A Global Guide to Hacking
In a world of fake news, it has become very important to be able to spot well informed journalism when assessing the validity of an article. At the same time, this fake news trend started a rise in incidents in cyber security which has led to the terms “hacking” or “hacked” becoming part of our common language and filling the “fake news” cycle with poorly informed articles on Cyber Security. These terms have been applied very liberally to include any kind of nefarious activity that is perpetuated through a computer. This broad application of the term has been used to sensationalize acts of misinformation, disinformation, and other computer crimes that are not truly a “hack.” In the sections below, we will sort out the “hacks” from the “non-hacks” and highlight some examples of the global impact of breaches.
What constitutes a “hack”?
If we’re going to apply the term “hack” appropriately, we’ll need to clearly define it. Among information security professionals, the term “hack” is applied when a computer system or user is tricked into giving up information or access to an unauthorized third-party.
For instance, North Korea is accused of “hacking” the entertainment branch of Sony in 2014. Much like many high profile “hacks,” a group gained unauthorized access to Sony’s systems, and launched a ransomware campaign against the company. This is a “hack” because a third party exploited a technical flaw in a system to disrupt the operations of a company as well as stealing information and making it public. “Hack” should only be applied to acts that exploit a technical flaw to steal information or to disrupt operations.
What is the global “hacking” environment?
It is true that there is an international ecosystem around true cyber attacks. There are many specialist groups that are participating in the “dark web” trading information for currency. Each of these groups performs the task that they specialize in, adding value to the access that they have gained. They then sell this access on to another group that has another specialty. At each stop, these specialist groups attempt to add value and then to sell their work on the dark web.
Some of these groups are:
- Agencies of a national government,
- Organizations sponsored by a foreign government,
- Or groups selling information or tools to government agencies.
An enabling factor to this ecosystem has been cryptocurrency, most commonly bitcoin. Because it’s truly international and untraceable, bitcoin has fueled an incredible growth in the hacking ecosystem.
For example, the most recent governments to be accused of hacking internationally are North Korea (hack) and Russia (non-hack). These two accusations represent both sides of what is and isn’t a “hack.”
What’s a “non-hack”?
In order to understand a “non-hack, we will use how the word “hack” was applied to a Russian propaganda campaign during the 2016 election cycle on Facebook. Facebook ads were sold to groups and displayed to targeted users via the Facebook advertising platform. The reason that this is not a “hack” is largely because these same ads would be legal if it were a U.S. based group purchasing them. It is not a hack, because there is no technical flaw that allowed the Russians to purchase ads. The term “hack” is only being applied because the propaganda was spread via Facebook.
Was the 2016 Presidential Election “hacked”?
The short answer is yes. The email leak that was published by Wikileaks was a great example of a true “hack” because it fits the definition listed above. It’s important to note that it wasn’t the hack itself that changed the election, but the emails that were discovered and published themselves that moved the needle. If those emails had not existed, the hack would have likely gone completely unnoticed and would have had no impact.
In conclusion, we must define the term “hack” (as stated above) in order to prevent confusion for readers as the result of media sensationalism and misleading reporting. The inappropriate application of this term indicates a lack of understanding of the subject matter. For readers, it should trigger skepticism of the reporting that is being done. Proper application of terms is more important than ever.
Chris J. Huntington, CISSP
Chief Information Security Officer, Nexigen
Trustee of the Board of Directors, World Affairs Council – Cincinnati and Northern Kentucky