The Wiring of a Hacktivist
By: Maxwell Adams
“BE ALERT! There are sites mimicking this site in attempt to phish your UTORid and password.”
This is the current warning message displayed on the student portal login page. And it’s no joke. There are now hundreds of criminal hackers, individuals committed – nay, devoted – to getting hold of your Utoronto email account, presumably to wreak havoc upon your academic record.
Okay, so that last bit was an exaggeration. However, the mild threat of fraudulent websites which has, according to the University, managed to seize 1.5 to 10 Utoronto email accounts daily is but a shy glimpse into the fierce world of hacking and computer crime.
How did hacking, as we know it, begin? Was it a rogue band of mischievous pickpockets who expanded into the IT sector? No. Was it basement nerds fiddling with computer hardware and some code? Aye, possibly. No one knows for sure, but one theory is that before turning to crime, the practice had its roots in the liberal (and perhaps naïve doctrine) that “all information should be free.” Though we shouldn’t confuse these hackers with hippies and nudists, a remarkable amount of today’s computer and Internet technology has come from such subcultures, decentralized from the obstruction of corporate hierarchy and the delusion of the formal education system. Some of the first hackers’ endeavors resulted in what is now everyday technology: Video games, word processors, personal computers (product of hack-daddy Bill Gates), and countless other digital masterpieces.
However, we’re well aware that not all hackers are bright and playful. Recall some of the most recent cyber atrocities, performed using a few elegant lines of computer code: In April, Canadian Sony PlayStation customers pressed charges after their personal information was compromised by unknown hackers, and the recent activities of ‘Hacktivist’ groups like Anonymous, who was responsible for denial-of-service attacks (DDoS) on MasterCard, Visa and Paypal.
Unknown hacktivist groups, however, aren’t the scariest thing in cyberspace. Indestructible ‘botnets’ pose “the most sophisticated threat today,” according to Sergey Golovanov of Russian computer company Kaspersky Labs. Currently, the botnet we face is in its fourth edition and has captured 4.5 million PCs between March and June this year. It cunningly dodges detection by hiding its viral code in files of the computer that are overlooked by regular antivirus software (e.g. the instruction code for startup). What’s more, security researchers say that the botnet is not fully autonomous. People control it. Using ‘custom-made encryption,’ a technique that involves the transfer of information that appears to be jumbled to all except for a specific sender and receiver, hackers can steal data and use the overrun computers to attack without being traced by investigators. In other words, hide your code, hide your life.
Can we combat the likes of the botnet (or the U of T account phishers)? Aye, possibly – but we’re going to need some serious weapons of our own. As we’re entering a cloudy future (pardon the pun), we will increasingly rely on Internet security, and as communication technology advances, so will the ways in which it can be manipulated by the wrong people.Whatever happened to phishing for the Loch Ness Monster?