clear and present danger
From
jesse hirsh <jesse@tao.ca>
Date
Mon, 30 Aug 1999 19:16:34 -0400 (EDT)
Cc
tao-org@tao.ca
[: hacktivism :]
the following article, submitted for your scrutiny, was brought to our
attention today by one of our toronto members. i'm going to type it up for
this list, just so you can all see the type of misalignment that goes on,
and the crap that gets printed in the 'business' press, that spins out
information for sale, or for buy.
the article itself is titled "clear and present danger" it was authored by
erik heinrich, and appeared in a publication called INFOSYSTEMS EXECUTIVE
dated may 1999. there is a header at the top of the page that reads
'analysis' and a subtitle that reads: "WHETHER IT'S A POLITICAL AGENDA,
MONETARY GAIN OR JUST PLAIN MALICE, THE NEW BREED OF HACKER IS GETTING
THAT MUCH MORE EVIL." a caption reads: "We are seeing a convergence
between hackers, activists and anarchists.".
please disregard the absurdity of this article. the author made no effort
whatsoever to contact us, to verify the information, or to even consider
its bearing on reality. also please excuse my typing errors. i'm just
going to type straight through, so there may be a few mistakes. ok, here
begins the body of the article:
- stupid article by erik heinrich begins now:
You may have never heard of the Hong Kong Blondes but they know who you
are if you do business in China. And they want to mess up your computer
networks. Why? The Hong Kong Blondes belong to a new breed of terrorists
known as hacktivists. They don't break into computer networks to prove
they are techno geniuses. These are righteous crackers with a political
agenda who attack the IT infrastructure of their enemies in the name of a
cause. In the case of the Hong Kong Blondes, an underground association of
overseas Chinese students, anyone or anything deemed to undermine China's
pro-democracy movement is a legitimate target.
The Hong Kong Blondes have successfully penetrated Chinese
networks with the help of people in the Communist Party, and they are
reputed to have disabled a Chinese communications satellite. But unlike
Zorro, the Blondes don't leave a calling card when they attack non-Chinese
targets for fear of police reprisals.
That means if you do business with China and your systems go down,
you can never be sure whether it's just badluck, the work of a stand-alone
hacker, or an attack by the Blondes.
Other known hacktivist organizations include the Groupe Segfault,
Toronto's Tao Collective, and the U.S. based Cult of the Dead Cow. They
are people with hardline activist agendas.
"What we're seeing is a convergence between hackers, anarchists,
and political activists," says David McMahan, a security specialist with
Toronto's CanCERT, a private-sector agency dedicated to national computer
security. "But because 99% of the vandalism [in cyberspace] is hacker
exploits, the serious guys are obscured."
Hacktivists are a major headache for large public and private
sector computer networks. But they are just one part of a larger threat
that is redefining the rules of the game for CIOs who want to keep their
computer systems safe from intrusion by bad guys. And while their efforts
on this front are in the preliminary stages, CERTs (Computer Emergency
Response Teams) around the world say terrorist organizations are preparing
to make information war against governments, and the corporations who are
friendly to them. The question is when, not if.
Then, there are cyber spies. These people are hacking their way
into databases to obtain company secrets. Sometimes they work into
databases to obtain company secrets. Sometimes they work from the inside,
sometimes not. They are usually called on by companies when more
conventional methods of obtaining competitive secrets, such as bribery and
blackmail, fail to get results.
Just how big a threat is corporate espionage? A
PricewaterhouseCoopers /InformationWeek survey of 1,600 IT professionals
from 50 countries conducted last year, found 73% of companies reported a
security breach or act of corporate espionage in the previous 12 months.
"There is no answer as to how big a problem this is," says Marcia
Wetharup, spokesperson for the Canadian Security Intelligence Service
(CSIS) in Ottawa. "It's multi-faceted and some cases go unreported." Who
are these spies?
"These are serious dudes," says Chris Andersen, national director
of the information security service of Ernst & Young in Canada. "They're
no script kiddies who spray your web site with graffiti. It's a different
threat when someone like that is after your organization because they will
use evry trick in the book to get what they want."
Examples of companies who have been burned by corporate espionage
are difficult to come by, in part because many are unwitting victims, and
in part because those who are not don't want to air their dirty laundry
for fear of losing customers and hurting their reputations. Still, two
cases came to light in 1998 in Canada. Ottawa-based Mitel Corp. charged
Van Tran, a 41 year-old Vietnamese R&D specialist who worked in the
company's telephone systems division, in March of last year with selilng
research secrets to a small company in his homeland.
The information was relayed via fax and e-mail. And while this is
not exactly a case of cyber espionage it illustrates just how easy it can
be to steal company secrets, be they schematics of proprietary technology,
marketing plans or pricing strategies.
"It was a wakeup call," says Darrell Booth, head of security at
Mitel, who admits his company might have never uncovered the scam had it
not been for anonymous tip from an employee.
"I don't think we could prevent such a thing from happening
again," concedes Booth, adding the only thing that has really changes is
that his company has remounted its efforts to make sure managers follow
existing information-protection guidelines.
In 1998, Newbridge Networks Inc. of Kanata, Ont. charged an
employee with sending details of the company's phone system platforms for
midseized companies. The documents were photocopied and sent by mail.
"It's more prevalent than most companies are willing to let on," says
Booth. Adds Andersen of Ernst & Young, "Most companies have not
considered espionage as a clear threat that needs to be managed. They just
react and hope for the best."
What should CIOs do to protect their systems and intellectual
property from cyber espionage and terrorism? It's a complicated question
with few clear answers.
Andersen advises his clients to go through four steps. One, do an
inventory of the 20 or 30 key pieces of information in your organization.
Understand what it's used for and how important it is. Two, identify the
people who want to get their hands on it, including insiders. Three, gauge
your risks against the security measures in place. Four, fix the security
holes.
Sometimes this can be as simple as making sure people in marketing
can't get into the R&D server.
"Unless the security analysis is done against a backdrop of what
you are trying to protect, you will probably implement the wrong tools or
implemetn the right ools in the wrong way," warns Anderson. "You have to
understand the need or you will not deliver the solution you want."
Here's another piece of good advise: When your vendo r offers a
software patch, install it immediately.
Brampton, Ont. - based Nortel Networks uses hackers-for-hire to
test robustness of its network defenses. The hackers bombard the company's
servers and operating systems with the latest scripts and exploits.
Sometimes they find holes. "We work hard at building appropriate security
walls," says Keith Powell, Nortel's CIO. "But as fast as you put them up,
people find ways around them."
Powell says he takes the threat posed by hacktivists, cyber
terrorists and spies working from the outside seriously. But he fears
internal hackers the most. "People on the inside are very technically
competent," says Powell. "And they enjoy the challenge of getting
somewhere they are not supposed to."
Mark Gembicki, of consultancy WarRoom Research, says the audit
trails for internal intrusions are simply better, and the perpetrators are
easier to find. But many external intrusions are never found, and those
that are usually go unreported.
The hact is that CIOs have to wake up to the fact that hackers are
not just nerdky kids from the 'burbs who get their kicks from Web page
vandalism and the crashing of Web servers. Hacktivists, cyber terrorists
and cyber spies are serious criminals.
- stupid article by erik heinrich ends here
so here's my question to you the reader:
should we (as a group or as a list) be countering this tripe? should we go
silent as this crap is flooded through the mainstream? any thoughts?
[: hacktivism :]
[: for unsubscribe instructions or list info consult the list FAQ :]
[: http://hacktivism.tao.ca/ :]