Hackers Shift From Child’s Play To Serious Business

Cyber-attackers are hitting higher-profile targets for financial gain, for “hacktivist” causes or just for fun

Cyber-attacks have dominated headlines this summer as government agencies, large organisations and small businesses have been hit by malware, distributed-denial-of-service attacks and network intrusions. On the personal front, individuals’ email and social networking accounts have been hijacked.

Most cyber-attackers are motivated by money, whether it’s by looting bank accounts or selling stolen information to other criminals, said Josh Shaul, CTO of Application Security. However, there’s been a surge in politically motivated attacks in the past few months as a number of groups—including the notorious hacker collective Anonymous—turned to cyber-attacks as a form of protest.

PandaLabs researchers predicted last December that the cyber-protests that have added the word “hacktivism” to the English language will continue to grow in frequency because it’s been so effective in getting attention.

In the past few months, even hacktivism has been transformed as tactics and motivations have evolved. In the past, cyber-protesters generally defaced Websites or launched DDoS attacks to express their discontent.

In these DDoS attacks, Websites were overwhelmed with large volumes of server and database requests and became inaccessible to legitimate site visitors. For the most part, the majority of hacktivism relied on low-tech techniques for its activities, Shaul said.

Anonymous encouraged supporters to download the Low Orbit Ion Cannon tool and to “fire” millions of packets at the targeted site. The program didn’t do anything overly complex other than to use an automated script to repeatedly send a simple request to the target Web server in a very short period of time.

Some of their past targets included “anti-piracy groups,” such as the Motion Picture Association of America and the Recording Industry Association of America; businesses that cut off ties with WikiLeaks; or even the totalitarian regimes in North Africa facing pro-democracy demonstrations.

Provoking the beast

Things changed when Aaron Barr, then-CEO of HBGary Federal, bragged about having unmasked the identities of several Anonymous members. Some members breached HBGary Federal’s email server in February and posted stolen emails and sensitive documents onto a wiki, WikiLeaks-style.

Several researchers told eWEEK Europe UK that the attack on HBGary Federal was a sign of hacktivists adopting new and more aggressive tactics to express their displeasure.

Continued on page 2