3Qs: Analyzing the cybersecurity threat posed by hackers

Jun 05, 2012 By Casey Bayer

Two weeks ago, Anony­mous, a global group of hackers, suc­cess­fully infil­trated the Depart­ment of Justice’s system and released stolen data. At the same time,  al-​​Qaida, the inter­na­tional ter­rorist orga­ni­za­tion, released a video calling for an “elec­tronic jihad” on the United States. Northeastern University news office asked Themis Papa­george, an asso­ciate clin­ical pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence, and the director of the college’s infor­ma­tion assur­ance pro­gram, to ana­lyze the threat posed by rogue hacker groups and what the U.S. gov­ern­ment can do to pro­tect itself against future attacks.

This isn't the first time the Department of Justice was hacked. What do groups such as Anonymous accomplish by hacking into these networks and releasing data? What is the motivation behind their attacks?

Groups like Anony­mous are becoming a crit­ical threat to society and national secu­rity: They attack gov­ern­ment, public and pri­vate com­pa­nies, and indi­vid­uals’ net­works and com­puter sys­tems mul­tiple times every day. When they breach a com­puter system they steal data and many times install mali­cious soft­ware pro­grams that, unbe­knownst to the sys­tems’ owners, allow for future access by the and con­tin­uous leaking of con­fi­den­tial data.

Stolen data can vary from pro­pri­etary product infor­ma­tion and other intel­lec­tual prop­erty to national-​​security data. Anony­mous and sim­ilar groups can embar­rass a gov­ern­ment or a com­pany by breaching its net­works and com­puter sys­tems and can also gain finan­cially by selling the stolen data.

The moti­va­tion of hacker groups such as Anony­mous is a key com­po­nent of the threat analysis that we teach in infor­ma­tion assur­ance courses at North­eastern. Threat agents, such as Anony­mous group mem­bers, are moti­vated by many fac­tors, ranging from per­sonal gain to revenge, peer recog­ni­tion, curiosity, and crime; to polit­ical, reli­gious and sec­ular influ­ence; and poten­tially to ter­rorism and national mil­i­tary objec­tives. We train our stu­dents to assess the cyber­se­cu­rity risk posed by each group by ranking these moti­va­tion factors.

What can government do to thwart future breaches? What challenges do federal entities face in protecting themselves from hackers?

We need to defend more effec­tively against such groups, both from a tech­nical capa­bil­i­ties per­spec­tive as well from a con­tex­tual per­spec­tive. Gov­ern­ment and public orga­ni­za­tions need to con­sis­tently imple­ment risk-​​based tech­nical coun­ter­mea­sures and con­trols for net­works and com­puter sys­tems, along with poli­cies and user awareness.

Many times a cyber­se­cu­rity con­trol, such as a soft­ware patch, may be avail­able for months before it is impliemented. People can be our most capable fire­wall by training employees to defend against social engi­neering. It is impor­tant to know not to click on a mali­cious attach­ment in an email and not to pro­vide con­fi­den­tial infor­ma­tion to an uniden­ti­fied tele­phone caller. User training and aware­ness are some of the valu­able com­po­nents in secu­rity risk management.

The greatest chal­lenges facing fed­eral enti­ties come from a lim­ited knowl­edge of the threat agents’ modus operandi.

Since the attackers have the advan­tage of choosing the method and time of attack, fed­eral agen­cies could make risk-​​based deci­sions by defending against the most dam­aging attacks only by having access to a com­pre­hen­sive and cur­rent data set of attacks and methods. This can be accom­plished by sharing attack and method data and sce­narios across fed­eral agen­cies and public com­pa­nies. This strategy would help build effec­tive net­work and com­puter system secu­rity con­trols, coun­ter­mea­sures, poli­cies and inci­dent response strategies.

Al-Qaida has called for an "electronic jihad," promoting attacks on a range of online targets. Is there evidence that a network of al-Qaida operatives could plan coordinated attacks?

Al-​​Qaida has a well-​​documented record as a ter­rorist group with mul­tiple phys­ical attacks. In terms of orga­ni­za­tional struc­ture, hacker groups have been a col­lec­tion of indi­vidual threat agents with net­working abil­i­ties (ini­tially using the Internet and also later tech­nolo­gies such as Peer-​​to-​​Peer and Bit­Tor­rent) to talk about their exploits and share mali­cious tools. Al-​​Qaida is reported to have a hier­archy but seems to operate as a net­work of semi­au­tonomous cells of threat agents whose actions are thus even more dif­fi­cult to pre­dict and stop.

There­fore, if al-​​Qaida were to acquire the tech­nical capa­bil­i­ties of a hacker group such as Anony­mous, they would be a very cred­ible and high-​​risk cyber­se­cu­rity threat. Plan­ning and exe­cuting coor­di­nated attacks in the cyber­se­cu­rity domain is very dif­ferent from exe­cuting attacks in the phys­ical secu­rity domain, because the space and time con­straints of phys­ical attacks are con­sid­er­ably reduced in the cyber domain. It may take weeks or months to plan a cyber­se­cu­rity attack, but it could only take a few min­utes to launch a denial-​​of-​​service attack, using a botnet of com­puters belonging to unsus­pecting com­pa­nies and indi­vid­uals, and poten­tially bring down a com­po­nent of crit­ical infrastructure.

Explore further: Fitbit to Schumer: We don't sell personal data

add to favorites email to friend print save as pdf

Related Stories

Convenience leads to corpulence

Apr 06, 2011

Two of the biggest influences on children — parents and schools — may unintentionally contribute to childhood obesity. That's the observation of Susan Terwilliger, clinical as­sociate professor in the Decker ...

Coactivator stokes continuing fire of endometriosis

Jun 04, 2012

(Medical Xpress) -- Endometriosis, which can cause severe pain and even infertility in the estimated 8.5 million U.S. women it affects, is driven by one of the cell's master regulators ­ steroid receptor coactivator ...

First study to measure value of marine spatial planning

Mar 05, 2012

The ocean is becoming an increasingly crowded place. New users, such as the wind industry, compete with existing users and interests for space and resources. With the federal mandate for comprehensive ocean planning made ...

Teenage pregnancy is not a racial issue

Feb 07, 2012

While researchers have long set to determine if there is a tie between race and teenage pregnancy, according to a new study, equating black teenagers with the problem of teenage pregnancy is a misrepresentation of today's ...

Sony PS3 boss: 'No turning back' despite hacks

Jun 07, 2011

(AP) -- The head of the Sony Corp. unit that makes the PlayStation 3 game console says there's no going back on a push to offer always-connected play despite a series of hacking attacks that downed its network and will cost ...

Recommended for you

Fitbit to Schumer: We don't sell personal data

12 hours ago

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

17 hours ago

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

Philippines makes arrests in online extortion ring

18 hours ago

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

Google to help boost Greece's tourism industry

Aug 21, 2014

Internet giant Google will offer management courses to 3,000 tourism businesses on the island of Crete as part of an initiative to promote the sector in Greece, industry union Sete said on Thursday.

Music site SoundCloud to start paying artists

Aug 21, 2014

SoundCloud said Thursday that it will start paying artists and record companies whose music is played on the popular streaming site, a move that will bring it in line with competitors such as YouTube and Spotify.

User comments : 0