Information Security News mailing list archives
Hackers of a Different Color
From: InfoSec News <isn () C4I ORG>
Date: Mon, 12 Feb 2001 00:28:29 -0600
Forwarded by: Kelley <kwalker2 () gte net> http://www.abqjournal.com/news/248842news02-11-01.htm ABQjournal.com Sunday, February 11, 2001 Hackers of a Different Color By Jennifer McKee Journal Staff Writer Some are pranksters. Like the group known as "scriptx," which cracked into a Web site two weeks ago only to post a picture of a jolly fat man wearing nothing but a Santa hat and a smile. Some are Romeos. A guy with the online handle "psaux," for example, cracked into more than 100 Brazilian Web sites in January to tell his girlfriend, Kica, that he loves and wants her. These are the folks that computer criminal "MagicFX," the guy the FBI believes is Jerome Heckenkamp of Los Alamos, hung around with in the cyberworld. Hackers, crackers or script kiddies they break into Web sites or play with the codes that run computers. Some are online good Samaritans who raid kiddie porn sites and destroy the offending pictures. Some are "hacktivists" who vandalize with pro-Kashmir, pro-Arab, pro-Israeli, pro-you-name-it messages. They are a misunderstood bunch, said Brian McWilliams, a reporter with InternetRadio, an online news show that tracks both the Internet industry and its problems. Not all are criminals, he said. And not all are, technically speaking, "hackers," although mainstream society tends to lump them under that heading. They do not fit nicely into stereotypes, said Ross W. Nadel, chief of the computer hacking and intellectual property unit for the U.S. Attorney's Office in Northern California, one of a handful of federal prosecutors specializing in computer crime. "They're not all the 16-year-old kid in his bedroom, curious, playing games," Nadel said. And when they do break the law, they can cause real, quantifiable damage even though they may not intend to. Though we've heard about them for more than a decade, hackers are a whole new animal. "I do it because I'm bored," a 19-year-old Mexican e-vandal who calls himself "malcolm-x" said in an e-mail to the Journal. "If I had a girlfriend things would be different." "Yeah, I could say that hacking is a social activity, because you send out a message, you communicate," wrote another, an American hacker who calls himself Diablo and says he works with a hacking team known as Pentaguard. "Hacking and defacing will always remain something only for da underground. If the Internet was New York, then the hacking scene would be some ghetto like Brooklyn or something. This is our cyber-underground." The real hackers Hacking is almost an elite term, McWilliams said. The term hacker, in its strictest interpretation, refers only to people who play with computer code the numbers, letters and symbols that run everything from Windows to eBay. Hackers tend to be older, gainfully employed and educated. "There are people who like to take code apart," McWilliams said. "These are (like) the people who used to take apart bikes or toasters, just to see how they work." Most people never see the code running their computer. But certain computer languages, such as Linux, do not mask their codes behind user-friendly windows. These programs, instead, leave the code on the surface so hackers can readily play with it. That's not against the law, McWilliams said, and, in fact, is considered almost high-brow in the world of computer know-it-alls. "Every good programmer or system administrator must also be a good hacker," Diablo wrote. Cracking is where things get subversive. The term refers to cracking into Web sites or cracking software copyrights, like messing with code on programs not designed for it, McWilliams said. Most so-called hackers could easily pull it off if they wanted. Just below crackers are script kiddies, the "lowest form" of code tweakers according to Codeflux.com, a hacker Web site that publishes a "jargon dictionary." Crackers might cause problems and even break the law, but at least they write their own code, or so goes the logic of the scene. Script kiddies download or buy pre-packaged "scripts" that will scan the Internet looking for vulnerable Web sites and crack into them. In a subculture that prides itself on being smarter than the average person, script kiddies are considered the ultimate poseurs. Such pre-written cracking codes apparently are easy to come by, however. Rapt0r, an Israeli "hactivist," wrote in an e-mail that he and his hacking team, m0sad, routinely give them away. Seeking attention The most visible form of so-called "hacking" is defacing ? breaking into Web sites and replacing the homepage with messages of the defacer's own choosing. Defacing is actually "cracking," if you're keeping track. Heckenkamp, 21, the Wisconsin native fired recently from his Los Alamos job after the FBI charged him with computer crimes, is accused of cracking into eBay and defacing its homepage. He was released on bond from jail Thursday in California and is awaiting trial. "It's the moral equivalent of spray-painting," McWilliams said of defacing. Indeed, many Web site defacements read like interstate overpass graffiti. "Yo admin, 'sup homie?" read one recent defacement from a cracker group that calls itself Digital Enemy. "Every hacker has its own reason," Diablo wrote. "For curiosity, because we can, for the challenge, for fun. Some hack for political reasons or because they want to share their views." There is glory in defacements, McWilliams said, and many crackers do it just for the attention; it showcases not only their Web design skills and gives a sounding board for their message, but is also electronic proof that the defacer outsmarted some poor system administrator. "Kissing is my hobby and (having sex) is my game," reads another defacement, cracked by a person who goes by the handle Dr. Hacker. Most defacers mean no real harm, McWilliams said. Many don't destroy the old homepage and include links from