3Qs: Analyzing the cybersecurity threat posed by hackers

Jun 05, 2012 By Casey Bayer

Two weeks ago, Anony­mous, a global group of hackers, suc­cess­fully infil­trated the Depart­ment of Justice’s system and released stolen data. At the same time,  al-​​Qaida, the inter­na­tional ter­rorist orga­ni­za­tion, released a video calling for an “elec­tronic jihad” on the United States. Northeastern University news office asked Themis Papa­george, an asso­ciate clin­ical pro­fessor in the Col­lege of Com­puter and Infor­ma­tion Sci­ence, and the director of the college’s infor­ma­tion assur­ance pro­gram, to ana­lyze the threat posed by rogue hacker groups and what the U.S. gov­ern­ment can do to pro­tect itself against future attacks.

This isn't the first time the Department of Justice was hacked. What do groups such as Anonymous accomplish by hacking into these networks and releasing data? What is the motivation behind their attacks?

Groups like Anony­mous are becoming a crit­ical threat to society and national secu­rity: They attack gov­ern­ment, public and pri­vate com­pa­nies, and indi­vid­uals’ net­works and com­puter sys­tems mul­tiple times every day. When they breach a com­puter system they steal data and many times install mali­cious soft­ware pro­grams that, unbe­knownst to the sys­tems’ owners, allow for future access by the and con­tin­uous leaking of con­fi­den­tial data.

Stolen data can vary from pro­pri­etary product infor­ma­tion and other intel­lec­tual prop­erty to national-​​security data. Anony­mous and sim­ilar groups can embar­rass a gov­ern­ment or a com­pany by breaching its net­works and com­puter sys­tems and can also gain finan­cially by selling the stolen data.

The moti­va­tion of hacker groups such as Anony­mous is a key com­po­nent of the threat analysis that we teach in infor­ma­tion assur­ance courses at North­eastern. Threat agents, such as Anony­mous group mem­bers, are moti­vated by many fac­tors, ranging from per­sonal gain to revenge, peer recog­ni­tion, curiosity, and crime; to polit­ical, reli­gious and sec­ular influ­ence; and poten­tially to ter­rorism and national mil­i­tary objec­tives. We train our stu­dents to assess the cyber­se­cu­rity risk posed by each group by ranking these moti­va­tion factors.

What can government do to thwart future breaches? What challenges do federal entities face in protecting themselves from hackers?

We need to defend more effec­tively against such groups, both from a tech­nical capa­bil­i­ties per­spec­tive as well from a con­tex­tual per­spec­tive. Gov­ern­ment and public orga­ni­za­tions need to con­sis­tently imple­ment risk-​​based tech­nical coun­ter­mea­sures and con­trols for net­works and com­puter sys­tems, along with poli­cies and user awareness.

Many times a cyber­se­cu­rity con­trol, such as a soft­ware patch, may be avail­able for months before it is impliemented. People can be our most capable fire­wall by training employees to defend against social engi­neering. It is impor­tant to know not to click on a mali­cious attach­ment in an email and not to pro­vide con­fi­den­tial infor­ma­tion to an uniden­ti­fied tele­phone caller. User training and aware­ness are some of the valu­able com­po­nents in secu­rity risk management.

The greatest chal­lenges facing fed­eral enti­ties come from a lim­ited knowl­edge of the threat agents’ modus operandi.

Since the attackers have the advan­tage of choosing the method and time of attack, fed­eral agen­cies could make risk-​​based deci­sions by defending against the most dam­aging attacks only by having access to a com­pre­hen­sive and cur­rent data set of attacks and methods. This can be accom­plished by sharing attack and method data and sce­narios across fed­eral agen­cies and public com­pa­nies. This strategy would help build effec­tive net­work and com­puter system secu­rity con­trols, coun­ter­mea­sures, poli­cies and inci­dent response strategies.

Al-Qaida has called for an "electronic jihad," promoting attacks on a range of online targets. Is there evidence that a network of al-Qaida operatives could plan coordinated attacks?

Al-​​Qaida has a well-​​documented record as a ter­rorist group with mul­tiple phys­ical attacks. In terms of orga­ni­za­tional struc­ture, hacker groups have been a col­lec­tion of indi­vidual threat agents with net­working abil­i­ties (ini­tially using the Internet and also later tech­nolo­gies such as Peer-​​to-​​Peer and Bit­Tor­rent) to talk about their exploits and share mali­cious tools. Al-​​Qaida is reported to have a hier­archy but seems to operate as a net­work of semi­au­tonomous cells of threat agents whose actions are thus even more dif­fi­cult to pre­dict and stop.

There­fore, if al-​​Qaida were to acquire the tech­nical capa­bil­i­ties of a hacker group such as Anony­mous, they would be a very cred­ible and high-​​risk cyber­se­cu­rity threat. Plan­ning and exe­cuting coor­di­nated attacks in the cyber­se­cu­rity domain is very dif­ferent from exe­cuting attacks in the phys­ical secu­rity domain, because the space and time con­straints of phys­ical attacks are con­sid­er­ably reduced in the cyber domain. It may take weeks or months to plan a cyber­se­cu­rity attack, but it could only take a few min­utes to launch a denial-​​of-​​service attack, using a botnet of com­puters belonging to unsus­pecting com­pa­nies and indi­vid­uals, and poten­tially bring down a com­po­nent of crit­ical infrastructure.

Explore further: Chinese access to Gmail cut, regulators blamed (Update)

add to favorites email to friend print save as pdf

Related Stories

Convenience leads to corpulence

Apr 06, 2011

Two of the biggest influences on children — parents and schools — may unintentionally contribute to childhood obesity. That's the observation of Susan Terwilliger, clinical as­sociate professor in the Decker ...

Coactivator stokes continuing fire of endometriosis

Jun 04, 2012

(Medical Xpress) -- Endometriosis, which can cause severe pain and even infertility in the estimated 8.5 million U.S. women it affects, is driven by one of the cell's master regulators ­ steroid receptor coactivator ...

First study to measure value of marine spatial planning

Mar 05, 2012

The ocean is becoming an increasingly crowded place. New users, such as the wind industry, compete with existing users and interests for space and resources. With the federal mandate for comprehensive ocean planning made ...

Teenage pregnancy is not a racial issue

Feb 07, 2012

While researchers have long set to determine if there is a tie between race and teenage pregnancy, according to a new study, equating black teenagers with the problem of teenage pregnancy is a misrepresentation of today's ...

Sony PS3 boss: 'No turning back' despite hacks

Jun 07, 2011

(AP) -- The head of the Sony Corp. unit that makes the PlayStation 3 game console says there's no going back on a push to offer always-connected play despite a series of hacking attacks that downed its network and will cost ...

Recommended for you

Chinese access to Gmail cut, regulators blamed (Update)

5 hours ago

Chinese access to Google Inc.'s email service has been blocked amid government efforts to limit or possibly ban access to the U.S. company's services, which are popular among Chinese who seek to avoid government ...

N. Korea suffers another Internet shutdown

Dec 27, 2014

North Korea suffered an Internet shutdown for at least two hours on Saturday, Chinese state-media and cyber experts said, after Pyongyang blamed Washington for an online blackout earlier this week.

Streaming release of 'Interview' test for industry

Dec 25, 2014

Sony's "The Interview" has been a hacking target, a punchline and a political lightning rod. Now, with its release online at the same time it debuts in theaters, it has a new role: a test for a new kind of ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.