Hacking: The New Kind of Warfare
Following the recent fiasco at Sony, hacking has been catapulted squarely into the spotlight. But hackers are doing more than just delaying movie premieres–they are causing serious damage and have the capability to cause much more. Before we get too scared of these anonymous boogeymen, however, it is important to understand what hacking is and who the hackers are.
What are hackers and what do they do?
So, first of all, what is a hacker? While the answer to that question is very complicated, for clarity’s sake a succinct and clear explanation of a computer hacker and computer hacking is this:
Computer hackers are unauthorized users who break into computer systems in order to steal, change or destroy information, often by installing dangerous malware without your knowledge or consent.
This definition is of course limited, as hacking is not relegated solely to computers and is not always a negative thing. Below is a video that offers a fuller picture.
While not all hacking is negative, much of it is, and it is important to understand specifically what the intentions of many hackers are and how they operate. Hackers often lure their unsuspecting victims with bogus scams sent through emails or websites. Some hackers also prefer the approach of directly attacking a computer if it does not have the requisite protection in place, such as a firewall; however, while hacking may appear as simple as pressing a button in a movie, it is more complicated than that. More specifically, what a hacker does is infect another person’s computer with malicious software or malware. Once the unsuspecting user has activated the malware, either by clicking on a link or opening an email, his computer can then become infected with a virus. If a computer does become infected the hacker essentially has unlimited access to the operating system. This then enables him to have virtual control over the user’s computer and internet activity. Normally the hacker will try to maintain a low enough profile so the user is not alerted; in the meantime he will attempt to obtain sensitive information. Whatever way hackers choose to attack, they often try to steal things like passwords, account numbers, and means of identification such as a social security number.
The purpose behind all of this is nefarious; stealing an individual’s money, abusing their credit, or even turning a profit by selling the acquired information to a third party is often the end goal. Two prime examples of this are the major hack of Target’s credit card system in 2013 and the similar hack of EBay this year. Nonetheless, while hackers seem to have similar motives, the group is in fact quite heterogeneous and can vary from countries to individuals.
The first type includes hackers utilized by a country’s government or military. In this way, hackers are used like other weapons such as tanks or missiles. In this regard, perhaps no country employs hackers and hacking more than China. According to a 2013 article from Bloomberg, China accounted for 41 percent of hacking assaults in 2012–four times that of the second place country on the list. While there’s no way to say definitively whether those hacks came from the Chinese government, the idea comes as no surprise to those familiar with the United States’ claims that China has long hacked American corporations in order to steal trade secrets and then passed them along to Chinese companies. For example, there were hacking accusations against China earlier this year by American corporate icons such as U.S. Steel and Alcoa.
However, the United States is far from an unwitting victim of these attacks. In fact the number two country from the same list of top hacking nations was the United States. In 2012, for example, ten percent of hacking attacks originated from within the United States. In addition, the United States military has increased the portion of its budget focused on cyber warfare. In 2015, the U.S. Cyber Command plans to spend $5.1 billion on cyber combat. The video below explains the threat of cyber warfare.
There is already evidence of suspected U.S. cyber warfare at work. Aside from unpublicized U.S. attacks against the Taliban in Afghanistan, there’s the more notable example of the Stuxnet virus that infected the Iranian nuclear infrastructure and severely damaged its nuclear program. There is also the recent shutdown of North Korean internet access that many suspect was American retaliation for the suspected North Korean hack of Sony.
Along with the United States and China, other countries where hacking is a major weapon include Taiwan, Turkey, and Russia.
Indeed non-state actor hackers may pose an even bigger threat to global systems than government operations. One reason why is while government operations are generally strictly military or defensive in nature, non-state operations run the gamut.
One example is something known as patriotic hacking. In essence, these groups are self-appointed to represent a particular country and will respond in kind to any perceived slight against the nation they represent. One such group formed in China in response to the accidental bombing of a Chinese embassy in Belgrade by the United States during the war in Kosovo. Similar groups have also formed in many countries such as Israel, India, Pakistan, and the United States.
An example of a patriotic hacker–or “red hacker” as they are known in China–is Wan Tao. Wan Tao hacked everything from the U.S. government to Japanese political email accounts. While it is believed they he was never explicitly ordered to do so, the hacker’s targeted attacks fell in line with Chinese Governmental actions. As if to emphasize the underlying nationalism in his attacks, Wan Tao even had a name for his group, the China Eagles.
Another type of non-state hacking group is known as hacktivists, which are people who use both legal and illegal means to achieve some political goal. Perhaps the best example is the group known collectively as Anonymous. Known for dawning the Guy Fawkes mask, Anonymous has been involved in hacking cases related to social issues ranging from the Occupy Wall Street movement to the shooting death of Michael Brown that set off the protests in Ferguson, Missouri. A more expansive definition of hacktivism is provided in the video below.
Other Non-State Actors
There are countless other non-state hacking groups at play today. One example is the massive hack of JP Morgan Chase in October 2014. In this case, the personal information of 83 million bank customers was stolen. While Chase was quick to deny any information such as account numbers was taken, experts in the field remain more skeptical. Regardless of what exactly was stolen, the culprits were again believed to be Russian hackers who stole personal information with the intent to sell it or profit off of it through other means such as fraud. There is also the persistent fear of terrorist hackers, although little has yet to come of this.
Putting Up a Firewall
While governments and individuals swarm to the attack there are also efforts to fight back against hackers, and like hackers and hacking these efforts take many forms. At the highest level are government efforts like those of the United States government. Specifically, as touched upon earlier, the United States has created a cyber command capable of launching retaliatory strikes against its enemies through cyber space if the U.S. were attacked. In essence then the United States is creating a deterrent through cyber space much like it already has through both conventional and nuclear means.
There are also altruistic attempts such as the ones being undertaken by organizations like I Am the Cavalry, which allows researchers to share their findings and help improve the security of four major sectors: medical devices, automobiles, home services, and public infrastructure.
In addition, there are more classical capitalist efforts employed by corporations. Several major corporations such as Apple, Facebook, Google, and Microsoft are actively courting hackers, often holding competitions with prizes like lucrative job offers. The goal of this approach is to pick up where traditional IT efforts leave off. Traditional efforts are geared at creating defensive measures so hackers cannot break into a system; however, this new approach utilizes hackers themselves specifically because they have the opposite mindset and are looking for the vulnerabilities to attack. By harnessing hackers’ aggressive skill sets and playing off their competitive mentalities these companies and many more are, in essence, using hackers to prevent hacking.
As the world becomes more digital and connected the threat of hacking will increase. In the future everything from cars to even toasters can and will be vulnerable to hacking and misuse. Furthermore, this threat will not necessarily come from other countries, but also non-state actors and even individuals. The motivations and allegiances of these people and groups vary widely and make the problem infinitely more complex.
Nonetheless, while efforts to prevent hacking can seem hopeless, like trying to keep a ship with a million leaks afloat, all is not lost. Indeed there are already efforts underway to fight back, which vary as much as those of the hackers themselves. As history has shown, no ship is unsinkable. Thus hacking is always likely to be a problem and an increasingly dangerous one; however, it can also offer an avenue for improvement and a channel to voice social concerns. While hacking may be the next great threat, like previous scourges it may also present unique opportunities for change and improvement for society as a whole.