Computer Crime Research Center

staff/gva2.jpg

Hackers or cyber-soldiers?

Date: September 28, 2004
Source: Computer Crime Research Center
By: Dmitri Kramarenko

Dr. Vladimir Golubev, CCRC Director was interviewed by Mr. Bernhard Warner,
European Internet Correspondent for Reuters.

Bernard Warner: In the past six months or so, hacking activities have taken on a new tone. Security experts tell me there is a growing number of cases where hackers are using tools to gather information from government and military organizations. In other words, these hackers are motivated more by gathering information then Web site defacement. Have you seen evidence of this?

Vladimir Golubev: I agree that collecting information is the main component of the majority of hacker attacks. But any information collection starting from personal data and credit card number ending with data on vulnerabilities of computer systems and passwords is only the first stage of an attack.

Present-day hackers are different from hackers of the 90’s, those were harmless wags-hooligans (such type of hacking is known as “look-see”, i.e. contemplative, passive hacking). Now they more and more attack on governmental computer networks. According to mi2g, a London-based computer security company, there has been a huge growth in electronic crimes noticed since 2003, therein, besides purely criminal cases, their reports showed a several times increase in activity of extremist groups.

For the first six months of 2004, Russian police revealed 4,295 crimes in the field of high technologies. The greatest share of crimes falls on computer crimes related to illegal access to information and crimes involving usage of malicious software. These statistics also proves growth in attacks aimed at collecting information as opposite to attacks targeting websites.

BW: Is it possible that these activities are state-sponsored? For example, theories abound that Pakistan's ISI may be involved in funding hacking groups. Have you ever heard this? Are there other governments -- in the West too -- you suspect are sponsoring hacking activities?

VG: Undoubtedly yes, cyber attacks and special advanced skills of hackers are widely utilized and sponsored at governmental levels, though as any special operation, it is performed without public notification.

Hackers of Pakistan and India are involved in a real jihad for Kashmir. According to Hindustan Times news, Pakistani hackers defaced 477 Indian websites – 270 of them in April, 2003 alone – against the 288 sites they hacked in all of 2002. Some of these websites belonged to Indian governmental bodies. In turn, Indian hackers calling themselves “Indian Snakes” spread Yaha worm as “cyber revenge”. The virus aimed at performing DDoS attacks on some Pakistani sources, including ISPs, website of Karachi Stock Exchange and governmental sites.

In North Korea's mountainous Hyungsan region, a military academy specializing in electronic warfare has been churning out 100 cybersoldiers every year for nearly two decades. Graduates of the elite hacking program at Mirim College are skilled in everything from writing computer viruses to penetrating network defences and programming weapon guidance systems. Yet Pentagon and State Department officials say they are unable to confirm South Korea's claims that Mirim or any other North Korean hacker academy even exists. And some U.S. defence experts accuse South Korea of hyping the cyber threat posed by its northern neighbour, which they claim is incapable of seriously disrupting the U.S. military. Representatives of South Korea's National Intelligence Service, as well as its Institute for Defence Analyses and Information Security Agency, did not respond to requests for more information about Mirim College or North Korea's information warfare capability. In its 2000 annual report, South Korea's Ministry of National Defence said a 5 percent budget increase was allocated mainly for projects such as "the buildup of the core capability needed for coping with advanced scientific and information warfare." The report also revealed that South Korea's military has 177 "computer training facilities" and had trained more than 200,000 "information technicians." Meanwhile, in North Korea the lack of basic necessities, such as a reliable electrical grid, presents huge obstacles to the creation of information-technology infrastructure, according to Peter Hayes, executive director of the Nautilus Institute, who published a recent study of North Korea's IT aspirations.

There’s another cyber warfare between hackers of China and Taiwan.

Nowadays, any political conflict engaging interests of several countries or irreconcilable political powers arises the growth of hackers’ activities. One of the brightest examples was hackers’ reaction to dramatic events of September 11, 2001.

September 14, 2004 leading websites of Chechen separatists “Chechen Press” and “Caucasus Center” became unavailable to visitors. It happened after Lithuanian government refused a Russian request to shut down a pro-Chechen Web site that published a $20 million reward for assistance in the capture of Russian President Vladimir Putin, saying it cannot take action without a court order. Servers of “Chechen Press” were hacked on September 4, the next day after the assault on a school in Beslan, where terrorists held more than 1,200 of hostages for more than 2 days. Address Chechenpress.com turned unavailable too. The owners of the site changed the domain name to chechenpress.info. For the last 10 days these servers have been exposed to numerous hacker attacks, however they have been still accessible.

BW: Also, there has been a rise over the past four years in Islamic fundamentalists' hacking activities. Is there any evidence this is being directed by Islamic religious leaders, terror groups, governments, individuals, or a combination of all of these groups?

VG: Arabian Electronic Jihad Team (AEJT) declared its existence in the beginning of year 2003 and their goal to conquer the Internet. They said they would destroy all Israeli and American web sites and also all other “improper” sites. In August 2003, an overall electricity break happened in USA, resulting in preliminary material damage of $ 2-6 billion. During investigation of this accident, new facts showed that fails in computer networks were the main reason for emergency accident. “Blaster” worm jammed communication channels between control centres on the day of cascade breakdown. As a result, time of data transfer significantly increased and personnel didn’t manage to prevent breakdown development. And it is really difficult to say now whom to blame for this: Blaster or terrorist gang “Abu-Nafsa Brigade”.

BW: Lastly, I am looking to interview a hacker involved in any of the activities above. I realise this may be a difficult request, but any assistance you could offer me on this request would be greatly appreciated.

VG: Actually yes, it’s very difficult. Maybe the following links will be helpful:
http://www.crime-research.org/news/17.03.2004/138/
http://www.crime-research.org/interviews/Interview_carder2


 Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo