Thursday, February 11, 2010

Black Hawk Down


When Google elected not to participate in the censorship of Chinese-based searches, it (and similar sites) soon found itself the subject of targeted hackers’ attempts to breach its security walls. As a part of a statement issued by Google to the press on January 12, 2010, it noted: “[W]e have evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists. Based on our investigation to date we believe their attack did not achieve that objective… [I]ndependent of the attack on Google, we have discovered that the accounts of dozens of US-, China- and Europe-based Gmail users who are advocates of human rights in China appear to have been routinely accessed by third parties. These accounts have not been accessed through any security breach at Google, but most likely via phishing scams or malware placed on the users' computers.” Secretary of State Hillary Clinton soon announced that the U.S. would provide financial assistance to groups fighting censorship within China. The Peoples Republic was outraged, calling the U.S. an “information imperialist.” Since then, Iran seems to be shutting down Google and gmail access as well. Censoring, hacking, spying.

But let’s face it, spying and hacking are part of every major intelligence agency’s basic mandate in a modern world. The U.S. is probably the biggest hacker in the world, but it’s not exactly something we are going to brag about. But because the U.S. is so completely “wired,” where the entire financial sector, corporate communications, the power grid to the complex interweaving of intra and inter-governmental agency connectivity are based on one form of the Internet or “another,” we are also ultimately more vulnerable to attack than any other nation on earth…. The Pentagon has been charged to create a centralized defense operation (the Cyber Command) to defend the United States – its military and critical civilian institutions – from cyber-attacks intended to disable America’s economic and military computer systems and Internet linkage, but everyone knows that we are still very, very vulnerable. OK, we’ve not actually been at war, but what can happen in combat has already been “projected” by recent history.


It does get worse when the intent is a precursor to a military invasion, an event that suggests the future military aggression. Within the first month of China’s Defense Ministry setting up shop (on August 20, 2009), 2.3 million attempts to hack into the system were recorded! Just days before Russian forces invaded the nation of Georgia in early August, 2008, Georgian-government file servers (their digital storage systems) and Websites were taken out by an explosion of messages, many directed from the United States. The August 13, 2008 New York Times reported: “Researchers at Shadowserver, a volunteer group that tracks malicious network activity, reported that the Web site of the Georgian president, Mikheil Saakashvili, had been rendered inoperable for 24 hours by multiple D.D.O.S. attacks.” This is the first recorded use of such a cyber attack in a military conflict. The principal message of this cyber attack: “win+love+in+Russia.”


Shortly thereafter, on Thanksgiving (November 27, 2008), a “malware” computer attack of the U.S. Central Command (which oversees combat operations in Iraq and Afghanistan) also appeared to originate from “somewhere inside Russia,” and wreaked havoc with vital defense systems in the region. The virus appears to be of a new variety that is designed specifically to disable or cripple military networks. We can expect this form of attack to become a routine aspect of warfare, probably expanding to target the Web connectivity of entire nations, slamming both military and civilian targets – ranging from compromising defense security to shutting down all financial transactions and locking down power grids.


It’s no surprise that China employs censorship or that it is very interested in the workings of “liberal” or “anti-government” movements within and without its borders. The war of words between China and the U.S. escalated of late, not just over Internet or “freedom of speech” issues, but over support for Iran, currency valuation and our own massive path of governmental deficits. It is interesting to see what “token steps” China has take of late to make little “gives” to U.S. demands, a reflection of a possible thawing in Sino-American relations.


China just announced the closed down the nation’s biggest “hacking school,” arresting the three principals of the Black Hawk Safety Net, an entity in central China that, according to the February 8th FastCompany.com, operated as follows: “It seems that their main crime isn't so much hacking themselves, but running a subscription site which provided sophisticated tools like Trojans [computer viruses that lie in wait for a future attack] and account-hijacking code. They also ran training sessions in which they'd show other coders how to write malicious code. Over the years of operation, Black Hawk attracted some 17,000 VIP members, 140,000 free-access members and had made a haul of the equivalent of just over a million dollars in membership fees. And that's actually pretty amazing--it implies that there's an active hacker base numbering in the hundreds of thousands just from this one site, and though the media is labeling Black Hawk as what's ‘believed to be’ the biggest site, there must be others, and they may be of a similar scale.”


Of course, you really have to ask some basic questions at the very existence of such a “school.” It obviously had to exist for years under the noses of Chinese authorities, and it is equally clear that no one in China takes risks like that without some form of government sanction, no matter how informal that might be. Further, if there is one such “school,” there have to be others, and training people with those basic hacking skills has to be valuable for any government looking to recruit the “best and the brightest.” I have no doubt but that our C.I.A. keeps its eyes on those with similar skills here in the U.S.


Whatever the motivation or the result, the new notion of “cold war” seems to be played on many levels; we face surrogate wars, where countries that hate us finance terrorist groups that operate far away from them in other nations… or… worse, without reference to any particular nation. Cyber attacks, often deployed with plausible deniability and not traceable to the originating nation, are the new secret weapons, often causing more damage than a well-place bomb.


I’m Peter Dekom, and the way humans carve away at each other never ceases to amaze me.

No comments: