The Multinational Hacker

While we are wondering about attribution, we need to wonder a little more about hackers.

I was sitting on a boat with Cliff Stoll talking about how he got involved with stopping German hackers trying to get into his university.  The story was documented in his book the Cuckoo's Egg.  Cliff is a character who was not well liked by the establishment, and an astronomer by trade.  It was hard to figure out what he was doing speaking at the same Baltimore Computer Security Conference I was.  He said it was because the hackers were not from the U.S and wanted to get into our computers that gave him motivation to fight almost everyone to get to the root of the hacking.  It took a year to do, and he needed a lot of help.  What he found in the end was that these guys were hacking for information that other people would pay them for.  Today, that sounds like an everyday occurrence.

There are still quite a few hackers who make a living stealing information that other people will buy.  They steal answering machine messages, e-mail, private notes and papers, location information, hotel registrations and anything of value to a divorce lawyer, blackmailer, or spy.  I should add that these folks are professionals who make money the old fashioned way and seldom get caught.  Occasionally, they work for governments, or governments make use of information they have collected.  Occasionally, they might work for criminals.  Some buyers will overlook the fact that the information was stolen or illegally obtained.  They have an interesting balance to maintain:  if they talk too much about their successes, they become targets of the people they are hacking.  If they don't talk enough about their successes, the die from lack of business that keeps them going.

As I said in my second book, there is a difference between these guys and government hackers.  Government hackers are employed by the governments who want to do other things like collect intelligence or prepare for war, should it come.  These hackers are generally very good and do not get caught.  If they are, they need plausible deniability i.e. "It wasn't me it was someone else".  The most striking example of this was the Chinese Army people hacking U.S industry targets because they broke all the rules.  They got caught, and left enough tracks to be unable to deny what had been done.  These are not professionals of the same caliber, and points to what happens when the military gets to run these kinds of operations.  Either that, or they wanted us to know that they were doing it.

Then, we have the so-called Patriotic hackers who, by all accounts, are so patriotic that they want to do something with their hacking skills to help their country.  They steal information and give it away, making it public or passing it to the right government offices without payment.  This group is either independently wealthy, living at home, or both.  Well, that is what some governments would like for us to believe.

All I am saying is that hackers are not as easily identified as some news outlets believe.  There are grey lines everywhere and no clear lines of employment like payment trails or contracts.  Both sides would find those cumbersome.  So, when we say that so-and-so hacked such-and-such it might not be so easy to say for sure if a government did it, a for-profit group did it, or somebody trying to help his country for some unknown reason.  Cliff would have found all of that irrelevant to his task - finding the hackers and stopping them from completing their work, strengthening defenses, and looking at the stars.  Sometimes the politics gets in the way of that.