Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Misha Glenny  Hire the hackers!

Misha Glenny  Hire the hackers!

Ratings: (0)|Views: 74|Likes:
Published by zuchaga

More info:

Published by: zuchaga on Sep 17, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/12/2014

pdf

text

original

 
Misha Glenny
 
Hire the hackers!
ABOUT THE SPEAKERMisha Glenny
Journalist Misha Glenny leaves no stone unturned (and no failed state unexamined) in his excavation of criminal globalization.
ABOUT THIS TALK
Despite multibillion-dollar investments in cybersecurity, one of its root problems has been largelyignored: who are the people who write malicious code? Underworld investigator Misha Glenny profilesseveral convicted coders from around the world and reaches a startling conclusion.
Now this is a very un-TED-like thing to do, but let's kick off the afternoon with a message from a mystery sponsor. Anonymous: Dear Fox News, it has come to our unfortunate attention that both the name and nature of Anonymous has been ravaged. We are everyone. We are no one. We are anonymous. We are legion. We do not forgive. We do not forget. We are but the base of chaos.Misha Glenny: Anonymous, ladies and gentlemen -- a sophisticated group of  politically motivated hackers who have emerged in 2011.  And they're pretty scary. You never know when they're going to attack next, who or what the consequences willbe.But interestingly, they have a sense of humor.These guys hacked into Fox News'Twitter accountto announce President Obama's assassination.Now you can imaginethe panic that would have generated in the newsroom at Fox. "What do we do now? Put on a black armband, or crack open the champagne?" (Laughter)  And of course, who could escape the irony of a member of Rupert Murdoch's News Corp. being a victim of hacking for a change.(Laughter)(Applause)Sometimes you turn on the news and you say, "Is there anyone left to hack?" Sony Playstation Network -- done, the government of Turkey -- tick,Britain's SeriousOrganized Crime Agency -- a breeze, the CIA -- falling off a log. In fact, a friend of  mine from the security industry told me the other day that there are two types of  companies in the world: those that know they've been hacked, and those that don't. I mean three companies providing cybersecurity services to the FBI have been
 
hacked. Is nothing sacred anymore, for heaven's sake? Anyway, this mysterious group Anonymous -- and they would say this themselves --they are providing a service by demonstrating how useless companies are at protecting our data. But there is also a very serious aspect to Anonymous -- they are ideologically driven. They claim that they are battling a dastardly conspiracy. They say that governments are trying to take over the Internet and control it, and that they,  Anonymous, are the authentic voice of resistance -- be it against Middle Eastern dictatorships, against global media corporations, or against intelligence agencies, or  whoever it is.  And their politics are not entirely unattractive. Okay, they're a little inchoate. There's a strong whiff  of half-baked anarchism about them.But one thing is true: we are at the beginning of a mighty struggle for control of the Internet. The Web links everything, and very soon it will mediate most human activity. Because the Internet has fashioneda new and complicated environment for an old-age dilemmathat pits the demands of security with the desire for freedom.Now this is a very complicated struggle.  And unfortunately, for mortals like you andme, we probably can't understand it very well. Nonetheless,in an unexpected attack of  hubris a couple of years ago, I decided I would try and do that.  And I sort of get it. These were the various things that I was looking at as I was trying to understand it. But in order to try and explain the whole thing, I would need another 18 minutes or so todo it, so you're just going to have to take it on trust from me on this occasion, and let me assure you that all of these issues are involved in cybersecurity and control of theInternet one way or the other, but in a configuration that even Stephen Hawking would probably have difficulty trying to get his head around. So there you are.  And as you see, in the middle, there is our old friend, the hacker. The hacker is absolutely central to many of the political, social and economic issues affecting the Net.  And so I thought to myself, "Well, these are the guys who I want to talk to."  And what do you know,nobody else does talk to the hackers. They're completely anonymous, as itwere.So despite the fact that we are beginning to pour billions, hundreds of billions of  dollars, into cybersecurity -- for the most extraordinary technical solutions -- no one wants to talk to these guys, the hackers, who are doing everything. Instead, we prefer  these really dazzling technological solutions,which cost a huge amount of money.  Andso nothing is going into the hackers. Well, I say nothing, but actually there is one teeny weeny little research unit in Turin, Italy called the Hackers Profiling Project.  And they are doing some fantastic research into the characteristics, into the abilitiesand the socialization of hackers. But because they're a U.N. operation, maybe that's why governments and corporations are not that interested in them. Because it's a U.N. operation,of course, it lacks funding. But I think they're doing very important work.Because where we have a surplus of technology in the cybersecurity industry,we havea definite lack of -- call me old-fashioned -- human intelligence.
 
Now, so far I've mentioned the hackers Anonymouswho are a politically motivatedhacking group. Of course, the criminal justice system treats them as common old garden criminals. But interestingly,Anonymous does not make use of its hackedinformation for financial gain. But what about the real cybercriminals? Well real organized crime on the Internet goes back about 10 years when a group of gifted Ukrainian hackers developed a website, which led to the industrialization of  cybercrime. Welcome to the now forgotten realm of CarderPlanet. This is how they were advertising themselves a decade ago on the Net. Now CarderPlanet was very interesting. Cybercriminals would go there to buy and sell stolen credit card details, to exchange information about new malware that was out there.  And remember, this is a time when we're seeing for the first time so-called off-the-shelf malware. This is ready for use, out-of-the-box stuff, which you can deploy even if you're not a terribly sophisticated hacker. And so CarderPlanet became a sort of supermarket for cybercriminals.  And its creatorswere incredibly smart and entrepreneurial,because they were faced with oneenormous challenge as cybercriminals.  And that challenge is:How do you dobusiness, how do you trustsomebody on the Web who you want to do business withwhen you know that they're a criminal? (Laughter) It's axiomatic that they're dodgy, and they're going to want to try and rip you off. So the family, as the inner core oCarderPlanet was known, came up with this brilliant idea called the escrow system. They appointed an officer  who would mediate between the vendor and the purchaser.The vendor, say, had stolen credit card details; the purchaser wanted to get a hold othem.The purchaser would send the administrative officer  some dollars digitally, and the vendor would sell the stolen credit card details.  And the officer would then verify if  the stolen credit card worked.And if they did, he then passed on the money to thevendor  and the stolen credit card details to the purchaser.  And it was this which completely revolutionized cybercrime on the Web.  And after that, it just went wild. We had a champagne decade for people who we know as Carders.Now I spoke to one of these Carders who we'll call RedBrigade -- although that wasn't even his proper nickname -- but I promised I wouldn't reveal who he was.  And he explained to me how in 2003 and 2004 he would go on sprees in New York, taking out $10,000 from an ATM here, $30,000 from an ATM there, using cloned credit cards. He was making, on average a week, $150,000 -- tax free of course.  And he said that he had so much moneystashed in his upper-East side apartment at one point that he just didn't know what to do with it and actually fell into a depression. But that's a slightly different story, which I won't go into now. Now the interesting thing about RedBrigade is that he wasn't an advanced hacker. He sort of understood the technology, and he realized that security was very important if you were going to be a Carder, but he didn't spend his days and nights bent over a computer, eating pizza, drinking coke and that sort of thing. He was out there on the town having a fab time enjoying the high life.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->