Collaboration

Don't assume you know where hackers are coming from

See where the MiMail worm and many other Internet threats may actually be coming from.


This article is from TechRepublic's Internet Security Focus e-newsletter. Sign up instantly to begin receiving the Internet Security Focus e-newsletter in your inbox.

The mainstream media has traditionally been most interested in the sensational issues of Internet security. Judging from the content of many of the articles I've recently read, there's little doubt that the highly technical aspects of Internet security are of little interest to the mainstream media.

For example, there was little more than a sentence devoted to explaining that the creation of MiMail, a mass-mailing worm, was for the express purpose of tricking PayPal users into divulging their account information. MiMail was no simple "hack"—it is a sophisticated worm.

The stereotypical view of teenage whiz kids or disgruntled computer programmers as the source of malicious code such as MiMail is often incorrect. The fact is that many experts now believe that MiMail is the work of skilled programmers operating in Eastern Europe, who launched a well-planned attack.

So forget those stereotypical images of poorly lit rooms with adolescents plotting to cause mischief so often associated with hackers. The hackers responsible for many of the recent wide-scale exploits often align themselves with organized criminal gangs, many of which operate in Eastern Europe.

They are "professional" hackers, available for hire in much the same fashion as mercenaries. Several special circumstances make Eastern Europe a hotbed for hacker activity. It has a large population of highly educated unemployed workers, often unstable governments, and widespread criminal activity.

During a recent visit to Ukraine, I had the opportunity to learn more about the forces in Eastern Europe that have merged to produce, in my opinion, the largest single threat to Internet security. In Ukraine, higher education is readily available, and it's quite common for people in their twenties to have at least two advanced degrees. But in contrast to this high rate of literacy and education, poverty is also high.

Emerging governments and poor economic conditions continue to contribute to wide-scale criminal activity. Software piracy is rampant, and there are no monetary restrictions on obtaining software. But in my opinion, Eastern Europeans have access to the same, if not better, computer systems as most Western corporations or university computer centers—giving hackers-for-hire more job opportunities.

I fear that MiMail is only the beginning. Until economic and political conditions improve, I think we'll continue to see a great deal of Internet security problems centered in Eastern Europe.

Today's hackers come in all shapes and sizes. The common stereotypes of the young male or disgruntled "lone hacker" are becoming woefully outdated.

Fueled by organized criminal activity, hacker gangs are on the rise in Eastern Europe. Hacking and Internet security exploits are evolving from annoyances and occasional threats to full-blown criminal enterprises.

Editor's Picks

Free Newsletters, In your Inbox