WAR! …ON THE SUPERHIGHWAY
Hacktivists Turn the Internet into a Battlefield

The world today is gripped in fear as criminals and hackers who operate in the underground of the internet run rampage, attacking websites and IT networks of governments, corporations and individuals who they see as threats to their ambitions. Their activities are foreboding of a world war which if care is not taken may be fought on the cyberspace without troops and physical armaments. CHIMA AKWAJA and SAMSON AKINTARO looks at the rise and menace of hacktivists, the tools of their warfare and what danger lies ahead if the situation is not arrested on time.

Man’s Undesirable Yet Ever Present ‘Neighbour’

Rats are various medium-sized, long-tailed rodents of the superfamily Muroidea. Rats are typically distinguished from mice by their size; rats are generally large muroid rodents, while mice are generally small muroid rodents. The best-known rat species are the Black Rat (Rattus rattus) and the Brown Rat (Rattus norvegicus). Rats are bigger than most Old World mice, which are their relatives, but seldom weigh over 500 grams (1.1 lb) in the wild.
A group of rats is either referred to as a pack or a mischief. The common species are opportunistic survivors and often live with and near humans; therefore they are known as commensals. They may cause substantial food losses, especially in developing countries. Wild rodents, including rats, can carry many different zoonotic pathogens, such as Leptospira, Toxoplasma gondii, and Campylobacter.
 The Black Death is traditionally believed to have been caused by the micro-organism Yersinia pestis, carried by the Tropical Rat Flea (Xenopsylla cheopis) which preyed on Black Rats living in European cities during the epidemic outbreaks of the Middle Ages; these rats were used as transport hosts.
Other zoonotic diseases linked to pest rodents include Classical swine fever and Foot-and-mouth disease. The average lifespan of any given rat depends on which species is being discussed, but many only live about a year due to predation.  When it comes to conducting tests related to intelligence, learning, and drug abuse, rats are a popular choice due to their high intelligence, ingenuity, aggressiveness, and adaptability. Their psychology, in many ways, seems to be similar to humans.
European associations with the rat are generally negative. For instance, "Rats!" is used as a substitute for various vulgar interjections in the English language. These associations do not draw, per se, from any biological or behavioral trait of the rat, but possibly from the association of rats (and fleas) with the 14th-century medieval plague called the Black Death. Rats are seen as vicious, unclean, parasitic animals that steal food and spread disease.
Rats are frequently blamed for damaging food supplies and other goods, or spreading disease. Their reputation has carried into common parlance: in the English language, rat is often an insult. Rat is generally used to signify an unscrupulous character. Writer/Director Preston Sturges created the humorous alias "Ratskywatsky" for a soldier who seduced, impregnated, and abandoned the heroine of his 1944 film, The Miracle of Morgan's Creek.
Rat is a term (noun and verb) in criminal slang for an informant - "to rat on someone" is to betray them by informing the authorities of a crime or misdeed they committed. Describing a person as "rat-like" usually implies he or she is unattractive and suspicious. Among unions, "rat" is a term for non-union employers or breakers of union contracts, and this is why unions use inflatable rats.
Just as rats are seen as nuisance by man, so are the internet hackers seen as a distraction by technology companies, internet regulators, anti-virus software vendors, website owners and internet surfers. The disruptive nature of rats can be associated with the way internet hackers popularly called “hacktivists” are now prowling the internet causing mayhem.

“And as always, LulzSec delivers: http://t.co/yQlcu5x 62,000+ emails/passwords just for you. Enjoy.,” LulzSec said in a tweet. The file containing the list of emails and passwords posted on Mediafire.com has since been removed, according to the link on the website.
Various sites on the Internet have compiled databases to help users find out if their accounts are among those that have been disclosed by LulzSec, including one at Dazzlepod.com and another by Gizmodo. Among the victims of LulzSec’s disclosure was the mother of Bridget Reed Morawski. “Mom got hacked by LulzSec. She’s in those 62,000 email users,” Morawski tweeted.
After friends of Morawski’s mother let her mom know her MSN email account was sending emails reading along the lines of “Haha I’m in,” Morawski checked a database that compiled the 62,000 released emails and passwords and found her mom’s address in it.
“It was pretty much they were screwing with them and being braggy,” Morawski said about the emails the hacker sent. The hacker also deleted all of Morawski’s mother’s emails sent “up until 2009,” she said. LulzSec reposted the 62,000 emails and passwords Thursday afternoon and retweeted the posts of some of their followers on the social network who claimed to have used the combinations to access Amazon and Paypal accounts as well as mess with people’s relationships after accessing their Facebook accounts.
The targeted attack used by hackers to compromise e-mail accounts of top US officials is reaching ‘epidemic’ proportions, say security experts. The scam, known as spear phishing, was used in a bid to get passwords of Gmail accounts so they could be monitored. Via a small number of customised messages it tries to trick people into visiting a web page that looks genuine so users type in login names.
Such attacks are often aimed at top officials or chief executives. Such attacks are not new, say security professionals, but they are becoming more commonplace. “What is happening more and more is the targeting of a couple of high value individuals with the one goal of acquiring valuable information and valuable data,” said Dan Kaminsky, chief scientist at security firm DKH.
“The most interesting information is concentrated in the accounts of a few people,” he said. “Attackers using information to impersonate the users are at epidemic proportions and why computer security is in the state it is in.” In March, security firm RSA was hit by a sophisticated spear-phishing attack that succeeded despite only two attacking e-mails being sent. The phishing e-mail had the subject line “2011 Recruitment Plan” and contained a booby-trapped spreadsheet.
In July, hackers took advantage of the phenomenal popularity of Google's new social network by emailing out fake invitations for the service. Anybody responding to the bogus invites to join Google+ was instead directed to a pharmaceutical website selling Viagra. A Canadian hacking group called Partnerka is responsible for the 'amateur' scam, according to cyber security firm Sophos.
On March 4, 2011 Epsilon, the largest email marketing service company in the world, announced it was hacked by a group targeting the company's email lists. Epsilon hosts over 2,500 customer email lists from Capital One to Wal-Mart and said about 50 of its clients were affected. Those emails are expected to be used by "spear phishing" hackers hoping to gather sensitive consumer data.

