Wednesday, January 18, 2017

We are completely exposed. Hackers have nothing to boast about.

Writing for Bloomberg, Leonid Bershidsky finds that hacking seems to have become a public sport, which is bad. While the world was fixated on the hacking of emails of the Democratic National Committee, by someone calling himself Guccifer 2.0, no one noticed that another group calling itself Shadow Brokers were boasting of acquiring a huge cache of malware, by hacking into another group of hackers, they called the Equation Group. The malware obtained from the Equation Group was targeting Iran, Russia, Pakistan, India, Afghanistan and China. This led to the conclusion that the Equation Group is none other than the National Security Agency, which was tapping into phone calls of heads of state of friendly nations, such as Germany, for decades. What goes round, comes round. Shadow Brokers announced that they were 'going dark' after failing to attract any buyers for their material. On the same day Guccifer 2.0 reappeared, denying that he had any connections to Russia and accusing US intelligence of fabricating evidence. While Russians like to disguise themselves the US is open with its accusations. "The tools that have been revealed and analysed so far are meant for intelligence gathering and disrupting critical infrastructure," writes Bershidsky. "Now that knowledge is in the open, used for threats and innuendo-filled media reports. This is no longer cyber espionage, it's a publicity war." Since this is a new type of warfare its rules have to be written. Couple of weeks back Pakistani hackers defaced the National Security Guard website. The NSG is an elite anti-terrorist unit whose training is so tough that up to 70% of recruits are forced to drop out. Israelis are experts in hacking into any smartphone that exists. A US company, calling itself NSO, has its offices in Israel and was apparently responsible for creating the Stuxnet virus that disrupted Iranian centrifuges, enriching uranium. An Israeli company, called Cellebrite, sells its services to police forces around the world, to break into phones used by criminals. They claim to be able to break into any phone that exists. If the US is unable to protect its servers, what hope has India got? Turns out, not much. In October, 3.2 million ATM machines were hacked. A hacker group, Legion, claimed responsibility and said that our banks' security is deeply flawed. Another group, Suckfly, has targeted government systems. The Scorpene submarine systems were hacked. Firewalls are expensive so banks and government agencies are not going to update them. The government is forcing us to link our biometric Aadhar details to our bank accounts. As identity theft is the commonest form of cyber crime anyone will be able to steal our details from banks. Terrorists will use stolen identities and government goons will persecute innocent citizens. They should use identities of politicians.

No comments: