A subplot in the ongoing WikiLeaks saga involves hackers targeting attacks against companies, governments, and politicians they deem hostile to the Website.
Hackers in the other camp are also attacking WikiLeaks because they consider the release of hundreds of thousands of classified communications and thousands of diplomatic cables an act of war against the United States.
In another recent high-profile attack, a group of hackers wreaked havoc on Gawker Media sites for being “arrogant.” Millions of users' names and personal data were compromised during the course of the attack. In an email sent to the Website, Mediaite, an individual with the username “Gnosis” wrote that Gawker’s “arrogance” towards the hacker community incited the attacks.
However, these are only two incidents among thousands that occur every year. Anyone involved in the electronics supply chain should be concerned, of course. But how should you react?
The hacking community has gotten smarter, more adept, and much larger during the past few years. They are also politically active, as the high-profile attacks against WikiLeaks, its foes, and Gawker show.
Not taking the hacker community seriously can be likened to when leaders throughout history ignored the angry cries of its citizens. But in today's Internet age, outraged netizens are not burning down castles or storming the Bastille. Instead, they are organizing concerted attacks against network infrastructures that could easily bring down the operations of an OEM or any firm with a direct link to the supply chain.
Actually, the overwhelming majority of so-called hackers is not interested in causing chaos, but is just curious about how software and hardware work. Cracking security codes for them is like trying to solve a puzzle, not unlike trying to figure out a complicated physics or calculus problem. Modifying the Xbox machine code or getting past a modem’s security locks are but among thousands of sample hacks.
Electronics OEMs have used the court system to react against perceived hacker threats in the past. Texas Instruments Inc. (NYSE: TXN), for example, has sent cease-and-desist letters to individuals who communicated how they cracked its calculators’ device codes. Apple Inc. (Nasdaq: AAPL) has long sought to lock down its iPhone, which, of course, has just stoked the interest of those seeking to jailbreak the device. Then there is Microsoft Corp. (Nasdaq: MSFT), which shut down more than a million of Xbox Live subscribers’ accounts worldwide last year after discovering through Internet connections that owners had hacked their consoles.
Are OEM legal attacks against hackers the smartest and most far-sighted thing to do? I leave that subject open to debate. But a potential resolution could come down to something as simple as following basic codes of respect and decency that do not necessarily overlap with following the letter of the law.
It is perfectly legal -- in Europe, anyway -- for handset OEMs to allow telecommunications service companies to lock down smartphones so that users cannot download and use Skype, while forcing consumers to pay ridiculously high prices to make a phone call from France to Greece. Or Microsoft can shut down users’ accounts for doing what they want with Xbox consoles they have purchased. Also, remember that the Gawker attacks were triggered by something as seemingly benign as perceived snottiness.
At the end of the day, it comes down to realizing that there are legions of hackers who are prepared to react if they feel that your company has stepped on their toes. Also, anyone who has input about how the supply chain is managed should realize that network attacks are not just the security department’s problem, either. Many networks remain ridiculously easy to penetrate, yet funding gets blocked by bean counters who know little about what they are up against.
So whether would-be attackers are high-minded individuals who want to make a political statement or career criminals seeking to broker stolen data, listen to what the hacking community is saying, and never say "impossible," regardless of how secure your IT system is supposed to be.
I just wish that the majority of 'hackers' were 'Intelligent students of Science', unfortunately the large majority are idiot 'script kiddies' utilizing the work of a small group of professional hackers, it is the script kiddies that provide the cover for professional hackers, purely down to the shear number of them , same as in chess a good player sacrifices the pawns.
Take a professional safe cracker, maybe it would take him years to train up someone with absolutely no knowledge in safes, and ultimately their learning would be limited by their own ability.
The difference with the internet is that it takes absolutely no skill what soever because computer programs don't work in the same way as existing knowledge systems do. As long as you have half a brain and are able to download a script or program and then run it, it is the executing program that encompasses the knowledge of the original programmer rather than the moron pressing the start button, and therein lies the danger.
We are at a stage where 24/7/365 'bot' programs are continually patrolling network systems, and doing so completely unaided by humans. Within 15-20 minutes of any device being connected to the network, the programs start examining the interfaces for exploits, if an exploit is found the results are compiled into reports and then forwarded to human decision makers.
Ultimately the issue is 'traffic volume', the more traffic there is on the network , the harder they are to detect, when they are detected most are dealt with fairly quickly.
Someone said, there is no good or evil. Only perception makes it so. Though this wouldnt really fit into the overall social scheme of things, I think this brings to the fore the heart and soul of Hacking or Cracking. While, stealing/robbing/violating/hurting/killing people and destroying assets could easily be classified as evil by most, using a technical skill and hard gained knowledge to compete against and eventually defeat a system which tries to keep out the ignorant sounds more like a fun and challenge activity. Hackers are intelligent students of a science and just because they will termed being on the evil side of things, does not stop them from seeking satisfaction from their skills. The more skilled they are the more they are confident of their invincibilty. For them the entire thing is a game where they are competing with the individuals who designed and who mantain the security systems. And who knows, they might be the same people too! And yeah, no one became a skilled hacker because they had evil intentions to start with. People lie, cheat and steal when they realise they have become competent and powerful. Isnt it true for all walks of life and not just the internet?
