The Future is Now - The Dark Side and Hacktivism
Understand that the Dark Side is greatly motivated by social and political interests that are difficult to predict and not necessarily useful in forming strategic or tactical defense plans. This understanding will help organizations craft strategic decisions about layered protections in all verticals exposed to the Internet.
Mar 31, 2012 5:00 AM PT
We live in times when technology is exceeding the understanding of educational institutions and corporations. A highly social Web and a bad economy is making the Dark Side -- the Internet underworld where cybercrime and hacking run rampant -- overwhelming.
Hacktivism is the new, hip thing; it has become a hobby for people with higher-than-average computer knowledge. The movement is led by an elite few who have a deep, lifelong knowledge of computers, and it includes senior Fortune 100 corporate executives and highly placed governmental employees, as well as the ranks of the unemployed.
The elite world of hacktivism is at the center of the Internet's Dark Side. While governmental agencies are looking for the individuals responsible for various acts of hacktivism, they struggle with using their tried-and-true methods to move up the food chain to identify hacktivist leaders. What is not well understood is that these layers cannot be penetrated by the standard law enforcement methods that were once effective in collapsing organized crime groups.
Hacktivism exists because the Internet is an open society that has no boundaries in which normal legal process can be applied without taking significant and draconian action, like direct control of the systems that keep the Internet alive. The traditional legal requirements for evidence are hampered by the very void in which the elites live.
The Next Revolution
In the past, various law enforcement tools were enough to provide direct evidence of illicit activity. In today's environment, the legal framework is not capable of supporting more than "reasonable suspicion" (also known as the "Terry Stop"), the precursor to "probable cause," which gave rise to "beyond a reasonable doubt" -- the requirement to convict an individual charged with a crime in the U.S.
The current inability of law enforcement to take action on a broad scale is only one factor in the sustained growth of hacktivism. The elite provide a conduit for the large number of followers who participate in hacktivism for any number of personal reasons. This is not unique in society. Throughout human history, there has always been a voice for the disenfranchised, disaffected and generally youthful rebels against society. Hacktivism is simply the next revolution.
Even more disturbing are the depths at which these elites function. Many fraud attacks are not conducted by cybercriminals operating from the former Eastern bloc nations, but by mid-level followers of the hacker elites.
Criminal enterprises are able to retain these individuals to assist, plan and execute large-scale payment fraud. The latest fraud trend is the ability to add malicious software to a retail POS system connected to the Internet, which obtains transaction card data provided by the card's magnetic stripe. This data is sold to groups that encode cards with the original data -- including the card validation number, which is embedded in the stripe. This allows the criminal user to make counterfeit purchases with little chance of detection.
The defeat of criminals in the Internet space is dependent upon high quality, real-time intelligence and the ability to use that information in a manner that can deflect attackers before they have launched an assault against their selected target.
Believing that cybercrime and fraud attacks can be defended against by using conventional methods or practices won't defeat the opponent. History proves that fighting the last war will lead to defeat in the next one. So, how do we engage in the current struggle?
First, Know Your Enemy. Understand that the Dark Side is greatly motivated by social and political interests that are difficult to predict and not necessarily useful in forming strategic or tactical defense plans. This understanding will help organizations craft strategic decisions about layered protections in all verticals exposed to the Internet.
Second, Don't Leave the Barn Doors Open. Realize that all networks and systems exposed to the Internet can be compromised. If you don't, it may be too late already.
Third, Let the Right One In. Add context to any activity that involves transactions between systems or individuals. This will give you a better idea of who is actually trying to get in your house.
Additional information provides a greater degree of accuracy and timeliness for decision-making in real time.