Hacking Made Easier, Thanks To User-Friendly Tools | WAMU 88.5 - American University Radio

NPR : News

Filed Under:

Hacking Made Easier, Thanks To User-Friendly Tools

Time was when it took a fair amount of expertise to launch the kinds of illegal computer attacks that have become the hallmarks of "hacktivist" groups like Anonymous.

Today, just about anyone can download user-friendly software capable of crippling websites. One such tool is LOIC [Low Orbit Ion Cannon], which was used in Anonymous' attack on MasterCard, Visa and other companies late last year.

It's rumored that the group will release another weapon, called #RefRef, on Saturday.

Mark Rasch, who led the Justice Department's computer crime efforts for eight years, says that while some hacktivists are skilled programmers, many simply download easy-to-use denial of service software or fall into the category of "script kiddies" — a pejorative term reserved for people who use off-the-shelf hacking tools.

"A script kiddie can download tools off the Net without creating their own, and try all of them to find vulnerability," he says.

Barrett Lyon, the founder of Florida-based Prolexic Technologies, which specializes in protecting against computer assaults, agrees.

"The problem is that the tools are pretty easy to get, and anyone who wants to launch these attacks can," Lyon says. "They just have to have the gall to decide to do it and to put themselves at risk of being caught."

There's also a feeling of relative immunity that comes with being online, Lyon says.

"It's really hard to arrest 30,000 people with evidence that is rock solid," he says. "Maybe I would get arrested, but my neighbor was using my Wi-Fi and [the authorities] thought I was running the software, but it's really my neighbor or even someone driving by in their car."

Lyon describes a distributed denial of service, or DDoS, attack this way: "Say you owned a restaurant. One day, 100,000 people all in ski masks show up and order nothing. ... The people are the data, and you have to sort through to find those who have legitimate reservations, and separate them from the people who are just trying to cause problems."

Online, it works something like this:

"Someone will say, 'Let's DDoS PayPal for their stopping processing services for WikiLeaks,' " explains New York University professor Gabriella Coleman. "One person takes the initiative to put the idea out there, and if there seems to be enough support and enough technical resources, they might go forward.

"A lot of operations have that kind of life to them," she says. "They throw spaghetti on the wall, and some things stick, some things don't. Oftentimes when it sticks it's because they got some good media coverage and then a lot of people joined in."

More often than not, experts say, the target isn't expecting the attack — and that makes it difficult to defend against.

One way to prepare is to monitor chat rooms and social media sites to get a jump on the identity of the next target. But for law enforcement, that kind of surveillance presents a challenge, says Nancy Kolb, director of the Center for Social Media at the International Association of Chiefs of Police.

"It can be a very resource-heavy endeavor," she says. "Most law enforcement agencies don't have the ability to monitor 24/7, so they might rely on a third party to do that."

Copyright 2011 National Public Radio. To see more, visit http://www.npr.org/.

NPR

Resurrected 'E.T.' Atari Games Fetch Thousands On EBay

Atari games that have been uncovered in a New Mexico landfill have sold for more than $37,000 dollars on eBay so far. One of the buyers explains why he paid hundreds of dollars for what is essentially 30-year-old garbage.
NPR

Sandwich Monday: The Thanksgiving Hot Durkey

For this week's Sandwich Monday, we make our own holiday turkey — out of hot dogs.
NPR

House Committees Find No Wrongdoing In 2012 Benghazi Attack

Two House committees of jurisdiction have found no wrongdoing in the 2012 attack on the American diplomatic post in Benghazi, Libya. The House Select Committee created by a House vote this year will nevertheless press on with its own investigation.
NPR

Resurrected 'E.T.' Atari Games Fetch Thousands On EBay

Atari games that have been uncovered in a New Mexico landfill have sold for more than $37,000 dollars on eBay so far. One of the buyers explains why he paid hundreds of dollars for what is essentially 30-year-old garbage.

Leave a Comment

Help keep the conversation civil. Please refer to our Terms of Use and Code of Conduct before posting your comments.