Information Warfare: Black Hat Contractors and Sanctuary

Archives

December 15, 2007: If you thought contractors played a big role in Iraq, then consider their growing importance in Cyber War operations. That war is going on right now, with China the primary aggressor. Some nations, like Britain and Germany, are openly accusing China of unleashing Internet based espionage efforts on them. What's most troubling is that, while Western nations are having their government and military networks hacked by the Chinese, the tools used are those developed by criminal gangs for the kinds of Internet based crime we are all subject to. It's pretty obvious that a government is behind all these hacks against government sites. Most of the information being taken is only of value to another government. There is no indication of such information being shopped around in the black hat flea markets. But all this stuff is being stolen by mercenaries, or government hackers using the same tools the Internet gangs developed.

That spotlights another problem. The Internet criminals have spurred rapid advances in software development. Internet based crime has spurred a great deal of competition to develop better tools (malware) for stealing. This has always been the case with malware (Internet viruses, worms and other nasties), because of the inherently competitive ("can you top this") nature of many programmers. But as criminal gangs have moved into the Internet over the last decade, the competition has gotten even more intense. The programmers can now make big money for their inventions, and the pace of development has accelerated.

Some nations have tried to compete with the hacker underground, but have found themselves left in the dust. Most of the good new ideas come from this vast criminal underground, and programmers working for governments cannot keep up. The Chinese and Russians (and other nations) have cut deals with some of the gangs to get the newest software, or custom made stuff for special operations (like penetrating military sites in the West). The Internet gangs go along with this because national intelligence or Cyber War organizations can offer an Internet gang sanctuary. Thus many criminal Internet operations are based in Russia and China. Other nations complain about all the Internet crime coming out of these sanctuary nations, but nothing happens. Nothing, that is, except cooperating between the criminal malware developers and the Cyber War agencies of the countries protecting the gangs.

This sort of thing doesn't work very well in the West. Too many journalists looking for a headline, and nothing beats "CIA Employs Internet Criminals." But in the United States, the intel and Internet security people are well aware that the best defense is a good offensive. Even without hiring the black hat programmers, you can obtain a lot of their code by just grabbing the stuff in the wild, dissecting it, and turning it to your own purposes. Getting permission to use this stuff against nations that are already attacking the U.S. via the Internet is another matter. The debate over this rages on, as does the Cyber War that has been under way for some years now.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contributions. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   Contribute   Close