their defacement to the proper Web site. Some even offer instructions on how to fix the problem. "Anything that's .com, .gov or .mil will get you more points," McWilliams said, referring to the domains that are home to, respectively, American commercial, government or military sites. "Among your peers, it's very cool." Most crackers usually end up defacing sites nobody would ever see, the sites most easily cracked. Dr. Hacker, for example, cracked the Web site of the Magnetic Empire, a small CD wholesaler in Toronto. A challenge, a cause Were it not for the work of hacker-tracking Web sites, few people would ever see the defacers' handiwork. Groups like attrition.org and others track and post exact copies of hacked Web sites daily. One such hack-tracker, alldas.org, tracked 69 hacks on Feb. 1 alone, and that was just the ones it knew about. Popular, well-known and presumably well-secured sites such as eBay ? where customers auction off memorabilia and just about anything else ? are the holy grail of defacers. Heckenkamp is accused of cracking not only eBay, but several other big-name sites Qualcomm, Juniper Networks, Exodus Communications, Lycos, E*Trade and others. "That's the cracker's dream," McWilliams said, "something that will be seen by real people instead of their peers." Growing in popularity are so-called "hactivist" groups like Rapt0r's team, m0sad. Another, GForce Pakistan, a group of Pakistani students, was the most prolific cracker team last year, according to attrition.org statistics. The group typically posts messages detailing the horrors of the Kashmiri struggle for independence and separation from India, although one recent defacement consisted of a string of curse words and assorted statements of bravado telling the world how tough and untouchable GForce is. Rapt0r wrote that he met the other members of m0sad at college in Israel. At first they merely tweaked with code. Hanging out on hacker-oriented Israeli computer chat rooms, they met others and gradually formed m0sad. At first, Rapt0r said, they didn't do any cracking. "We wanted to be a computer security group," he wrote. "But then the conflict with Arabs started in Israel and the TV showed pictures that we couldn't believe in. The TV shows poor Arabs, but not the Israeli people that die there every day. We wanted the world to know what really happens there." One recent m0sad defacement shows video of what the group says is an Israeli-sympathizing Palestinian being shot in the face by other Palestinians. "We do not deface or hack sites of other countries, only Arabs," Rapt0r wrote. Tallying the cost Defacing may be the public's only glimpse at computer crime, but according to McWilliams and the Justice Department's Nadel, defacers are not the Internet's most upsetting criminals. "Credit-card-number theft seems to happen fairly often," McWilliams said. "And (the thefts) often go unreported." And that's not the only problem encountered in finding and prosecuting computer criminals, Nadel said. Cyber crime is relatively new; many people still have the idea that it's a "victimless" crime. Far from the case, cyber-criminals can cause millions of dollars in damage, even if they're only attempting to show off, Nadel said. Some computer criminals don't merely break in to Web sites, they go further and penetrate a company's computer system. Once inside, they can destroy or change documents, steal passwords, intercept e-mail and otherwise wreak havoc. Some will attach so-called "sniffers" to a system almost imperceptible codes that scan all outgoing and incoming messages and gain access to proprietary information. "Like an invisible eavesdropping device," Nadel said. He estimates total damages in terms of both hours spent cleaning up after the cyber vandal and the cost of securing the system. In Heckenkamp's court case, Nadel who is helping to prosecute the Los Alamos man has pegged damages at $900,000. But McWilliams disputes the estimates. "I think those charges are kind of trumped up," McWilliams said. "It's always amazing the number tossed around by law enforcement on these crimes." Many in the cracking community argue that any corporation with lax enough electronic security especially an online giant like eBay to be cracked by a college kid deserves what it gets. The FBI, consequently they argue, shouldn't spend its time or money doing what the company should have done in the first place. Neither McWilliams nor Nadel agree with that argument. "In the real world, we expect the police to be there," McWilliams said. Arguing that eBay "asked for it" is like saying people deserved to be robbed for having locks that criminals can break. "I don't think you could accuse eBay of being negligent," he said. "You expect them to take reasonable measures, and computer security is so complex." Nadel explained the situation this way: If someone embezzled money from a bank relatively easily, the bank wouldn't be held responsible. A crime is a crime, he said, regardless of how hard the criminal had to work to commit it. Even defacements, which may appear harmless, are more than "spraypaint" when a Web site is your business. "There have been serious crimes committed that have real impact on victims," Nadel said. He declined to talk about the specifics of Heckenkamp's case. An eBay representative told the Journal that whoever broke into its system didn't access any credit card numbers or other user information and did not permanently destroy the Web page. So far, computer crime cases are so new and infrequent, Nadel said he doesn't know whether juries still believe the stereotype that computer criminals are somehow less criminal than traditional burglars and robbers. He's confident, however, that as the number of hacking cases grows, the public will start to see computer criminals as bona fide lawbreakers not just kids too smart for their own good. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Hackers of a Different Color InfoSec News (Feb 12)