Will WW3 be Fought in Cyberspace?
Heroes of the First and Second World War might not have imagined that there would be a time when nations of the world would attack each other without firing rockets or launching the most dreaded nuclear weapons. However, the stark reality is now dawning on global leaders as increasing cyber hacktivism becomes a thorn in the flesh for countries’ political and economic survival.
In a world where every economy now depends on computer and the internet, it may not be out of place to say that global peace is now being threatened by the upsurge of cyber crimes across national boundaries dubbed as Cyberwarfare. Already, the so called superpowers are bracing up for any eventualities as a result of the increasing cyber threats.
 The United States of America’s defence headquarters (Pentagon) in recognition of this global threat, in May 2010 set up its new U.S. Cyber Command (USCYBERCOM), headed by General Keith B. Alexander, director of the National Security Agency (NSA), to defend American military networks and attack other countries' systems.  The United Kingdom also followed suit by setting up a cyber-security and "operations centre" based in Government Communications Headquarters (GCHQ), the British equivalent of the NSA.
The Economist magazine recently reported that China has plans of "winning informationised wars by the mid-21st century". They noted that other countries are likewise organizing for cyberwar, among them Russia, Israel and North Korea, while Iran boasts of having the world's second-largest cyber-army. Underscoring the spread of the new warfare mechanism, the Internet security company McAfee stated in their 2007 annual report that approximately 120 countries have been developing ways to use the Internet as a weapon and target financial markets, government computer systems and utilities.
Threats of Cyber Warfare Looms
In February 2010, the U.S. Joint Forces Command released a study which included a summary of the threats posed by the internet. The report read in part, “with very little investment, and cloaked in a veil of anonymity, our adversaries will inevitably attempt to harm our national interests. Cyberspace will become a main front in both irregular and traditional conflicts. Enemies in cyberspace will include both states and non-states and will range from the unsophisticated amateur to highly trained professional hackers. Through cyberspace, enemies will target industry, academia, government, as well as the military in the air, land, maritime, and space domains. In much the same way that airpower transformed the battlefield of World War II, cyberspace has fractured the physical barriers that shield a nation from attacks on its commerce and communication. Indeed, adversaries have already taken advantage of computer networks and the power of information technology not only to plan and execute savage acts of terrorism, but also to influence directly the perceptions and will of the U.S. Government and the American population.”
Experiences from other countries
On November 26 2010, a group calling itself the Indian Cyber Army hacked the websites belonging to the Pakistan Army and the others belong to different ministries, including the Ministry of Foreign Affairs, Ministry of Education, Ministry of Finance, Pakistan Computer Bureau, Council of Islamic Ideology, etc. The attack was done as a revenge of the Mumbai terrorist attack which had confirmed the involvement of Pakistani terrorists. In retaliation, on December 4 2010, a group calling itself the Pakistan Cyber Army hacked the website of India's top investigating agency, the Central Bureau of Investigation (CBI).
In October 2010, Iain Lobban, the director of the Government Communications Headquarters (GCHQ), said Britain faces a “real and credible” threat from cyber attacks by hostile states and criminals and government systems are targeted 1,000 times each month, such attacks threatened Britain’s economic future, and some countries were already using cyber assaults to put pressure on other nations. In September 2010, Iran was attacked by the Stuxnet worm, thought to specifically target its Natanz nuclear enrichment facility. The worm is said to be the most advanced piece of malware ever discovered and significantly increases the profile of cyber warfare.
Earlier in May 2010, in response to Indian Cyber Army defacing Pakistani websites, 1000+ Indian websites were defaced by PakHaxors, TeaMp0isoN, UrduHack & ZCompany Hacking Crew. Among those were the Indian CID website, local government of Kerala, Box Office of Indian, Brahmos missile website, Indian HP helpdesk, Indian Institute of Science, and The Indian Directorate General of Shipping.
In July 2009, there were a series of coordinated denial of service attacks against major government, news media, and financial websites in South Korea and the United States. While many thought the attack was directed by North Korea, one researcher traced the attacks to the United Kingdom. Russian, South Ossetian, Georgian and Azerbaijani sites were attacked by hackers during the 2008 South Ossetia War. In 2007 the website of the Kyrgyz Central Election Commission was defaced during its election. The message left on the website read "This site has been hacked by Dream of Estonian Organization". During the election campaigns and riots preceding the election, there were cases of denial-of-service attacks against the Kyrgyz internet service providers (ISPs).
In September 2007, Israel carried out an airstrike on Syria dubbed Operation Orchard. United States industry and military sources speculated that the Israelis may have used technology similar to that used by the United States Suter airborne network attack system to allow their planes to pass undetected by radar into Syria. Suter is a computer program designed to interfere with the computers of integrated air defense systems
In April 2007, Estonia came under cyber attack in the wake of relocation of the Bronze Soldier of Tallinn. The largest part of the attacks came from Russia and from official servers of the authorities of Russia. In the attack, ministries, banks, and media were targeted. In the 2006 war against Hezbollah, Israel alleges that cyber-warfare was part of the conflict, where the Israel Defense Force (IDF) intelligence estimates several countries in the Middle East used Russian hackers and scientists to operate on their behalf. As a result, Israel attached growing importance to cyber-tactics, and became, along with the U.S., France and a couple of other nations, involved in cyber-war planning. Many international high-tech companies are now locating research and development (R&D) operations in Israel, where local hires are often veterans of the IDF's elite computer units.
In fact, the assassination of Osama bin Laden (the man who engineered the attacks on United States on September 11, 2011) authorized by President Barack Obama which was carried out by a dozen Sea, Air and land (SEAL) commandos who stormed Osama’s hideout in Abbottabad, Pakistan was technological engineered as the Americans were able to hack into the Pakistani’s air defence network obliterating any trace of enemy aircrafts on their airspace radar throughout the duration of the operation in Pakistan. The US Navy SEAL came in three Chinooks helicopters with the latest technological marvel to execute and extract the remains of the world’s most wanted man out of Pakistan.
In Nigeria, the Digital War Looms
Graduating from what is commonly known as debit card or internet fraud, cyber crimes in Nigeria has grown into full blown hacktivism with the hacktivists now firing digital missiles against government and corporate organisations in the country. Unfortunately, hacktivism is now taking a dimension of the popular militancy the Nigerian Government has to deal with from time to time, as the digital militants strike on government portals to press home their demands. Already, a digital war has been declared by a group, which called itself NaijaCyberHactivists, threatening to launch series of attacks capable of grounding government and businesses in the country.
The group, which claimed responsibility for recent attacks on the websites of the Niger Delta Development Commission (NDDC); National Poverty  Eradication Programme (Napep), and Federal Airports Authority of Nigeria (FAAN), said it is set to use digital war to protest what it called government wastefulness. Explaining why they launched the attacks, the group in an online media interview said they broke into some official websites to show their disapproval of the N1 billion spent on the inauguration of the new administration.
“A time will come when they won’t be able to ignore our actions. We’ll be all over them, eating deep into their hearts, poking at their vulnerabilities, exploiting their weaknesses, haunting them by our increased participation. Our mode of operation remains unknown. We act only when there is a need to,” the group threatened in the interview. Besides, the group is threatening to launch an attack against all financial institutions and e-payment bodies in the country; take down the networks; cripple the telecommunication companies and take down all government sites, if their demands are not met.
The group is demanding, among others, a reduction of government spending on frivolities, which it described as wasteful spending. While governments in the developed world had anticipated cyber warfare even before it began to manifest and deployed strategic forces to tackle it with, for instance, the establishment of the U.S Cyber Command (USCYBERCOM), Nigeria may have been caught in the web of unpreparedness, as the digital war now stand at its door, with no strategy to counter or stop it.

A Brief History of Hacking
By Mark Ward
The world is full of hackers, or so it seems. In the past few months barely a day has gone by without news of a fresh security breach. Multi-national companies have been left counting the cost of assaults on their e-mail systems and websites. Members of the public have had their personal information stolen and pasted all over the internet.
In the early decades of the 21st century the word "hacker" has become synonymous with people who lurk in darkened rooms, anonymously terrorising the internet. But it was not always that way. The original hackers were benign creatures. Students, in fact. To anyone attending the Massachusetts Institute of Technology during the 1950s and 60s, a hack was simply an elegant or inspired solution to any given problem.
Many of the early MIT hacks tended to be practical jokes. One of the most extravagant saw a replica of a campus police car put on top of the Institute's Great Dome. Over time, the word became associated with the burgeoning computer programming scene, at MIT and beyond. For these early pioneers, a hack was a feat of programming prowess. Such activities were greatly admired as they combined expert knowledge with a creative instinct.
Boy power
Those students at MIT also laid the foundations for hacking's notorious gender divide. Then, as now, it tended to involve mainly young men and teenage boys. The reason was set out in a book about the first hacker groups written by science fiction author Bruce Sterling. Young men are largely powerless, he argued. Intimate knowledge of a technical subject gives them control, albeit over over machines.
"The deep attraction of this sensation of elite technical power should never be underestimated," he wrote. His book, The Hacker Crackdown, details the lives and exploits of the first generation of hackers. Most were kids, playing around with the telephone network, infiltrating early computer systems and slinging smack talk about their activities on bulletin boards.
This was the era of dedicated hacking magazines, including Phrack and 2600. The individuals involved adopted handles like Fry Guy, Knight Lightning, Leftist and Urvile. And groups began to appear with bombastic names, such as the Legion of Doom, the Masters of Deception, and Neon Knights.
As the sophistication of computer hackers developed, they began to come onto the radar of law enforcement. During the 1980s and 90s, lawmakers in the USA and UK passed computer misuse legislation, giving them the means to prosecute. A series of clampdowns followed, culminated in 1990 with Operation Sundevil - a series of raids on hackers led by the US Secret Service.
Group dynamic
But if Sundevil's aim was to stamp out hacking in the United States, it failed. As connected systems became ubiquitous, so novel groups of hackers emerged, keen to demonstrate their skills. Grandstanding was all part of the job for collectives like L0pht Heavy Industries, the Cult of the Dead Cow, and the Chaos Computer Club, along with individuals such as Kevin Mitnick, Mafiaboy and Dark Dante.
In 1998, L0pht members famously testified to the US Congress that they could take down the internet in 30 minutes. Mafiaboy showed what he could do by crashing the sites of prominent web firms such as Yahoo, Amazon, Ebay and CNN. Dark Dante used his knowledge to take over the telephone lines of a radio show so he could be the 102nd caller and win a Porsche 944.
Such actions demonstrate how hackers straddle the line separating the legal and illegal, explained Rik Ferguson, senior security researcher at Trend Micro. "The groups can be both black or white hat (or sometimes grey) depending on their motivation," he said. In hacker parlance, white hats are the good guys, black hats the criminals. But even then the terms are relative. One man's hacker could be another's hacktivist.
Worldwide threat
 If hacking was a business born in the US, it has gone truly global. "In more recent times, groups emerged around the world in places as far flung as Pakistan and India, where there is fierce competition between the hackers," said Mr Ferguson. In Romania groups such as HackersBlog have hit various companies. In China and Russia, many hackers are believed to act as proxies for their governments.
Now, in 2011, it is hacker groups making the headlines once again. Two in particular, Anonymous and Lulz Security, have come to prominence with high profile attacks on Sony, Fox, HBGary and FBI affiliate Infragard. "These stunts are being pulled at the same time as national governments are wringing their hands about what to do in the event of a concerted network attack that takes out some critical infrastructure component," said veteran cyber crime analyst Brian Krebs.
"It's not too hard to understand why so many people would pay attention to activity that is, for the most part, old school hacking - calling out a target, and doing it for fun or to make some kind of statement, as opposed to attacking for financial gain," he said. A current favoured practice is to deface websites, leaving behind a prominent message - akin to the graffiti artist's tag.
According to Zone-H, a website which monitors such activity, more than 1.5 million defacements were logged in 2010, far more than ever before. 2011 looks like it will at least reach that total. The sudden growth in the number of hackers in not necessarily down to schools improving their computing classes or an increased diligence on the part of young IT enthusiasts.
Rather, the explosion can likely be attributed to the popularity of Attack Tool Kits (ATKs) - off the shelf programs designed to exploit website security holes. Such software is widely available on the internet. Bruce Sterling, with his future gazing hat on, has a view of what that will mean.
"If turmoil lasts long enough, it simply becomes a new kind of society - still the same game of history, but new players, new rules," he wrote. And perhaps that is where we are now. Society's rules are changing but we're not sure who is doing the editing.

