Ideologically motivated computer hacking

The correlation between organised crime, politically and ideologically motivated hacker attacks and physical militant activity against government targets and large global businesses is increasing with every passing month, according to the mi2g Intelligence Unit’s ‘A Priori’ project.

The main beneficiaries of political instability are known to be transnational criminal syndicates who are increasingly involved in human trafficking and the trade in narcotics, contraband and counterfeit goods, digital entertainment, child pornography and software piracy. Such syndicates also perpetrate large-scale financial fraud, online ‘phishing’ scams1, spam campaigns, hacker attacks and the production of malicious code.

Co-operation between Western, East European, African, Middle Eastern, Far Eastern and Latin American intelligence agencies has been strengthening to combat the dual threats of transnational terrorism and organised crime. The latter is the increasingly active handmaiden of extremism because it benefits from instability and actively encourages it.

The Centre for Strategic and International Studies, the Global Organised Crime Project and the Financial Crimes Task Force estimate that global organised crime reaps combined profits of nearly US$1 trillion a year. This figure is roughly equivalent to the GDP of the UK, the fourth largest economy in the world. The damage to society resulting from the activities of these criminal organisations and their influence on labour unions, political institutions, financial markets and major industries is deep and long term.

About US$200 billion is cycled through untraceable or informal financial networks such as hawala banking, which is controlled through financiers in Pakistan, the United Arab Emirates (UAE), Egypt and Switzerland and is active in more than 150 countries. The hawala system is known to have partially facilitated organised criminal activity and Islamic extremism, notably the handling of some of the finances for the proliferation of weapons of mass destruction fabrication components to countries as diverse as Libya, Iran, and North Korea.

Bombings in Turkey, Morocco, Saudi Arabia, Pakistan, and India, all in 2003, were preceded by huge increases in digital attacks focused on those countries, as well as computerised assaults on the commercial and government assets of countries such as the US and the UK.

Cyberspace is the new frontier into which extremists and criminals are moving. The cost of entry is low and the chances of getting caught lower still. Identity theft, phishing scams targeting more than 30 major banks around the world and credit card fraud are all on the increase and provide cover for licit and illicit organised crime and extremist activities.

Computers and electronic communications not only perform information flow and order fulfilment in today’s economy but also are a vital component of the command and control that makes Western societies’ critical economic infrastructure tick.

From spam to malware2 proliferation, the use of home computer zombies3 is growing. Every single computer on the planet, which can be recruited for malevolent purposes, is being targeted either as an end-target or a go-between for launching attacks — known as Distributed Denial of Service attacks — followed by extortion or ransom demands. A number of companies have paid up.

Some zombies are also used for illegal file sharing and mail relays or proxies. The cost of digital crime worldwide now exceeds US$220 billion a year, according to the mi2g Intelligence Unit.

Fundamentalist hacking activity is rising and has become increasingly sophisticated over the past two years. Hacking groups from Kashmir, Pakistan, Morocco, Turkey, Chechnya, Saudi Arabia, Kuwait, Indonesia and Malaysia are collaborating with each other — as well as with anti-globalisation groups based in the West — to target international and domestic online assets. Large and small businesses, government computer networks and home computers have all been targeted, with the resultant business interruption damage assessed at tens of billions of dollars.

The intimate involvement of criminal syndicates is aiding and abetting the extremist agenda in many instances. These groups originate from the Russian Federation, China, Taiwan, Pakistan, the UAE, Brazil and Colombia. A number of pre-emptive arrests — based on tip-offs — to prevent terrorism have taken place in December 2003 and January 2004 in Kuwait, Saudi Arabia, Pakistan and India as well as in France, the UK and the US.

The mi2g ‘A Priori’ project continues to identify potential hotspots through the mi2g SIPS engine, which is the world’s largest database for overt hacker attacks on online servers. mi2g’s ‘A Priori’ early warning pilot for estimating the risk of future militant and organised criminal activity, based on past patterns of politically motivated overt digital attacks, suggests a number of potential target countries in March-April 2004 for terrorism, domestic insurgence and transnational crime.

The other dimension of asymmetric cyberwarfare is outer space: it is simply a matter of time before a commercial satellite is hijacked to broadcast extremist groups’ propaganda. The Chinese dissident Falun Gong group hijacked the Sino satellite in 2003 and broadcast its agenda in place of China Central Television’s scheduled programmes that reach nearly one billion viewers.

Chinese and Russian hackers have been approached for selling their skills through the black market in this area to political and religious extremists. The battle for hearts and minds is already under threat because of the suggestions by some satellite channels that some Western broadcasters are biased and only serve to project their governments’ agendas.

The mi2g Intelligence Unit is a leading provider of digital risk intelligence and analysis to global banking, insurance and reinsurance players as well as government agencies. mi2g analyses and collects data from more than 8,500 hacker groups worldwide. It provides detailed monthly and year-to-date information on: digital attack hotspots; emerging threats to digital security; economic damage estimates; top hacker groups; most vulnerable operating systems; and trends for vulnerabilities

NOTES

1 Phishing: the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

2 Malware: short for malicious software designed specifically to damage or disrupt a system.

3 Zombie: a computer that has been implanted with a program that puts it under the control of a malicious hacker without the knowledge of the computer owner.