I remember when customer, inventory, and sales databases were standalone, and not accessible remotely, except by dial-in (the Internet hadn't been invented yet, at least not in the form we know it).
I like to keep my most important information on computers that just don't connect to the Internet. Though that's not practical where you have to share information on a real-time basis over a wide area, it does solve a lot of problems.
Yes I agree that we have to take security very seriously. I heard that with the popularity of iphone, google have been hacking our privacy such that when we access our bank accounts it catches our passwords. That is so freaking scary. So does that mean that we cannot log in to banks or other important websites via 3G networks?
There is a lot of stupidity with wireless networks.
I was in a law office the other day getting some contracts signed, tried to get network access to the internet, but the network was locked down tight....
That is until i went into the conference room and in a cupboard was a wireless router , with a strip of paper on top, giving all the Admin and user access settings.
Prior to that I was watching a bank being fitted out, a small branch single floor. Now to save money on cables and infrastructure they had installed a wireless router in the secure area then used that to link the individual cashier terminals to the main computer.
I made a mental note NEVER to use that particular bank.
With ineptitude at this level, you really do not need to be much of a hacker to gain access to sensitive computer systems.
But again we come back to the way people are, that they seem to think because they own a computer of a mobile phone that somehow they became computer experts, enabled to 'root' the systems and install all manner of unverified software, we see it now with the apple Iphone.
I like your analysis. The disparities in security protocols from one enterprise to another has always amazed me. Many IT workers just don't get the resources, either, but they get blamed for attacks.
It's funny you brought up IBM. I remember taking a tour of an IBM wafer fab in 2000 and was surprised to learn then that they were using a WiFi network. That was about the time when the first WEP code was cracked (I did not diagnose the security wall at the plant) and so many users and businesses that had WiFi left them unlocked. I imagine IBM sure has learned a lot about security practices since then.
"Maybe Internet as biggest public and shared contents worldwide repository could have common guidelines on its government.
United Nations Commission on Science andTechnology for Development (CSTD) has created past December 6th a working group on improvements to the Internet Governance Forum (IGF).
Could this help on it or it is only a dream?"
Personally I would say we need less bureaucrats sticking their noses in everything, on the whole the internet has done just fine without continual interference from the UN.
The one issue I do see with the Internet, is that for the fist time mankind is putting its reliance in technology that cannot be reliably archived in the centuries to come.
That is to say you can go digging in Egypt or Greece and find reliable remnants of a civilizations past learning we are now getting past that stage, at some time in the future if there was an 'event' that seriously impacted the infrastructure resulting in its destruction, then mankind would truly be set back further than the dark ages.
None of the learning or technology would be available. (remember 1 dead battery in your mobile phone ,brings your whole communication network crashing down), this will be the issue that dictates our future.
Openness adds value to the internet, both for service providers and users. An example of a middle ground between heavy restrictions and complete access is a gated community model.
Social networks like Facebook are a good example of this on the application layer: if you have credentials, you're in. Applying this principle to the network layer, so that a server only recognizes certain IP address, could thwart most denial-of-service attacks.
Maybe Internet as biggest public and shared contents worldwide repository could have common guidelines on its government.
United Nations Commission on Science andTechnology for Development (CSTD) has created past December 6th a working group on improvements to the Internet Governance Forum (IGF).
EBN Dialogue enables and encourages you to participate in live chats with notable leaders and luminaries. Not only editors and journalists, but the entire EBN community is able to comment and ask questions. Listed below are upcoming and archived chats.
Archived Dialogues
Thailand Stages a Comeback Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Euro-Crisis: What It Means for High-Tech Firms Join EBN Editor in Chief Bolaji Ojo and Contributing Editor Jennifer Baljko on Thursday, July 12, at 10:00 a.m. EDT for a Live Chat on high-tech and Europe's economic difficulties.
Microsoft Surface: Potential Winners & Losers What are the implications for the electronics industry supply chain of Microsoft Corp.'s decision to launch its own tablet PC? Join industry veteran and EE Times' systems and OEM expert Rick Merritt on Tuesday, July 3, at 12:00 pm EDT for a Live Chat on this subject.
Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Peter Drucker famously said "Trying to predict the future is like trying to drive down a country road at night with no lights while looking out the back window." Yet in the razor's-edge world of electronics—with a lean supply chain and just-in-time demands—the need to know the future is vital.
You've heard the saying "the No. 1 supply chain risk is your people." That hasn't always been the case. But today's complex global supply chain requires a new type of multitalented employee. It's one who understands, finance, marketing, economics, is savvy with technology, graceful with relationships and can think analytically.
Where are these people? Are universities properly preparing the next generation supply chain professionals? How do train your existing workforce for these new, demanding positions?
Brian Fuller, editor-in-chief of EBN, will lead a 60-minute Avnet Velocity panel discussion that will ask and answer these and other questions swirling around today's supply-chain talent challenges.
To save this item to your list of favorite EBN content so you can find it later in your Profile page, click the "Save It" button next to the item.
If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This