USA to Treat Cyber-attacks as 'Acts of War'

"A response to a cyber-incident or attack on the US would not necessarily be a cyber-response. All appropriate options would be on the table," Pentagon spokesman Col Dave Lapan told reporters. Col Lapan confirmed the Pentagon was drawing up a cyber defence strategy, which would be ready in two to three weeks.
Cyber-attacks from foreign nations that threaten widespread US civilian casualties, like cutting off power supplies or shutting down emergency-responder networks, could be treated as an act of aggression under the new policy. But the plan does not mention how the US may respond to cyber-attackers, such as terrorists, who are not acting for a nation state.
The Pentagon's planning follows an international strategy statement on cyber-security, issued by the White House on 16 May. The US would "respond to hostile acts in cyberspace as we would to any other threat to our country", stated the White House in plain terms.
"We reserve the right to use all necessary means - diplomatic, informational, military, and economic - as appropriate and consistent with applicable international law, in order to defend our nation, our allies, our partners and our interests."The Wall Street Journal quoted a military official as saying: "If you shut down our power grid, maybe we will put a missile down one of your smokestacks."
White House officials said consideration of a military response to a cyber-attack would constitute a "last resort", after other efforts to deter an attack had failed, the New York Times newspaper reported. One of the difficulties strategists are grappling with is how to track down reliably the cyber-attackers who deliberately obscure the origin of their incursions.
The sophistication of hackers and frequency of the attacks came back into focus after an attack on arms-maker Lockheed Martin on 21 May. Lockheed said the "tenacious" cyber-attack on its network was part of a pattern of attacks on it from around the world. The worst cyber-attack against the US military occurred in 2008, when malicious software on a flash drive commandeered computers at US Central Command. The US defence department estimates that more than 100 foreign intelligence organizations have attempted to break into American networks.
But hacktivists like Anonymous are just one type of hacker group. Others are out for financial gain, well-organised to steal payment-card numbers and personal financial data, or pillage bank accounts. And there are groups that focus on intellectual-property theft or steal valuable information for national interests, or money, or both.
Celebrities Not Left Out
In June this year, Lady Gaga's UK music website was hacked, her record company Universal confirmed. The firm said a number of its sites was targeted but that no passwords or financial information had been taken in the attack. "The hacker took a content database dump and a section of email, first and last name records were accessed.
“There were no passwords taken and no financial information taken," a Universal statement said. "Universal Music takes information protection very seriously and has put in place additional measures to protect personally identifiable information.” In June, an 18-year-old computer hacker who stole songs from Lady Gaga and other artists was sentenced to 18 months detention in Germany. In July, the singer's official YouTube channel was blocked over a copyright dispute before being restored.
War Declared Against Facebook
 Hacktivist Group Anonymous claimed that they are going to destroy the world’s no.1 social network Facebook on 5th November 2011. The reason behind why they are planning to take down Facebook is that they are sharing and selling our privacy with government and other secret service agencies which is not acceptable for any individual. They also mentioned in the video that Facebook knows more about us than our family. Facebook users provide their details, bio, photos and everything about their lives to Facebook.

The Cost of Cyber Warfare
Globally, the cost implication of cyber warfare is rising by the day as governments and corporate organisations count their losses to cyberspace attacks. Just recently, the UK Government announced that the overall cost of cyber crimes to its economy is now about 27 billion Great Britain Pounds per annum. "The Cost of Cyber Crime" report reveals that while government and the citizen are affected by rising levels of cyber crime, at an estimated £2.2bn and £3.1bn cost respectively, business bears the lion’s share of the cost. The report indicates that, at a total estimated cost of £21bn, over three-quarters of the economic impact of cyber crime in the UK is felt by business. 
Weeks after the revelation by the UK Government, France's Finance Ministry also announced that it had become the latest state department to be hit by a cyber attack, forcing it to shut down its systems as hackers targeted documents related to the G20 summit in Paris. A fresh study by HP has also revealed that cyber attacks increasingly impact businesses and government organizations, resulting in significant financial costs.
Conducted by the Ponemon Institute, the ‘Second Annual Cost of Cyber Crime’ study indicated that the median annualized cost of cyber crime incurred by a benchmark sample of large organizations was $5.9 million per year, with a range of $1.5 million to $36.5 million each year per organization. This represents an increase of 56 percent from the median cost reported in the inaugural study published in July 2010.
The study found that recovery and detection are the most costly internal activities, highlighting a significant cost-reduction opportunity for organizations that are able to automate detection and recovery through enabling security technologies.
“Instances of cyber crime have continued to increase in both frequency and sophistication, with the potential impact to an organization’s financial health becoming more substantial,” said Tom Reilly, vice president and general manager, Enterprise Security, HP. “Organizations in the most targeted industries are reducing the impact by leveraging security and risk management technologies, which is grounds for optimism in what continues to be a fierce fight against cyber crime.”
Cyber attacks have become common occurrences. Over a four-week period, the organizations surveyed experienced 72 successful attacks per week, an increase of nearly 45 percent from last year. More than 90 percent of all cyber crime costs were caused by malicious code, denial of service, stolen devices and web-based attacks. Individually, an undocumented amount of money are been lost on daily basis across the world through credit card frauds.

