New reports sound like they could be promoting a popular television drama series on mobsters - with a new technology twist. Something like: “The Sopranos go cyber.”
That’s right, we now know that hackers have formed gangs and hack each other. Computerworld ran this story which describes: Hacker selling access to compromise websites gets hacked. Here’s an excerpt:
“A hacking group called d33ds broke into the online shop of a rival hacker who sells unauthorized access to high-profile websites and data.
This illegal marketplace has been used in the past to advertise information stolen from websites belonging to the U.S. Army, the U.S. Department of Defense, the South Carolina National Guard and other institutions. Its owner, a hacker calling himself Srblche, also offered services that included compromising the particular servers his customers wanted.”
The concepts are not new. Writers were telling hacking stories about rival gangs decades ago. For example, take the book written in 1995 called, Masters of Deception: The Gang That Ruled Cyberspace. Publisher’s Weekly said,
“This riveting account of electronic gang warfare and computer crimes by two rival bands of hackers raises disturbing questions about computer security. One group of brainy teens based in New York City and calling themselves Masters of Deception (MOD) downloaded confidential credit histories (including those of Geraldo Rivera and Julia Roberts), broke into AT&T's computer system and stole credit-card numbers. Their arch rivals, the Texas-based Legion of Doom (LOD), launched a security service firm to assist corporations whose computers MOD has penetrated. MOD had one African American member, and it was the racial epithet electronically hurled at him by LOD hackers that triggered the feud, according to New York Newsday reporters Slatalla and Quittner, husband-and-wife coauthors of mystery fiction….”
The New e-Cop?
So is this the new normal? Is history repeating itself? Are CSOs and CISOs the new Chicago “copper” from the 1920s & 30s, when the gangs practically ruled the big city streets? (In our case, of course, we protect the new virtual superhighways of the Internet, our company and government assets and networks or other interconnected systems.) While this may seem far-fetched, I believe the analogy has some merit.
Want more proof? How about this article on how a cyber gang stole $13 million in a day.
Other related stories that describe this trend and go back a few years include this 3-part MSNBC story from 2007, which is still worth reading:
I even wrote this blog for CSO Magazine a few years back on the insider threat which describes how some hackers see their roles as vigilantes. These groups are forming with a variety of intentions – both for the good of society and to commit cyber crimes.
What’s my central point? The virtual world is evolving quickly, and cyber crime is changing (and growing) with it. I think cyber crime will be with us for the rest of our lives, and public and private organizations are in this cyber battle for the long haul. We need to be partnering in new ways with law enforcement in order to address new organized criminal challenges in new ways. Likewise, we need to utilize the skills and expertise of volunteer groups that want to help.
What are your thoughts on fighting organized cyber crime?
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.
During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.
He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.
He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.
Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.
He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.
Follow Lohrmann on Twitter at: @govcso
Building effective virtual government requires new ideas, innovative thinking and hard work. From cybersecurity to cloud computing to mobile devices, Dan discusses what’s hot and what works in the world of gov tech.