into my business website, my friends website, my ‘money making’ affiliate site, and a site I host for a client. Realising that this scare may be a bit out of my league, I decided to call in a professional. In the first few seconds of talking to my professional PHP coding guru, he managed to tell me that he himself had just been hacked, as had two of his colleagues. He then pointed out that Facebook had been hacked last year (and unconfirmed rumours state that it happened again last week), and even the FBI website has been attacked. The next day, I discovered that the front page of the AFL website had been ‘altered’ with a rather sexually charged jibe about the CEO of the AFL and the President of the Collingwood Football Club. Obviously, hearing about these made me feel slightly better about my inadequate online security skills, but it made me wonder why the internet has got so bloody unsafe again.
THE MIND OF A HACKER
It also got me thinking as to why people choose to do this. What secret pleasure does it give them? So, I did a little bit of research. According to Canadian criminal psychologist Marc Rogers, the most visible breed of computer hacker is an obsessive, middle-class, white male, between 12 and 28 years old, with few social skills and a possible history of physical and sexual abuse.
“Hackers have been dubbed the enemy of information security,” said Rogers. “They research their targets, they know a lot about us. They are very good at intelligence-gathering or sharing.” Personally, this profile is starting to creep me out a little, especially when I think about the person who decided to play around with my blog.
Rogers offered what he called a new taxonomy of hackers, categorising intruders as newbies or script kiddies (who are beginners), cyberpunks (older, but still antisocial geeks), insiders (disgruntled employees), coders (who actually write the exploits), professionals (hired guns), and fully-fledged cyber terrorists. Great, so now we have this whole subculture with its own hierarchy, just waiting to hack into anything we decide to put online.
WEAPONS OF MASS DESTRUCTION
However, computer hacking and the spread of viruses is not contained to pimple-faced nerds sitting in their mothers’ basements. Online espionage is fast becoming one of the most important peace-time tools of the modern military, with the infamous Stuxnet computer worm an obvious example. Strongly rumoured to have been created by the US and Israeli Governments (or at least been developed by them), the sophisticated little worm seemed to hatch itself primarily in Iran, with the suspected target being Iran’s Natanz nuclear facility. In further proof of its intricacies, the worm only attacked Siemens industrial firmware and equipment, and if it landed on a system without this firmware or equipment attached, it deactivated itself.
The worm worked by first causing an infected IR-1 centrifuge (used to separate out the radioactive isotopes of Uranium, for the non-nuclear physicists out there) to increase from its normal operating speed of 1064rpm to 1410rpm for 15 minutes, before returning to its normal speed. Twenty-seven days later, the worm returned to action, slowing the infected centrifuges down to a few hundred RPM for a full 50 minutes. The stresses from the varying speeds caused the aluminium centrifuge tubes to expand, often forcing parts of the centrifuge into sufficient contact with each other to destroy the machine. The changes were so subtle that they were easily missed by the nuclear technicians monitoring the plant.
Of course, any story about computer hacking would be incomplete without a mention of the ‘anonymous’ group. You know the ones, they sit around in their Guy Fawkes masks, bitching and moaning about how ‘they’ own and control the internet, and limit their attacks to government and other corporate institutions. Most of the time, their attacks are merely to prove the point that they ‘can’ break into a site, while others are just forms of protest, like the spate of attacks launched on the FBI, the US Justice department, Universal Music and the Motion Picture Association of America after the take down of Megaupload, and the talk of the SOPA bill for protection of copyrighted online material.
The long and the short of it is, the internet is becoming a little sordid again [‘a little’? ‘again’?! – Ed]. Is computer hacking and the spread of malware having the same buzz-kill effect as what the AIDS virus had to the free love era of the ’60s and ’70s? While that may seem a rather strange comparison to make, I am starting to feel like we have all had our online innocence taken away from us.