A World After Wikileaks
By Bill Thompson
Wikileaks founder Julian Assange may not be Time Magazine Person of the Year for 2010 - that distinction has gone to Facebook's Mark Zuckerberg - but he has certainly managed to dominate the global conversation over the past few weeks.
The reverberations of Wikileaks publication of so many confidential and secret documents will be felt for many years, and he has attracted a large band of supporters, but the support for Assange is as much about his personal situation as it is an expression of support for what Wikileaks does or proposes to do. To properly understand the philosophy that underlies his activity or his long-term goals, people should read Aaron Bady's compelling analysis of Assange's politics, as published on the zunguzungu blog.
Bady uses a close reading of an essay by Assange on State and Terrorist Conspiracies to argue that Assange sees modern governance as a conspiracy by those with power that goes against the interests and desires of the governed, and that Wikileaks exists in order to undermine the ability of governments to communicate secretly and diminish the power of authoritarian states.
Doing this, he believes, will force openness and lead to more progressive forms of government - or at least, less repressive ones. It will also, inevitably, lead to a response from the institutions targeted, and in the last few weeks we have seen what happens when a state feels threatened.
Although it is not pleasant neither is it surprising: governments, like other complex systems, will act to preserve themselves and seek to damage or neutralise opposition, and nothing the US or other governments have done so far is exceptional.
Net conflict
 In a statement dictated to his mother from his jail cell Assange said "we now know that Visa, Mastercard, PayPal and others are instruments of US foreign policy", referring to the way in which these large companies had decided not to provide service to Wikileaks. But nobody who has observed the growth of the internet could have been surprised by this.
Tim Wu and Jack Goldsmith wrote about this back in 2006 in their excellent book Who Rules the Internet, where they pointed out that government will always go after gatekeepers and choke points in their attempts to regulate online activity. In that same year, Visa and MasterCard refused to pass funds to the Russian music download site allofmp3.com, even though the site was legal within Russia, but that attracted little attention because it was about cheap music and not freedom of expression.
Now we face a different sort of conflict, and it appears to be one that will shape the political landscape for years to come. In the finale of the film Ghostbusters the eponymous heroes are obliged to challenge the god Gozer, but before he appears they are told that they must "choose the form of your destructor".
Gozer, they realise, will materialise in whatever monstrous form they imagine, and Venkman tells the others not to visualise anything. Unfortunately, it is too late - Ray has already thought of "the gentlest thing he could, something that would never hurt me" - at which point a giant Stay Puft Marshmallow Man appears and proceeds to wreak havoc on New York.
Something similar lies behind the emergence of Wikileaks. Over the past two decades we have built the internet and the web and completed a process of digitisation that has turned most of the world's operational data into electronic form, from bank records to love letters to diplomatic cables.
Status quo
 We have called forth the network age, and yet carried on in our daily lives as if nothing has really changed. As a result we made this moment inevitable, even if it was impossible to predict the form our "destructor" would take.
Now it has materialised as a stateless, shapeless "international new media non-profit organisation that publishes submissions of otherwise unavailable documents from anonymous news sources and news leaks", as Wikipedia describes it.
That organisation is threatened from outside by some of the most powerful states in the world, whose capacity for action is enormous. It is also challenged from the inside, as internal mails and documents, made available online on the Cryptome site reveal. But what really matters is that the disruptive power of the internet has been conclusively demonstrated, and the old order has been provoked to respond.
This is democracy's Napster moment, the point at which the forms of governance that have evolved over 200 years of industrial society prove wanting in the face of the network, just as the business models of the recording industry were swept away by the ease with which the internet could transmit perfect digital copies of compressed music files.
Napster was neutered by court action in the US, but its failure inspired peer-to-peer services that were far harder to control. The sharing of music is now unstoppable, and Wikileaks and the organisations that come after it will ensure that the same is now true of secrets. Of course we should never underestimate the power of the state to reinvent itself, just as modern capitalism and constitutional monarchy seem able to do.
Wikileaks has exposed the inadequacies in the way governments control their internal flow of information, and organisations dedicated to transparency and disclosure will observe the tactics used to shut it down and adapt accordingly. But the state can learn too, and has the resources to implement what it learns.
I fear that Wikileaks is as likely to usher in an era of more effective control as it is to sweep away the authoritarian regimes that Julian Assange opposes. He may look to a day when the conspiratorial power of the state is diminished, but I think we are more likely to see new forms of government emerge that exploit the capabilities of the network age to ensure their power is undiminished.
Bill Thompson is an independent journalist and regular commentator on the BBC World Service programme Digital Planet. He is currently working with the BBC on its archive project.

Understanding Cyber Crimes and Cyber Threats
Cyber crime or computer crime refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Net crime refers to criminal exploitation of the Internet. Such crimes may threaten a nation’s security and financial health. Issues surrounding this type of crime has become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
Internationally, both governmental and non-state actors engage in cyber crimes, including espionage, financial theft, and other cross-border crimes. Activity crossing international borders and involving the interests of at least one nation state is sometimes referred to as cyber warfare.
Cyber terrorism can be defined as an act of terrorism committed through the use of cyberspace or computer resources. As such, a simple propaganda on the Internet, that there will be bomb attacks during the holidays can be considered cyber terrorism. As well, there are also hacking activities directed towards individuals, families, organized by groups within networks, tending to cause fear among people, demonstrate power, collecting information relevant for ruining peoples' lives, robberies, blackmailing etc.
Cyber extortion is a form of cyber terrorism in which a website, e-mail server, or computer system is subjected to repeated denial of service or other attacks by malicious hackers, who demand money in return for promising to stop the attacks. According to the Federal Bureau of Investigation, cyber extortionists are increasingly attacking corporate websites and networks, crippling their ability to operate and demanding payments to restore their service. More than 20 cases are reported each month to the FBI and many go unreported in order to keep the victim's name out of the domain. Perpetrators typically use a distributed denial-of-service attack.
Cyberspace is the electronic medium of computer networks, in which online communication takes place. The term "cyberspace" was first used by the cyberpunk science fiction author William Gibson. Widely used since, it has been criticized by its inventor, as Gibson himself would later describe it as an "evocative and essentially meaningless" buzzword that could serve as a cipher for all of his "cybernetic musings". Now ubiquitous, in current usage the term "cyberspace" stands for the global network of interdependent information technology infrastructures, telecommunications networks and computer processing systems. As a social experience, individuals can interact, exchange ideas, share information, provide social support, conduct business, direct actions, create artistic media, play games, engage in political discussion, and so on, using this global network. The term has become a conventional means to describe anything associated with the Internet and the diverse Internet culture.

Hackers Tools of Cyber Attacks
Hackers and cyber criminals across the world have devised many means of carrying out their attacks, which though remain in the public knowledge, still remain highly difficult to prevent. Some of them include: distributed denial-of-service attack (DDoS), Spam, botnet, etc.
DoS
Denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. DoS attacks are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately. Perpetrators of DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card payment gateways, and even root nameservers.
Botnets
A botnet (“robot network”) refers to multiple computers infected with remote-controlled software that allows a single hacker to run automated programs on the botnet behind the users’ backs. The remote-controlled software or rootkit is clandestinely installed in each computer, hiding its presence and tracks, making detection difficult. Meanwhile, the hacker can use the botnet for many purposes, including distributing spam, spreading Trojan horses, perpetuating phishing scams, or gathering information for identity theft or fraud.
Rootkits
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. Typically, an attacker installs a rootkit on a computer after first obtaining root-level access, either by exploiting a known vulnerability or by obtaining a password (either by cracking the encryption, or through social engineering). Once a rootkit is installed, it allows an attacker to mask the ongoing intrusion and maintain privileged access to the computer by circumventing normal authentication and authorization mechanisms.
Stuxnets
Stuxnet is a computer worm discovered in July 2010. It is the first discovered malware that spies on and subverts industrial systems, and the first to include a programmable logic controller (PLC) rootkit. The worm initially spreads indiscriminately, but includes a highly specialized malware payload that is designed to target only Siemens Supervisory Control And Data Acquisition (SCADA) systems that are configured to control and monitor specific industrial processes. Stuxnet infects PLCs by subverting the Step-7 software application that is used to reprogram these devices.
Web Page-Based Attacks
Cyber-criminals will often create elaborate web pages meant to look like legitimate businesses or copies of actual websites a consumer may visit. Once the page loads into the web browser, it launches malicious software or other virus forms into the personal computer through the web browser's cache. These viruses can be designed to do any number of things, from hijacking email accounts to creating copies of itself or farming out user information stored on the computer, such as bank account and credit card numbers.
Purchased Virus Packs
According to a report by the BBC, in late 2007 cyber-criminals were selling on the open market the tools that make their schemes so successful. Pre-made virus packages can be purchased for as a little as $20. More lethal packages, including the dreaded MPack virus that hides in website URLs, often without the user's or administrator's knowledge, can be purchased for less than $1,000. The market for this type of illegal commerce is only increasing, putting the onus on internet security companies like Symantec and McAfee to step up their efforts in preventing cyber-crime.
Zero-Day Exploits /Attacks
A Zero-Day Exploit is one that uses a hitherto unknown technical vulnerability for its effect.  Most exploits emerge relatively gradually, from experiments or papers by researchers, and then spread slowly through networks and computers. In the zero-day situation, the exploit is already in wide distribution before detective and preventative means have been developed. During 2009 Symantec documented 12 such vulnerabilities. Four were in Adobe‘s PDF Reader software, while six were in Microsoft software such as Office and Internet Information Server. These vulnerabilities were exploited in both generic phishing attacks and by malicious code that appeared to be targeted at high-ranking business executives.
In these circumstances it is usually possible for the vendors of security technologies such as virus scanners, firewalls and intrusion detection scanners to identify and block malware before exploits cause real harm.  This is why many virus scanners can detect several thousand viruses while much smaller numbers are active ―in the wild. While many are still developed on daily basis, the above tools have remained instrumental to most cyber attacks which include:
Credit or direct debit card frauds
Credit cards are one of the most common payment instruments. The sensitive data associated with them is processed and passes through many computer systems which, in turn, keep a copy of this data, sometimes in a manner not compliant with current legislation and standards. Fraud related to sensitive credit card information can be both ‘physical’ and ‘online’. The former includes phenomena such as credit card cloning via skimming and the compromising of POS devices. In contrast, online fraud aims to obtain the card data by means of false e-commerce sites or by compromising existing websites. Additional security devices, such as “VbyV” or “Securecode”, do not pose insurmountable obstacles for the cracker, since they are for all intents and purposes static credentials which, once stolen, can be used again.
Theft of personal data for financial fraud purposes
The theft of information is not only limited to that directly associated with payment tools, but increasingly extends to the personal data of the individual, which can be found – for example – on social networks. The personal profile of an individual, together with payment instruments data, increases the efficacy of the fraud.
For example, some call centres authenticate the caller by requesting personal details in addition to traditional credentials, such as date of birth or the postcode of their city: a fraudster in possession of such information obviously has a considerable advantage. As proof of the value of such data, the prices of credit card numbers furnished with information on the holder are considerably higher on the black market than those without such information. Social networks represent a veritable goldmine of data which is not limited to merely personal information. In fact, thanks to social networks crackers can reconstruct the professional relationships of the victims, discovering the organisation they work for or who their bosses are, for example. This information can subsequently be re-used to carry out attacks based on social engineering or defraud the target organisation.
Theft of home banking credentials and other payment instruments
Home banking credentials and access codes to other payment instruments are one of the main types of information which permit a cyber fraudster to obtain an economic return from the attack, since they allow money to be moved around. The theft of usernames, passwords and operating codes for online financial transactions is an increasingly common phenomenon, which has forced banks and payment systems to raise security levels. Examples of this are the introduction of strong authentication mechanisms, such as confirmation codes, typically ‘one-time’, to authorise credit instructions, and monitoring instruments on the amount transacted.
Provision of fake services of various types
Fake services represent another type of fraud. These can range from the sale of counterfeited or infected software containing malware (fake antiviruses), to the failure to deliver a product the user has paid for. This type of fraud is not often accompanied by formal complaints made to the competent authorities, especially in cases where the nature of these services is compromising (such as the case of pornography or online gambling on illegal websites), or the amount of the loss suffered is relatively low.
Sale of illegal services
Cybercrime is so evolved that, over the years, it has stimulated the creation of a series of services supporting the activities of fraudsters. These services do not make it possible to obtain a direct profit from their use, but can help the fraudsters to improve the profitability of their activities and exchange information. Examples of such services are tools for handling the purchase and sale of information on attacks, and websites for checking the validity of stolen credit card numbers.

