MyZDNet | Reviews | Shop | Business | Help | News | Electronics | GameSpot | Tech Life | Downloads | Developer |
|
ZDNet > Business & Tech > Inter@ctive Week > Hacks Open A Dangerous New Era |
|
| ||
|
||||||
|
February 9, 2000 Hacks Open A Dangerous New Era By Tom Steinert-Threlkeld
The commercialization of the Internet is entering a dangerous new era - the era of extortion. It's a discouraging milestone. But there can be no doubt that the past two days' public takedowns of many of the biggest electronic commerce and content sites on the Web - ranging from Yahoo! to Buy.Com to E*Trade to ZDNet - are setting the groundwork and showing a game plan for thuggery and blackmail. Now, any hacker or hacker gang worth any kind of salt will be salivating at the prospects. The bar has been raised to show who has the best automated denial-of-service software out there. And to prove it, they'll have to use it. Worse, a light is now going on in the brains of the really warped and criminal among the hackers - and anyone who takes down Yahoo! or any other public or private site of any substance has to fit in that category. If we can mass the processing power of Solaris, NT and other boxes against them and take them down, we can also take their money. Don't think it's not going to happen. There is - so far - so little risk in being identified and so much at stake. Hackers clever enough to put tens, hundreds or thousands of other people's machines at their disposal for such attacks are clever enough to figure out a means to allow companies to pay digitally - and not be able to trace it. Now sites will resist. But the numbers are big, at least by hackers' standards. Yahoo! rakes in nearly $2 million in revenue daily. Amazon.com's at $4 million per day. It's not farfetched to see these hackers moving onto the next stage in a vicious plan and demanding money in exchange for availability. A protection racket in cyberspace. "What's to keep them from saying next week to eBay, 'Do you want to stay up or stay down?' " said Alan Paller, research director of the SANS Institute, the network security organization. "That, to me, is a new dimension - they were shown it was possible to do it.'' It's not like there isn't precedent - of very recent vintage. Have we already forgotten the attempt one month ago by a computer intruder to extort $100,000 from CD Universe? The intruder said he had copied 300,000 customer credit-card numbers and files off its servers. The company refused to pay. The reward: The intruder released roughly 25,000 of the stolen numbers. Then, on the first weekend in February, AutoDesk buckled in to threats of an attack from aficionados of a site called The3Dstudio.com. Artists, in conjunction with an outfit called RTMark, said they would launch a crippling attack on Autodesk, which makes a product called 3D Studio and sued to close down the 3Dstudio site of similar name. Under threat, Autodesk backed off. "Now if they jump like that before being threatened, we'll have achieved something nice,'' an RTMark spokesman, Ernest Lucha, was quoted as saying in an electronic news release about the event. But even that "nice'' comment came after a veiled threat. RTMark - and others who clearly are loath to identify themselves - are quite willing not just to make threats, but to act on them. Or even stage attacks, without threat, as happened repeatedly this week. It would be "nice'' to think that these attacks won't represent the dawning of an age of online coercion, for pecuniary gain. Such intimidation is as old as computer networking. But, in the past, it's been largely invisible, with banks, telecommunications companies, manufacturers and others clamming up when there's been a security breach involving money. Now, anyone with a browser knows when a site is down. There's no room to hide, for electronic commerce sites. They will be faced with the dilemma of retaining customer loyalty, creditablity and business - or their ethics. The ante is raised. Even the largest of the large, the most profitable of the profitable, are at risk. The age of innocence - if there really ever was one - is over.
|
Top News
|