Privateers?

Recent hacking efforts, which may or may not have been the Chinese, led me to suspect that we’re about to enter a phase of computer espionage unlike anything since the 1600’s when private pirates roamed the seas in pursuit of foreign vessels with the (concealed) blessings of the monarch of the port they called home. These Privateers plied the seas for 300 years in private wars of sorts, when the world was divided into many powerful independent countries, not unlike the Internet is today.

We used to say the Internet was like the Wild West, but that was then, this is now. The West was a homogeneous frontier, with independent law meted out without necessarily following legal precedent. Nowadays, we have several powers crossing International borders. Similar to Mexican bandit raids, when they were fashionable, but more closely mirroring the Privateers. In time, this too shall pass, and my guess is we’ll see a cold digital war. History has a way of doing that.
So assuming that Privateers are the blossoming security threat, and setting aside the moral issue for philosophers and ethics professors, what does it look like, and what should we expect?
For starters, we’ve got to quit blaming the source country. Any security professional will tell you that the origin you think you see is in all likelihood not the true source. A cyber cafe is the perfect place to plant a set of utilities for hacking, creating a false harbor/port for use in attacks. Anyone can get code put on just about anything anyplace. It may not stay there for long, but if you are funded, many new options open up. One could, for example, blow $300 on low end laptop with wifi and an extension cord. Sneaking that into a company perimeter is child’s play (in fact, kids do it all the time, pirating wireless in their neighborhoods). It may not last the week, but in that week, a pro can use that jump point to create 100 new jump points. Universities are another obvious infection point. And once a base of operations is established, its not a terrible problem to create a chain of compromised hosts in various countries allowing you to engage the real target with impunity.
Given funding, or at least a blind eye by the host country, a hacker can attempt to accumulate monetary or intellectual property with no fear of reprisal. The host country claims ignorance, as long as they are getting their piece, and the privateer gets to keep at least part of the loot.
On the international scale, you have an additional complication. If a hacker breaks into a company and steals money, or blackmails them, or any of a dozen ways to get money, the company may not be keen on reporting the situation. If your business could be adversely affected by admitting you’ve been hacked, hiding the issue is good business, in some situations. Which is why the US regulates some cyber attack scenarios to force admission.
The point is, if anyone with the experience can do it, and some outside agency is willing to participate or at least ignore the efforts, Cyberteers can accomplish a great deal, just like their past relatives, people like Sir Francis Drake. They are more motivated than casual hackers, so the normal rule of thumb, “just be safer than the next guy” doesn’t apply. If you’re a target, you need to be very safe. Above the norm. Well above, depending on your risk.
Update your risk models to include this class of threat, if you haven’t got it listed already. We’re bound to see more of these folks until anther Treaty of Paris is signed.
Digital Trust, LLC

This blog and it’s contents copyright 2010 Digital Trust, LLC. Republication of this post is permitted provided it is strictly on internal corporate messaging systems; no public re-use is permitted without licensing. Any republication or reuse is forbidden if the Digital Trust name is removed.