Groups Behind Cyber Hacktivism
They go by names like Anonymous, Lulz Security, Zeus, Night Dragon, Green Army Corp, Inj3ct0r Team; their goals, methods, effectiveness vary. Hacker groups that attack or steal — some estimates say there are as many as 6,000 of such groups online with about 50,000 "bad actors" around the world drifting in and out of them — are a threat, but the goals, methods, effectiveness of these groups varies widely.
Anonymous
Web Site: http://www.AnonServ.org
When they're angry, they hack into business and government systems to steal confidential data in order to expose information about their targets, or they simply disrupt them with denial-of-service attacks. These are the hackers with a cause, the "hacktivists" like the shadowy but well-publicized Anonymous or the short-lived Lulz Security group (which claimed to have just six members and just joined forces with Anonymous). Over the years, Anonymous is believed to have hit targets that include the Church of Scientology, the Support Online Hip Hop website, the No Cussing Club website, and posted pornographic videos disguised as children's videos onto YouTube.
It's said to have joined with Iranians protesting the results of the June 2009 Iranian presidential election. It's tied to taking down the Australian prime minister's website in 2009 because of the government's plans there to have ISPs censor porn on the Internet. Anonymous took up the cause of piracy activists fighting copyright law by launching denial-of-service attacks against anti-piracy groups and law firms. The group is supporting WikiLeaks, which publishes confidential information, including the U.S. State Department cables allegedly leaked by U.S. Army soldier Bradley Manning, now in a military jail awaiting trial.
Anonymous, perhaps tied to the Sony hacking incidents, launched distributed DoS attacks against Amazon, PayPal, MasterCard, Visa and others when the card-payment groups refused to process donations to WikiLeaks. Anonymous has sprung into conflicts, such as this year's uprisings in the Mideast, hitting the websites of the Tunisian, Egyptian and Libyan governments. The group recently let the world know its chief focus these days is targeting governments and corporations.
LulzSec
LulzSec short for Lulz security was founded in 2011. This group splintered off from Anonymous in spring 2011 in order to form a group which concentrated less on geo-politics and more on taking on adversaries that were a little more humorous. This group but has already launched some impressive and well publicized attacks.
 The Zeus Gangs
The malware called ZeuS is designed to plunder victims' PCs to steal financial information and execute fraudulent high-dollar Automated Clearinghouse (ACH) transfers in corporate bank accounts, resulting in many millions of dollars in fraud against businesses, church groups and government agencies. The Federal Bureau of investigation (FBI) and international law-enforcement partners in the United Kingdom, the Netherlands and the Ukraine managed to disrupt one of the six main ZeuS hacker groups last fall in a sweep that netted about 100 suspects tied to $70 million in U.S. bank heists.  
But the leader of what's called "JabberZeus" (because the specific variant of ZeuS used Jabber instant message to tell gang members when a victim's online banking credentials were stolen) is still believed to remain at large. According to Don Jackson, senior security researcher at Dell SecureWorks which has worked with business and the FBI, there are still five other separate ZeuS hacker groups very active across the world. These Zeus hacker groups have now been connected to "a billion dollars in losses," says Jackson.
Peoples Liberation Front
Web Site: http://www.PeoplesLiberationFront.org
Formed in 1985, a highly organized militant group of hackers who use the original American militia form of organization. While members are free to come and go and sign up for any operation they want, once signed on to an action there is a tight command and control structure based around commissioned officers known as Commanders. Politically motivated, this dedicated group primarily fights for freedom of information, speech – and expression. This group is transnational and global, with members in over 50 countries. It is one of the oldest cyber militias in the world.
This small but incredibly potent group contains some of the best hackers in the western world, and is most famous for small and surgical, yet incredibly effective actions around the world on behalf of freedom and justice. The group is diversified into various units dedicated to intelligence, penetration – DDoS attacks and more. This group has a particular expertise in counter intelligence, cyber warfare – and mass media dissemination. The PLF played an important role in the 2011 world wide uprisings which have been termed the Transnational Global Cyber Insurgency; that saw major operations in Tunisia, Algeria, Egypt, Libya, Syria, Ivory Coast – and Yemen just to name a few. This group comes at its enemies from every direction at once, and is known for eviscerating entire government networks literally over night.
Dogma Millions
This group, largely Russian, runs what's known as a "pay-per-install" operation to get victims to download malware they've designed and it's believed to have hundreds of "affiliates" that get paid when a malicious file is installed on a victim's machine. The group is known to have developed specialised software packers and protectors to ensure its malware, such as rootkits remain undetected by antivirus products.
Honker Union of China
Web Site: http://www.ChinaHonker.com
Formed in 1999 in response to the United States bombing of the Chinese embassy in Belgrade, Yugoslavia, HUC is a group known for hacktivism, mainly present in Mainland China. Literally the name means “Red Guest”, as compared to the usual Chinese transliteration of hacker (hēikè, literally Black Guest as in black hat). The Honker Union of China is a nationalistic group bent on defending the Government of China from all enemies both perceived and actual. They are also the largest known Cyber Militia in the world. The HUC is the driving force of nationalistic hacking in China today.
An amalgamation of several earlier groups, they continue to grow and add members and absorb rival groups at an astonishing rate. Members have launched a series of attacks on websites in the United States, mostly government-related sites. They also routinely target pro-Tibetan Freedom groups and individual activists. The name also suggests that a hacker in red, the color of the Communist party, is in combat with hackers in the dark. The HUC recently joined together with the Red Hacker Alliance to become the single largest hacker force on the planet.
The Chinese Hacker Groups
With a growing number of cyber attacks traced back to mainland China, there's a lot of interest in knowing about hacker groups there, with speculation there are many dozens of them. Security firm McAfee earlier this year released a report called "Night Dragon" which claimed hacker groups from China work regular hour shifts to try and break into oil companies to steal data.  Over the years, the more famous China hacker groups have included Janker, founded by Wang Xianbing, and the Green Army Corps, founded by Gong Wei, according to researcher Scott Henderson, who runs the website Dark Visitor.
Although there is no shortage of suspicion in the U.S. that Chinese hackers have at times worked for the Chinese government to steal secrets from U.S.-based businesses and the government, there are also times when Chinese authorities have taken steps to shut down hacker groups. For instance, reports said police last year in Hubei province went after hacker group "Black Hawk Safety Net" and its website that was providing Trojan-based malware. Over the years, others such as the Network Crack Program Hacker Group based out of Zigong have been identified. The group used a rootkit called GinWui in attacks on the U.S. Department of Defense, other U.S. agencies and Japan about five years ago.
 GinWui is thought to have been developed by the group's leader, Tan Dailin, who has used the handle "Wicked Rose" and later "Withered Rose." The Network Crack Program Hacker Group is believed to have transmitted a large amount of documents to China from the U.S. But when Dailin launched denial-of-service attacks against other Chinese hacker groups, including Hackbase, 3800hk and HackerXfiles, these hacker groups went to Chinese authorities, which arrested Dailin in 2009. He now faces over seven years in prison.
Inj3ct0r Team
Some hacker groups, particularly the hacktivists, are inclined to make their exploits public by announcing them online in some way or dumping contents they've stolen as proof of their prowess. "Inj3ct0r Team" claimed they'd compromised a server belonging to the North Atlantic Treaty Organization (NATO). The group said the files were a "server backup, confidential data." One industry source asked about Inj3ct0r Team says it started as one individual who began finding vulnerabilities in websites and publicising them, who then attracted a following. Hacker groups have a long history. The predecessors to today's had names like "The Legion of Doom" and "Masters of Deception" and in the 1980's they mainly struck phone networks, where "they did a lot of damage," says Dell SecureWorks researcher Jackson. Today's groups, he adds, are more "self-mobilizing, they drop in and drop out," and the big groups "always have a mastermind of two."
Iranian Cyber Army
Web Site: http://iraniancyberarmy.tumblr.com

