Think Information. Think Security.
 
Picture
When gmail accounts of some of the US state officials were hacked two weeks ago, the Defence Department categorized any serious cyber attack, as an act of war. Since Google had tracked down the source of the attack to a certain province in China, it was all too clear that the Pentagon was not beating about the bush while taking the cyber threat seriously. The gmail attack came hot on the heels of another high-profile attack – Lockheed Martin Corporation, the high-tech defence firm.

Having been annoyed by implicit accusation, China hit back at Google by warning that the company would face the music, if it accused the Chinese government of covert involvement.

The disturbing cyber nuisance did not end there. The servers of Sony, the entertainment giant, were subjected to two successive hacking within a matter of days. On the first occasion – the more serious one – the accounts of millions of had been hacked into and then details were stolen; the servers of Nintendo suffered the same fate. On June 3, the servers of Codemasters, the largest UK game publisher, were hacked. The hackers did not spare even the National Health Service of the UK; there has been a breach of security in some servers, according to media reports.

The spate of attacks has pushed millions of online users, not necessarily the folks who play games, into a state of perpetual anxiety. Since the hackers have been able to stay a few rungs above the security experts along the learning curve, it’s high time the threat was treated as something against the whole online community, not just selected strata of it.

The companies, which have been affected, are counting the cost in terms of loss of both revenue and reputation. Although, they assure the customers of better security mechanisms in future – and when the horse had left the barn, of course – restoring customer confidence is going to be an uphill struggle for the companies in question.

According to the details that came out so far, the hacking had been performed by duping the customers into web pages which looked identical to what they normally had been familiar with; once signed in, they had been taken for a ride, to say the least.

So, the companies affected implied that the customers should not have done that; well, how do ordinary folks distinguish between a real one and a fake one, when they look almost similar? The explanations have not gone far enough to address the serious side of the issue; all they can say is warning the public to be on their guard at all times – and they already are.

These high profile hackings are not the works of adventurous individuals, carried out in their bedrooms as a way of fighting boredom. Nor are they the works of teenagers, who could spare hours on computers in typing in endless combinations of characters into login names and passwords, in the hope that one of them would make them lucky by pure chance – one day. The nature of sophistication clearly shows the involvement of highly organized individuals – perhaps, with a substantial technical background – who are prepared to break hell lose, if they can get away with it.

The two groups, which are at the forefront of hacking, are Anonymous and LulzSec. The former claims to be a ‘leaderless structure’ while the latter introduces itself as the ‘world’s leaders in high-quality entertainment at your expense.’ Who can disagree with them?

Anonymous has been in the habit of hacking into government websites in order to teach them a ‘lesson’; it was at its peak of activities, known as ‘hacktivity’, when Wikileaks were coming out in dribs and drabs. LulzSec, meanwhile, claims that since fun is restricted to Fridays, they are going to extend it beyond that – and to the weekend. Whether what is fun for LulzSec, is certainly fun for everyone, remains to be seen in the days ahead!

In addition, there are clumsy hackers too. I keep getting an email from one such stupid hacker, who is in the habit of urging me to collect a parcel from a well-known courier service while clicking on a link provided. However, he could not completely conceal the tentacles of idiocy: the ‘To’ field of the email consists of a chain of email addresses, not just mine. So, I decided to keep getting the emails for academic purposes, without diverting them into a spam folder.

If a user can be duped by such an email, then of course, big companies cannot be blamed for mistakes of that kind. In short, users have to be a bit responsible too while login into similar-looking web sites and opening unsolicited emails.

As the menace of hacking reached fever pitch, some countries in South East Asia have started cracking down on potential hackers – finally. The arrests have been made in Malaysia, Indonesia and Taiwan. However, this is just the tip of the colossal iceberg.

The geography of the places where hackers were found, the time taken before the action being carried out and the abundance of other regional criminal activities, do not paint a serene picture for the online community in particular, and the law-abiding global citizens in general.

If the governments in question keep treating the threat as trivial or non-existent, the trend can easily give a cumulative nasty shock for all of us at an unexpected time - something from which we may not recover without paying a heavy collective price.

Editors Note: Cross Post from Asian Tribune



Leave a Reply.