Wednesday, February 20, 2013

Not Fighting Hacking With Hacking

It seems "hackers from China" is a common news story these days, but a fascinating article on the The New York Times added more perspective and details based on a recent study:
An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups — known to many of its victims in the United States as “Comment Crew” or “Shanghai Group” — to the doorstep of the military unit’s headquarters. The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area.

“Either they are coming from inside Unit 61398,” said Kevin Mandia, the founder and chief executive of Mandiant, in an interview last week, “or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
The full article can be found in English here and in Chinese (simplified) here.

The AP reports on a possible response:
As public evidence mounts that the Chinese military is responsible for stealing massive amounts of U.S. government data and corporate trade secrets, the Obama administration is eyeing fines and other trade actions it may take against Beijing or any other country guilty of cyberespionage.

According to officials familiar with the plans, the White House will lay out a new report Wednesday that suggests initial, more-aggressive steps the U.S. would take in response to what top authorities say has been an unrelenting campaign of cyberstealing linked to the Chinese government.
The full article can be found here.

I'll refrain from commenting on the hacking incidents other than to say they don't sound good and China is not the only country connected to large scale cyberstealing. But the U.S. not "fighting fire with fire" and instead responding with other measures to deter hacking has inspired me to share a personal experience.

While living in a college dormitory many years ago, I became the owner of a new top-of-line computer. I think it had more than 100 MB of hard drive space. Many of my friends thought I would never be able to fill it up. Ah, the good old days...

It was not long before I discovered signs someone had inappropriately accessed my computer and caused some minor mischief. I could not fully control access to my shared dorm room, so I added a layer of security to my computer. But I soon discovered that someone had found their way through it. I then had a suspect in mind since there was only one person living in my section of the dorm who had both the skills and the mindset to do it. When I saw him next, I asked him to stop. Although he did not explicitly admit to it, his response left me all the more sure he was the culprit.

Not having faith my request would have the desired effect, I added yet another layer of security to my computer. However, it was not long before I discovered it too had been "cracked". I then researched other possible security measures and came to a disturbing conclusion: even I could imagine a way through the best security I discovered. Securing my computer seemed impossible, and I had no desire to engage in a hacking battle.

Clearly, it was time to "think outside of the box".

In this case, what first came to mind as a nonconstructive immediate response provided the seed for a possible solution. I walked down the hall and into the room of the suspect. I explained to him that I was not aware of any security for my computer that could stop him from accessing it. And in a tone that left no doubt about my seriousness I added, "If you ever touch my computer again, I'm taking a hammer to yours."

He looked stunned. I walked out.

I'm not saying this provides the blueprint for the best response, or even a feasible one, in all cases. But in this case...

I had no more problems.

No comments:

Post a Comment