Wednesday, February 10, 2010

Breaking the Stereotype: Governments do it too


He sits in front of the computer monitor, staring intently at the screen, adjusting his eyeglasses every so often. Meanwhile, his fingers work on the keyboard like a true virtuoso, it is as if he were the young Mozart playing the grand piano before royalties in Vienna. After fifteen minutes, he grabs a big pack of potato chips, tears it open, and devours three pieces at a time. He pops open a can of soda, and mercilessly gulps everything down in one sitting.

He goes to the bathroom to pee.

Thanks to pop culture, this is the stereotype that we have of computer hackers, and sometimes of cyber criminals. There is not much picture of the government stealthily trying to bring down other systems, but the truth is, governments do engage in this kind of activity too.

The National Public Radio has an interesting interview with Joseph Menn (Author of "Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet") and Barret Lyon (a self-taught and self-motivated cyber-crime fighter who has worked with law enforcement and companies to defeat cyber-crime attacks and bring cyber-criminals to justice) regarding cyber crime. They talked about how denial-of-service attacks are done, and in one instance, how they were able to trace the perpetrator’s name and address in Russia. They also discussed the prevailing atmosphere of paranoia caused by these attacks, and how this attitude is not helpful.

Here’s what they have to say about governments engaging in cyber crimes:

DAVIES: So you’re saying that the Russian government, with dissidents and international rivals and political opponents, will either orchestrate or cooperate with these cyber-criminals to do one of these massive denial of service attacks and flood a Web site and shut down someone else’s operation?

Mr. MENN: That’s exactly what I’m saying. It’s something that’s been suspected by a lot of really good researchers that have worked really hard to make the case, and it’s always been circumstantial. But its clear what’s going on here, and these people are protected by the Russian government and they're used by the Russian government against their enemies, foreign and domestic.

DAVIES: Well, Joseph Menn, there's been a lot of attention recently about cyber-attacks that appear to be coming from China and may or may not be connected to the Chinese government. What’s your view what’s going on there?

Mr. MENN: First of all, they are connected to the Chinese government. Even Google surprisingly made that, you know, as clear as they could. Google escalated - Google complained publicly about the hacking earlier this month. They went after not just human rights activists and dissidents within China trying to get into their Google mail accounts, but also after some of Google’s proprietary software….

DAVIES: And what are the potential consequences here? I mean, are they -what havoc or mischief might the Chinese government, you know, work with this ability?

Mr. MENN: Well, this - I think this is kind of a watershed moment. The China one is a really big one. Basically, what you have is organized crime in Russia that is going after your bank account, my bank account and lots of other things, basically about money and protected by the Russian government because they're used in quasi-military operations.

In China, you have the government supporting a massive effort to steal commercial secrets and military secrets in the U.S. And what the sophistication of the hacks against Google and others shows is that there is an awful lot invested in this, and they already have an enormous amount. And they see cyberspace as a way to catch up to the U.S. in terms of military domination.

Read the rest of the transcript of the interview here.
_____
Photo Credit: DailyMail

11th Entry
Ralph Vincent Catedral

1 comment:

Owen Ricalde said...

my boyfriend mentioned before that a certain IT security company has this yearly contest open to everyone (especially hackers). whoever hacks into their system wins like $100K. and after, they hire him. i guess, like any security issue, companies must be on the guard and hire the right IT people for security. their information is out there and they have to make sure it is only accessed by the right people. hire the right IT people - that is the solution.