Peter Cochrane's Blog: The truth about hacking

Forget the spotty geek: more sinister forces are at work...

Written in The Gadget Show offices in Birmingham while waiting to go on set. Dispatched to via 3G connection.

Hacking is often portrayed as a lone geek activity by the media but the reality is far more worrying.

The common perception of the hacker is a spotty teenager on a PC in a bedroom, working his way into government sites or causing mayhem in the banking network. If only. The truth is far removed from that stereotype and much more complex.

As ever, the threat is not the one most reported in the media, or indeed one we can easily identify and deter. It often involves uninvited visitors doing their work and then leaving undetected.

Such threats are beyond the resources of the lone hobbyist or even the small security company. They originate in extremely wealthy, technically capable and dedicated organisations, as indicated in this graphic below, which categorises resources against perpetrators - from loners to government agencies.

peter cochrane

Plotting the hacking threat
Image credit: Peter Cochrane

In this realm resources come in four distinct categories: education and expertise, connectivity, machines, and money. Both axes on the graph are logarithmic as the money invested by the top echelon is measured in billions, with thousands of dedicated people and PhDs in mathematics and computer science thick on the ground.

Against such forces, what chance does the individual or small company have? None.

So how do lone operators enjoy any success at all? Bad design, a lack of attention to detail, and more resources devoted to attacking than defending. Medieval castles eventually failed due to the arrival of the cannon, and firewalls have failed for similar reasons.

What can we do? Not much. We should certainly design well, use multiple layers of protection, and then assume that someone can still penetrate our defences if they really want to. On the attackers' side are a single dominant OS and the laxity and stupidity of people.

My OS is not one in dominant use and all my machines have firewalls. So do my hubs, my network and my ISP. At a minimum I have two firewalls in place, and at best this measure extends to a concatenation of four.

And I've added a further twist. These firewalls use different hardware and software and automatically change configuration from time to time. But I still assume someone is on the inside watching and listening, and operate accordingly.