Albanian Cyber Army
Web Site: http://www.facebook.com/Albanian.CyberWar
This group is small and sort of shadowy. There is a known roster of leaders, and many member followers. Their political motivations are crystal clear; they love Kosovo Independence and hate Serbia, Greece and Macedonia with a passion. They have been responsible for a handful of high profile hacks, and I think they bear watching as a possible future force.

Govt Hacker Programs
Estonian Cyber Defence League
Web Site: http://www.dw-world.de/dw/article/0,,14968102,00.html
In April 2007, when Estonia’s government, financial and media computer networks were attacked by unknown Russian hackers following the government’s decision of relocating a Soviet war memorial, it must have been hard to believe that something good would come from it at the end. With that attack, Estonia became the first country ever to actually be engaged in a cyberwar, but that didn’t make them despair. The new Cyber Defense League was created in response to massive cyber attacks that Estonia sustained four years ago. This particular Cyber Militia is unique in that it is now commanded by approximately 100 full time cyber soldiers in the Estonian military. Estonia is one of the most connected nations of the planet - it’s a place where three quarters of the population use the Internet and nearly all of the 1.3 million people pay their taxes online. The tiny Baltic country was the first in the world to enable its citizens to vote online.

USA Cyber Command
Web Site: http://www.stratcom.mil/factsheets/Cyber_Command
Founded in 2010. United States Cyber Command (USCYBERCOM) is an armed forces sub-unified command subordinate to United States Strategic Command. The command is located in Fort Meade, Maryland. USCYBERCOM centralizes command of cyberspace operations, organizes existing cyber resources and synchronizes defense of U.S. military networks. USCYBERCOM plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to its adversaries.

Revolution Guard Cyber Defense Command
Web Site: http://www.gerdab.ir/fa/content/3
Founded in 2010. This is the Cyber Defense Command of the Revolution Guard Corp of Iran. One of the first acts of this Command was to declare war on Anonymous. A potent force not averse to the use of offensive tactics that other Commands would flinch from employing, after the protests in 2009, the Islamic Revolutionary Guards Corps established a cyber defense command to counter online political activism, making Facebook and Twitter inaccessible to those without filter proxies bought in the West.

PLA Cyber Command
Web Site: http://asian-defence.blogspot.com/2010/08/chinas-cyber-command.html
Founded in 2010. The development of China’s cyber warfare program has captured worldwide attention in recent years. While evolving doctrines and incidents of cyber intrusions with alleged links to the Chinese government have helped China watchers glean the development of China’s growing cyber warfare capabilities, far less certainty surrounds the command and control side of this enigmatic operation.

Russia 5th-Dimension Cyber Army
Web Site: http://defensetech.org/2008/05/27/russias-cyber-forces
Founded in 2007. This was Project 25SX or SOLDIERX version 2.5 as it has become known as. This project was to take SOLDIERX back to its roots – information insemination. Cyber Warfare Budget: $127 Million. Cyber Weapons Arsenal in Order of Threat: Large, advanced BotNet for DDoS and espionage; Electromagnetic pulse weapons (non-nuclear); Compromised counterfeit computer software; Advanced dynamic exploitation capabilities; Cyber force Size: 7,300 +. Close ties with Russian Business Network (RBN), who is thought to own and operate the second largest BotNet in the world. Intelligence suggests there are organized groups of hackers tied to the Federal Security Bureau (FSB), the internal counter intelligence agency of the Russian Federation and successor to the Soviet KGB.

Ethical Hacker Groups
Chaos Computer Club
Web Site: http://www.CCC.de
Founded in 1981. Chaos Computer Club is the oldest and largest hacker group in the world. The CCC describes itself as “a galactic community of life forms, independent of age, sex, race or societal orientation, which strives across borders for freedom of information….” The CCC hosts the annual Chaos Communication Congress, Europe’s biggest hacker congress, with up to 4,500 participants. Every four years, the Chaos Communication Camp is the outdoor alternative for hackers worldwide.  The CCC started a new yearly conference called SIGINT in May 2009 in Cologne, Germany. Members of the CCC also participate in various technological and political conferences around the planet.

 Crewl Underground Madness
Web Site: http://www.blackhat.be
Founded in 1996. With four fulltime founding leaders and hundreds of supporting members, Crewl Underground Madness (cum) is a belgian blackhat group specialized in network in security, hacking, coding and phreaking. This group has been quiet lately, although they have gotten some press for some impressive work they did helping people in Africa. Generally this is a small and dedicated group of very highly skilled hackers and their supporters. We have reached out to this group several times over the years but have received no response. I still feel however that they would make excellent allies.

Soldier X
Web Site: http://www.SoldierX.com
This group began as a group of game hackers, and evolved over time into the full fledged cyber militia it is today. SOLDIER X was founded by Clinton H. Weir (Kefka/Ordune/Shto) in 1997 as a RPG group known as “SOLDIER”. RaT was appointed as the leader of the group. Other notable members included Blake and RPGMaster. SOLDIER quickly became the largest group as RaT started to get into programming. He got into programming with the help of „MaGuS, the the infamous creator of the „Fate X program series. SOLDIER wanted to make the whole AOL RPG’ing scene completely automated. He decided that they would do this with a test game application he created dubbed RaT Fighter 1.0 Beta.

Cult of the Dead Cow
Web Site: http://www.cultdeadcow.com
Founded in 1984. Based in Lubbock, Texas, Cult  of the Dead Cow (cDc) is one of the most accomplished and oldest hacker groups in the computer underground. The cDc is a leading developer of Internet privacy and security tools, which are all free to the public. The cDc Grand Imperial Dynasty includes a former Presidential Advisor on computer security, a Harvard researcher, a former U.N. official, an assistant district attorney, a professor of logic, an award-winning filmmaker, several published authors, a video game developer, an Eagle Scout, programmers of every sort, graphic artists, musicians, currency traders, and a Merovingian. For over twenty years, the cDc has proven itself as an innovative force in the computer underground. In 1984, the cDc invented the electronic publication.

