Reports surfaced Wednesday from McAfee security that more than 70 government organizations and corporations — including the New York offices of the Associated Press — had been hacked over many months.
This is huge news. It’s been called Operation Shady RAT — Remote Access Tool. But don’t let the name fool you. This is bad.
It's a bit of an open secret that our secrets are easy to open.
Hacking has been going on for at least a decade. In all probability, the attacks originated from China, something you can tell because their interests align fairly neatly with Things Netflix Would Suggest You Hack Next If You Were Interested In China — Hong Kong, the 2008 Beijing Olympics, potentially sensitive U.S. military information.
We are living in an age of constant and increasing cyberwar. This latest is only one more revelation in a recent spate of news about high-profile hacking, in addition to all the regular-profile hacking that goes on all the time, such as spear-phishing of personal e-mail accounts. Google has been targeted — the first time a major corporation went public. But other high-profile companies have fallen victim, too, including Sony and Lockheed Martin, as has RSA's SecureID technology, used for remote log-ins by governments and companies around the world.
This is a serious problem.
It’s not merely that we lead our lives and store all our personal information online — we do that, of course — but that high-tech systems are increasingly incorporated into the basic fabric of society, everywhere from the power grid to nuclear weapons to the sewage system. A cyberattack might put your Facebook out of commission and result in your getting a lot of oddly specific e-mails about ShoppyBagging. But it could also have serious ramifications for national security. And if there is one lesson that years of cyberattacks and a slight misinterpretation of the Matrix have taught us, it's that you can hack your way into almost anything. Keeping people out is far harder.
Shady RAT is a funny name. But generally, the funnier the name, the bigger the problem. Consider that for years Osama bin Laden’s code name was Crankshaft.
Phone hacking could bring down the Murdoch empire. Actual hacking could bring down the entire nation.
Everything these days is online — our information, our security systems, our power grid. If we live in an information economy, as we are frequently assured that we do, the kind of hacking just described amounts to theft to the tune of millions of dollars. This is hardly chickenfeed — or Angry Birdseed, or whatever the metaphor you’d like to use may be.
The trouble is that it is easier to undermine a system than to build a system invulnerable to attack, as the history of everything from Troy to Windows XP has suggested. So what do we do about it?
In cyberwar, the best defense is good offense. Our task going forward will be to make it clear to the source of these attacks that we have the capacity to retaliate in kind, and that trying any more funny business will result in some seriously unfunny business.
Silly name or not, this is no laughing matter.