In the1983 movie WarGames, a teenager with a modem nearly triggered World War III. It was pure fiction, of course.
Then, just last week, a group calling itself Masters of Downloading claimed it had stolen a suite of programs used to run classified US military networks and satellites from the Defense Information Systems Agency.
Previously, most of the reported “attacks” on U.S. government sites took the form of vandalism: Web pages were defaced, altered or replaced. Actually stealing software from a Defense computer is on a whole other level, especially software which the 15 Masters of Downloading (eight Americans, five Britons and two Russians) claim could be used to shut down the entire Defense Information Systems Network, crippling the U.S. military.
The Department of Defense has played down the attack, saying the software is unclassified, but the Masters of Downloading say the information that can be gleaned from it puts highly classified data at risk. They say they’ll release another suite of sensitive programs, used to track and communicate with submarines, in a few days.
All of this has thrust computer “hackers” back into the spotlight, just like WarGames did 15 years ago. Hacking, however, is even older than that: it’s been around almost as long as computers.
The first generation of hackers emerged in universities in the 1960s and early 1970s. Hackers loved computers and wanted to squeeze every bit of potential from them. At the time, programming was so slow and time-consuming that it was easier to force an existing program to do what you wanted than to create an entirely new program. The process was a lot like turning a table into, say, a stool with the use of an axe: hence, “hacking.”
That first generation of hackers turned mainframe computers into something approximating personal computers by “time-sharing” computing power. The second generation of hackers, a few years later, invented real personal computers. They had an aversion to the kind of corporate-culture mainframe computers epitomized by IBM; for the most part, they were serious counterculture types who coined aphorisms like, “Access to computers should be unlimited and total,” “All information should be free,” and “Mistrust authority–promote decentralization.” The most famous second-generation hackers, Steve Jobs and Steve Wozniak, who invented the Apple computer, previously developed and sold “blue boxes” that let you make free phone calls.
The third generation of hackers, in the early 1980s, developed the first personal computer programs, like Lotus 1-2-3. And then there’s the fourth generation of hackers, today’s, whose focus is the Internet.
Most hackers are harmless. They love the challenge of breaking into a supposedly secure computer, but they’re not malicious. In fact, they’ll sometimes post a message to the system administrator telling him how he can plug his security leak. But a small percentage of hackers are criminal hackers (which the “good-guy” hackers would prefer you to call “crackers”)..
Malicious hacks come in four flavors: disclosure of information (i.e., credit-card numbers), destruction of data, alteration of data (a student “fixing” his grades) and denial-of-service attacks, which clog up targeted computers so they lose their Internet connection.
In a recent survey, 75 percent of 563 American corporations, financial institutions, government agencies and universities reported suffering losses from computer fraud. Most companies, as a result, make token efforts at security, hiding their internal networks behind “firewalls,” designed to keep unauthorized people out.
All that’s done has forced truly dedicated hackers to do their research. Some even sneak into the premises to steal any information that might be useful–such as a map of the computer network and information about the software used–or just to glance over shoulders for network passwords carelessly pasted to monitors.
Individuals can take some personal security steps. For example, a random password that mixes characters and numbers and is kept on a card in your wallet (or better yet, in your head) is better than an ordinary word or name–there are programs specifically designed for ferreting out ordinary passwords.
Another step is to shred any paper that contains personal data. Data thieves are perfectly willing to go “dumpster-diving,” searching through garbage for personal information.
And if you send any sensitive information over the Internet, use encryption software. E-mail can be intercepted and read rather easily..
Oh, yeah, and if you happen to be the Department of Defense of the world’s only superpower–don’t leave sensitive software lying around on a computer that can be accessed through the Internet.
It’s just common sense.
