Here's laughing at you ... a Malaysian  website under attack.

Here's laughing at you ... a Malaysian website under attack. Photo: AFP

Late last month, the US media group PBS ran a strange story on its website. ''Prominent rapper Tupac has been found alive and well in a small resort in New Zealand,'' it reported. ''The small town - unnamed due to security risks - allegedly housed Tupac and Biggie Smalls [another rapper] for several years.''

For two reasons, this was a surprising piece of journalism. First, Tupac died in 1996. Second, the piece wasn't written by PBS. It had been planted on their site by a group called Lulz Security, a loose collective of anonymous hackers who wanted revenge for a recent PBS program that criticised WikiLeaks.

''Greetings, Internets,'' Lulz wrote on their own website. ''We just finished watching WikiSecrets and were less than impressed. We decided to sail our Lulz Boat over to the PBS servers for further … perusing.'' Above the message the tagline: ''Set sail for fail!''

A message from  Lulz Security.

A message from Lulz Security.

The extraordinary episode was by no means isolated. In March, hackers stole a database of email addresses from the marketing group Epsilon in what one commentator called the largest email address heist in history. Then the computer security firm RSA had their servers breached in an attack that may have led to the hacking of defence giant Lockheed Martin, an RSA client. In April, persons unknown cracked Sony's PlayStation network and stole 77 million users' data. And in the past month, the IMF, Citibank, the Spanish police, Google, the Turkish and Malaysian governments, the US Senate and (earlier this week) the CIA have all been hacked.

In simple terms, there are three kinds of attack taking place. Hacktivism is the most prominent: raids by amateur groups such as Lulz (who took down sites belonging to the CIA, the Senate and the Spanish police) or Anonymous (PayPal, PlayStation, MasterCard and Visa), for fun - ''for the lulz'' - or, increasingly, as an act of political protest. There is the criminal kind: professionals hunting for credit card details or email address directories. Finally, there's state-sponsored espionage, or even cyber-warfare. ''Google, RSA, Lockheed Martin, IMF - the strong suspicion is all those were state-sponsored, or state-approved,'' Dave Clemente, a cyber security expert at Chatham House, the international affairs experts, said..

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.