Hackers Gain Notoriety As Cyber Attacks Increase

by p b    Jun 21, 2011

June 21, 2011
By Ashwani Mishra and Vishwanath Patil

Hacking group, LulzSec has been making headlines on a virtually daily basis for a month or so now. The group brought down the CIA website and attacked Sony, Nintendo and a few tech companies with links to FBI and the US Senate.

India is also facing similar attacks. Early this month, an unknown group of hackers defaced the National Information Centre (NIC) and posted a message addressing the Indian Prime Minister, protesting against the recent police crackdown on supporters of spiritual leader Baba Ramdev.

The Indian army website and the sites of the Central Bureau of Investigation (CBI) have been hacked in recent past. The so called “Pakistani Cyber Army” owned the attack on India’s federal investigation agency’s site.

The big concern for government authorities and security experts across the globe is the use of basic free online hacking tools being used to carry out such attacks.

“This is nothing but democratization of the power that technology presents and it’s now easy for anyone to start hacking,” says K M Asawa, GM (Dataware House and MIS) at Bank of Baroda.

In December, last year the World Wide Web was bombarded by a flood of hacking incidents that included attacks on some high profile sites like PayPal, MasterCard, and Visa. These attacks were conducted by a group that calls itself Anonymous and was carried in support of WikiLeaks’ Julian Assange. Anonymous, has been around for almost a decade, and is a loose group made up of an indefinite number of members

According to C J Desai, Vice President of Engineering at Symantec, advancements in technology has unintentionally lowered the bar for hacking.

“Earlier, hackers had to write the programme codes themselves. Now there are toolkits available online, and one can create their own malware easily using these toolkits,” he says.

There were 286 million new cyber threats last year as compared to 120 million in 2008, a May Internet Security Threat Report by Symantec said.The company believes that the availability of these kits are likely responsible for the increase of malicious attacks on the Internet,

In the last three weeks alone, hackers managed to breach the security of the International Monetary Fund, CitiBank, the Spanish police, Google, and the CIA.

According to Supreme Court advocate and cyber law expert Pavan Duggal the attack on the websites of government agencies is an act of cyber war and not merely a hacking incident.

NASSCOM, India’s software lobby is working in tandem with various IT companies and the Indian government to raise awareness on cyber security and data protection and cyber policing.

“Presently, there is under reporting of cyber-crime cases both from private sector and individuals. When it comes to private sector, it is concerned about the capabilities of law enforcement agencies to investigate the cases,” Pratap Reddy, Senior Director-Cyber Security at Nasscom told CXOtoday.com

“There are many reasons like long duration of trail of cases in courts of law, companies are worried about their reputational risk of undue publicizing in a negative way which are making it difficult to curb cyber security related crimes,” says Reddy. “Collaboration between private and public sectors both nationally and internationally will help to curb security threats.”

Industry watchers opine that hacking events of this level will change people, processes and technology in ways that are sustaining and significant.

“Such attacks will help companies to come out with stronger information security protection,” says Asawa.

Symantec’s Desai, however, warns that while harmless fun hacking and hacktivism activities appear to be growing, a bigger number of hackers are doing it for money. “There are increasing numbers of hackers who now work for money than fun and it’s a big business,” he says.

Security experts believe that many sophisticated hackers avoid monetizing the security lapse immediately. They often prefer to gather information or intelligence, to ascertain what would be the best way in the long term to monetize their presence.