December 15, 2007:
If you
thought contractors played a big role in Iraq, then consider their growing
importance in Cyber War operations. That war is going on right now, with China
the primary aggressor. Some nations, like Britain and Germany, are openly
accusing China of unleashing Internet based espionage efforts on them. What's
most troubling is that, while Western nations are having their government and
military networks hacked by the Chinese, the tools used are those developed by
criminal gangs for the kinds of Internet based crime we are all subject to.
It's pretty obvious that a government is behind all these hacks against
government sites. Most of the information being taken is only of value to
another government. There is no indication of such information being shopped
around in the black hat flea markets. But all this stuff is being stolen by
mercenaries, or government hackers using the same tools the Internet gangs
developed.
That spotlights another
problem. The Internet criminals have spurred rapid advances in software
development. Internet based crime has spurred a great deal of competition to
develop better tools (malware) for stealing. This has always been the case with
malware (Internet viruses, worms and other nasties), because of the inherently
competitive ("can you top this") nature of many programmers. But as criminal
gangs have moved into the Internet over the last decade, the competition has
gotten even more intense. The programmers can now make big money for their
inventions, and the pace of development has accelerated.
Some nations have tried to
compete with the hacker underground, but have found themselves left in the
dust. Most of the good new ideas come from this vast criminal underground, and
programmers working for governments cannot keep up. The Chinese and Russians
(and other nations) have cut deals with some of the gangs to get the newest
software, or custom made stuff for special operations (like penetrating
military sites in the West). The Internet gangs go along with this because
national intelligence or Cyber War organizations can offer an Internet
gang sanctuary. Thus many criminal
Internet operations are based in Russia and China. Other nations complain about
all the Internet crime coming out of these sanctuary nations, but nothing
happens. Nothing, that is, except cooperating between the criminal malware
developers and the Cyber War agencies of the countries protecting the gangs.
This sort of thing doesn't
work very well in the West. Too many journalists looking for a headline, and
nothing beats "CIA Employs Internet Criminals." But in the United States, the
intel and Internet security people are well aware that the best defense is a
good offensive. Even without hiring the black hat programmers, you can obtain a
lot of their code by just grabbing the stuff in the wild, dissecting it, and
turning it to your own purposes. Getting permission to use this stuff against
nations that are already attacking the U.S. via the Internet is another matter.
The debate over this rages on, as does the Cyber War that has been under way
for some years now.