Famous for 14 minitues : Hacking culture
In this excerpt from "The dotCrime Manifesto: How to Stop Internet Crime," security pioneer Phillip Hallam-Baker traces the development of the hacking culture from pranksters and bullies, to sophisticated professionals, and explores the responsibilities the government and businesses share for stopping Internet crime.
Today, more and more criminals are turning their attention to file transfers that carry consumer identifying data. Many organizations move this information with file transfer protocol (FTP), and these servers are proving to be easy targets for thieves. Encryption may seem like an easy fix, but there is no easy answer to this complicated problem.
It is often said that generals always prepare to fight the last war. A risk that is anticipated and planned for can usually be averted. It is the unplanned-for risks that overwhelm us. The appearance of professional Internet criminals was predicted in fiction long before the Internet became a mass medium. During the early years of the Web, we spent a great deal of time and energy looking for ways to defeat the professional thief. The mischief maker, the prankster, and the juvenile delinquent were overlooked.
Then a group of hackers cracked the Web site of the CIA.
The attack did not result in the loss of classified information, did not disrupt the work of the agency, and did not threaten the critical infrastructure. Nevertheless, the damage to the agency’s reputation was considerable. In the 1960s and 1970s, a standard move for the plotters of a military coup was to take over the national television and radio stations. A group of teenage vandals had managed the cyberspace equivalent.
As the overlooked risk became the concern, the anticipated risk was forgotten. Companies building Web sites learned to think of Internet security in terms of protecting their brand from embarrassment. Users learned that they could use the Internet without concern for their own security because government regulations make financial institutions such as credit card companies responsible for risk.