High-Profile Hacks of 2011
June 9: Britain's National Health Service
LulzSec alerted the NHS that its network security was inadequate and publicized the hack without revealing any compromising information.
June 9: Citigroup
The banking and insurance giant announced that unknown hackers had penetrated its network security and made off with the personal identification information of some 200,000 clients.
June 8: Canada's Conservative Party
Hackers apparently upset by Prime Minister Stephen Harper's moves to regulate the Internet in Canada -- and by his re-election -- broke into his party's servers, planting a bogus story about how he had to be rushed to the hospital after choking on hash browns at breakfast.
June 6: Nintendo
 LulzSec compromised the U.S. servers of the gaming giant Nintendo. The hack, however, was more a prank than anything else. No information was stolen, and LulzSec admitted on its Twitter page that it "didn't mean any harm."
5 June 2011 - Sony Pictures Russia
Sony Pictures Russia database leaked
June 3: InfraGard
LulzSec defaced the website of InfraGard, an Atlanta-based firm that provides IT security to the FBI. LulzSec also leaked 700 megabytes of emails from InfraGard, as well as the personal information of 180 employees.
June 3- Sony Pictures
Sony Europe database leaked
3 June 2011: Iran
10,000 Iranian government e-mails stolen by Anonymous
June 1: L-3 Communications
Just days after hackers penetrated the networks of Lockheed Martin, U.S. defense contractor L-3 Communications admitted that it had suffered a network intrusion. Again, compromised authentication tokens from RSA were behind the breach.
June 1: Google Gmail
Chinese identity thieves used "spear phishing" to take over hundreds of Gmail accounts, including those belonging to senior American officials, Chinese political activists, military personnel and journalists.
May 29: PBS
LulzSec defaced the PBS website with a phony news story claiming that slain rapper Tupac Shakur is alive and living in New Zealand. LulzSec perpetrated the attack in retaliation for the PBS show Frontline airing a WikiLeaks documentary called "WikiSecrets."
 May 29– Honda Canada
Honda Canada reveals 283,000 records stolen.
May 27: Lockheed Martin
Lockheed Martin, the largest provider of IT services to the U.S. government and military, suffered a network intrusion stemming from data stolen pertaining to RSA's SecurID authentication tokens.
24 May 2011- Sony Music Japan hacked
May 17: NASA
A Romanian hacker calling himself "TinKode" took to Twitter on May 17, boasting that he had breached a computer server at NASA's Goddard Space Flight Center and gained access to confidential satellite data used to aid in disaster relief.
May 17: Massachusetts Executive Office of Labor and Workforce Development
Hackers used a Trojan to get into the network of the state labor agency, exposing the names, addresses, email addresses and Social Security numbers of an estimated 210,000 people.
May 16: Her Majesty's Treasury
Britain's Chancellor of the Exchequer, George Osborne, announces that the British treasury ministry has been under sustained cyberattack for months. He tells a conference that the ministry was receiving about 20,000 "spear phishing" emails per month, rigged with malware to open backdoors into the organization's networks, but that none had gotten through.
May 13: Fox Broadcasting Company
LulzSec breaks into a server hosting Fox.com and publish about 400 email addresses and passwords belong to employees of the Fox Broadcasting Company and local affiliate stations.
May 9: Anonymous
A disgruntled follower of the hacktivist movement turned on the group and took over message boards where Anonymous members chatted and planned attacks.
May 5: Sony
In what Sony called a third attack on its servers, an Excel spreadsheet showing the names and hometowns of entrants in a 2001 Sony-sponsored prize contest was posted online. But it turned out Sony itself had left the document exposed on a public website for 10 years until two different researchers found it using Google searches.
May 4: "The X Factor"

May 2: Sony Online Entertainment
Sony suddenly disconnects the network linking players of massive multiplayer games. It turns out the network's back end was breached at the same time as those of the PlayStation Network and Qriocity networks were, bringing the total number compromised accounts to 102 million.
April 25: New York Yankees
Major League Baseball's most successful (and sometimes most-hated) team struck out on user privacy when a team employee accidentally emailed an Excel spreadsheet containing the contact information for more than 21,000 season-ticket holders.  The attachment went to about 2,000 business contacts, but the Yankees were quick to state that no birth dates, Social Security numbers or financial information were among the data.
April 20: PlayStation Network and Qriocity
Sony explained that there had been an "external intrusion" that had forced the shutdown of the networks.  On April 26, it announced that intruders had accessed the user records of up to 77 million users, whose real names, email addresses, passwords, home addresses and telephone numbers had all been stored in unencrypted text
April 17: Oak Ridge National Laboratory
One of the main servers at the Department of Energy-run research facility near Knoxville, Tenn., was taken offline after administrators noticed large amounts of data in the process of being stolen.  Officials at the lab suspected a "spear-phishing" campaign had opened backdoors into the servers.  The lab was originally built to process plutonium for nuclear weapons, but now focuses on civilian nuclear, biological, chemical and information-technology research.
April 17: European Space Agency
A Romanian "gray hat" hacker — one who takes things mainly to embarrass their owners — got into the servers of the European Space Agency outside Paris, then posted user names, account information and passwords on his own website after letting ESA administrators know.
April 13: WordPress.com
WordPress.com, which makes and distributes the popular WordPress blogging platform, announced on April 13 that hackers had broken into the servers of Automattic, which host WordPress-based blogs. The intruders potentially made off with sensitive information such as source code and user passwords of WordPress' 25 million bloggers. In March 2011, WordPress.com was hit by a massive distributed denial-of-service attack.
April 4: Sony
Anonymous-affiliated hacktivists use DDoS attacks take down several PlayStation-related websites in retaliation for Sony's lawsuit against hacker George Hotz, who discovered the internal password to "jailbreak" the PlayStation 3 and posted the password online. 
March 30: Epsilon
At least 26 companies, including BestBuy, Capitol One Bank, Citi, JPMorgan Chase, TiVo and Walgreens, have their customer email lists stolen during a data breach at Epsilon, which handles e-mail communications for 2,500 companies worldwide. Passwords or other sensitive data was not taken.
March 29: European Parliament
In continuation of the previous week's attack on the European Commission and the European External Action Service, highly skilled hackers penetrated the network of the European Parliament in Strasbourg, France.
March 29: Australian Parliament
Sydney's Daily Telegraph learns that sophisticated hackers, thought to be working for Chinese intelligence, had for nearly two months been intercepting messages sent over the federal parliamentary email system.  Ten members of Parliament, including Prime Minister Julia Gillard and Australia's foreign and defense ministers, had their parliamentary computers compromised.  The Australian security services were reportedly tipped off to the breach by U.S. CIA and FBI.
March 27: MySQL.com
MySQL.com, the main website promoting the open-source database-management software suite, is hacked into by two Romanian "gray hat" hackers using, ironically, a SQL injection.
March 25: RIAA.com
Anonymous-affiliated hacktivists use a DDoS attack to bring down the website of the Recording Industry Association of America for about five hours. The attack was to protest a new RIAA lawsuit against the shuttered file-sharing service LimeWire.
March 24: New Zealand Department of Internal Affairs
Anonymous-affiliated hacktivists had promised to punish New Zealand's civil-service department for a new law that mandated Internet censorship of possible child pornography. The attack was supposed to take place March 28, but someone jumped the gun and took down the DIA's website for several hours.
March 24: TripAdvisor.com
The popular travel-planning website revealed that network intruders had made off with part of the membership email list.  No passwords or financial data were compromised, according to the company, but it did warn members to be ready for an uptick in spam.

March 23: European Commission, European External Action Service
On the eve of a major summit of European leaders to discuss the escalating crisis in Libya, the executive and diplomatic bodies of the European Union in Brussels came under sophisticated attack.  Internet access to the bodies was blocked, and staffers were asked to change their passwords. 
March 17: RSA
RSA, maker of SecurID authentication tokens, said its networks had been penetrated, and data stolen, by an "advanced persistent threat" .
March 17: Hollywood Starlets
Up to 50 young female celebrities had nude photos stolen from their email and smartphone accounts.  "High School Musical" star Vanessa Hudgens was said to be talking to the FBI.  The gossip website TMZ said the feds were closing in on the hackers, who were said to be motivated less by money than by the thrill of it.  Others who had nude photos circulating reportedly included Scarlett Johansson, Miley Cyrus, Jessica Alba and Christina Aguilera.
March 7: French Finance Ministry
Sophisticated hackers used "spear phishing" attacks to penetrate and steal sensitive documents from the French finance ministry. Most of the stolen documents pertained to to France's presidency of the Group of 20 association of leading-economy finance ministers.  Some of the data was forwarded to Chinese websites, but as an unnamed official told Paris Match, which broke the story, "that doesn't mean much."
March 4: South Korea
Directed denial-of-service (DDoS) attacks hit various websites in South Korea, including the presidential residence the Blue House and the country's two largest search engines.  Most withstood the onslaught.  Suspicion immediately fell upon North Korea, which was almost certainly behind a similar, though more powerful, attack in July 2009.
March 3: WordPress
The popular blogging service got taken down for several hours by what company founder Matt Mullenweg called the "largest and most sustained" DDoS attack in its six-year history.  Mullenweg suspected it may have been "politically motivated against one of our non-English blogs."
Feb. 24: WestboroBaptistChurch
On Feb. 24, Anonymous took down several websites associated with the controversial Westboro Baptist Church. A small but vocal Christian group that loves publicity and hates almost everything else, the Westboro Baptist Church pickets military funerals with signs reading "God Hates Fags" and "Thank God for Dead American Soldiers."
Feb. 22: Voice of America
On Feb. 22, pro-Iran hackers went after Voice of America the official news service of the United States government. This one was by a group calling itself the Iranian Cyber Army (ICA). In its hack on www.voanews.com, the ICA denounced what it saw as U.S. involvement in the ongoing revolutions in the Muslim world. The ICA manipulated the VOA homepage to read: “Mrs. Clinton Do you want to hear the voice of oppressed nations from heart of USA? Islamic world doesn’t believe USA trickery. We call on you to stop interfering in Islamic countries.”
Feb. 18: Canada
In mid-February, it was revealed that the Treasury Board, Finance Department and Defence Research and Development — Defence Research and Development Canada is a civilian military agency — were all breached in January by hackers believed to be operating in China. The hackers were seeking confidential information pertaining to financial and weapons information and data about oil and gas resources.
Feb 11: Iran
On Feb. 11, Anonymous took action against several Iranian government websites, standing in solidarity against what it called in a press release “the chains of oppression, tyranny and torture.” The distributed denial-of-service (DDoS) attacks were levied against the websites of IRNA, Iranian’s semi-official news agency, President Mahmoud Ahmedinejad and Ayotollah Ali Khomenei, but none were entirely successful.
Feb 6: HBGary Federal
On Feb. 5, Aaron Barr, chief executive of the Washington, D.C.-based security firm HBGary Federal, announced that he had unmasked the members of Anonymous, and would reveal their identities at a security conference later in the month. Wasting no time, Anonymous the following day took down the website of Barr’s company, hijacked Barr’s personal Twitter account and his boss’s LinkedIn profile, and posted more than 70,000 of Barr’s personal e-mails.
Feb. 5: Nasdaq
As reported in a Feb. 5 Wall Street Journal article, hackers for the past year had been targeting computer networks belonging to the Nasdaq stock exchange. But these online crooks weren’t after money. The hackers’ real target was Directors Desk, a cloud application owned by Nasdaq that stores financial records and reports for hundreds of Fortune 500 companies and more than 10,000 corporate board members.
Jan. 26: Utah, Michigan, Albania, Italy, the U.S. Army, etc.
In late January, a hacker hijacked more than a dozen top military, government and education websites. Among the hacker’s haul were the websites of the states of Utah and Michigan, the Italian government, the Albanian military, Singhania University in India and the U.S. Army’s Communications-Electronic Command (CECOM). The hacked websites were being sold for $55-$499 each on an underground market.
Jan 26: Egypt
Anonymous struck this time against Egypt’s official government websites. The attacks on the websites of the cabinet, Ministry of the Interior and Ministry of Communications and Information Technology were carried out after then-President Hosni Mubarak blocked citizens’ access to Twitter. Following Egypt’s five-day Internet blackout, Anonymous launched a second wave of digital protests, taking down sites in Egypt as well as in Yemen.
Jan 2: Tunisia

Top 10 Most Famous Hackers of All Time
In this article, we test the theory that truth is better than fiction by introducing you to ten of the most famous hackers, both nefarious and heroic, to let you decide for yourself.
Black Hat Crackers
The Internet abounds with hackers, known as crackers or "black hats," who work to exploit computer systems. They are the ones you've seen on the news being hauled away for cybercrimes. Some of them do it for fun and curiosity, while others are looking for personal gain. In this section we profile five of the most famous and interesting "black hat" hackers.
1. Jonathan James: James gained notoriety when he became the first juvenile to be sent to prison for hacking. He was sentenced at 16 years old. He installed a backdoor into a Defense Threat Reduction Agency server enabling him to view sensitive emails and capture employee usernames and passwords. James also cracked into NASA computers, stealing software worth approximately $1.7 million.
2. Adrian Lamo: Lamo's claim to fame is his break-ins at major organizations like The New York Times and Microsoft. Dubbed the "homeless hacker," he used Internet connections at Kinko's, coffee shops and libraries to do his intrusions. Lamo's intrusions consisted mainly of penetration testing, in which he found flaws in security, exploited them and then informed companies of their shortcomings. His hits include Yahoo!, Bank of America, Citigroup and Cingular.
3. Kevin Mitnick: A self-proclaimed "hacker poster boy," Mitnick went through a highly publicized pursuit by authorities. The Department of Justice describes him as "the most wanted computer criminal in United States history." His exploits were detailed in two movies: Freedom Downtime and Takedown.  He started out exploiting the Los Angeles bus punch card system to get free rides. Mitnick was ultimately convicted for breaking into the Digital Equipment Corporation's computer network and stealing software. He then hacked into computer expert and fellow hacker Tsutomu Shimomura's home computer, which led to his undoing.
4. Kevin Poulsen: Also known as Dark Dante, Poulsen gained recognition for his hack of LA radio's KIIS-FM phone lines, which earned him a brand new Porsche, among other items. Law enforcement dubbed him "the Hannibal Lecter of computer crime." Authorities began to pursue Poulsen after he hacked into a federal investigation database. During this pursuit, he further drew the ire of the FBI by hacking into federal computers for wiretap information. His hacking specialty, however, revolved around telephones.
 5. Robert Tappan Morris: Morris, son of former National Security Agency scientist Robert Morris, is known as the creator of the Morris Worm, the first computer worm to be unleashed on the Internet. As a result of this crime, he was the first person prosecuted under the 1986 Computer Fraud and Abuse Act. Morris wrote the code for the worm while he was a student at Cornell. He asserts that he intended to use it to see how large the Internet was.
 White Hat Hackers
Hackers that use their skills for good are classified as "white hat." These white hats often work as certified "Ethical Hackers," hired by companies to test the integrity of their systems. Others, operate without company permission by bending but not breaking laws and in the process have created some really cool stuff. In this section we profile five white hat hackers and the technologies they have developed.
1.  Stephen Wozniak: "Woz" is famous for being the "other Steve" of Apple. Wozniak, along with current Apple CEO Steve Jobs, co-founded Apple Computer. Woz got his start in hacking making blue boxes, devices that bypass telephone-switching mechanisms to make free long-distance calls. Wozniak built a blue box to call the Pope while pretending to be Henry Kissinger. He dropped out of college and came up with the computer that eventually made him famous. Jobs had the bright idea to sell the computer as a fully assembled PC board.
2. Tim Berners-Lee: Berners-Lee is famed as the inventor of the World Wide Web, the system that we use to access sites, documents and files on the Internet. He has received numerous recognitions, most notably the Millennium Technology Prize. While a student at Oxford University, Berners-Lee was caught hacking access with a friend and subsequently banned from University computers. w3.org reports.
3. Linus Torvalds: Torvalds fathered Linux, the very popular Unix-based operating system. Torvalds created the Linux kernel in 1991, using the Minix operating system as inspiration. He started with a task switcher in Intel 80386 assembly and a terminal driver. After that, he put out a call for others to contribute code, which they did. Currently, only about 2 percent of the current Linux kernel is written by Torvalds himself. The success of this public invitation to contribute code for Linux is touted as one of the most prominent examples of free/open source software.
4 Richard Stallman: Stallman's fame derives from the GNU Project, which he founded to develop a free operating system. For this, he's known as the father of free software. Stallman got his start hacking at MIT. He worked as a "staff hacker" on the Emacs project and others. He was a critic of restricted computer access in the lab. When a password system was installed, Stallman broke it down, resetting passwords to null strings, then sent users messages informing them of the removal of the password system.