The May 13th issue of Ziff Davis's weekly eWeek magazine published an article on page 32 entitled "Hackers attack public, private sectors."
The eWeek report discussed how a hacker calling itself the Deceptive Duo broke into bank and US Government Web sites, defacing home pages to prove that it had been there. In doing so, the dynamic duo also stole data from the databases, in the name of alerting the Web site owners to the inadequacy of their firewalls and security defenses.
Now some folks contend that this hacking "service" is a virtuous, noble, and altruistic thing to do in these days of heightened national security. Indeed, in the recent past, eWeek itself actually hosted Web sites dedicated to being hacked.
The magazine then ran prominent feature articles revealing the detailed procedures used to fracture site security. Finally, the hackers were actually treated to front page editorial coverage and given some dubious awards for their efforts.
Servicing The People
The argument made by the so-called Deceptive Duo is that its mission is a service to the people. The Duo claims its purpose is to "locate and scan critical cyber-components of the United States of America for vulnerabilities (sic) creating a foreign threat, while remaining undetected."
In performing its "duty," the Deceptive Duo snatched a database from the US Geological Survey, and additionally hacked sites at the Defense Logistics Agency, Sandia Labs, the California Department of Transportation, and the National Institute of Standards and Technology.
While graciously alerting folks to the possibility of "locating and scanning critical cyber-components," the Duo released the names and passport numbers of employees at the US Geological Survey. This information---not to be confused with data---also publicized the telephone numbers of some employees, revealing their e-mail addresses, some account numbers, and even their Social Security numbers.
According to a communiquż from the Duo, its work is well received by system and IT administrators. Has the Duo asked how well their "work" is being received by the folks at US Geological Survey whose personal information was compromised? I think not.
Techno-Hoods, Or Knights Of Digital Virtue?
Since the days of bulletin boards and dial-up access lines, hackers have enjoyed a kind of technology-oriented Robin Hood status. Even as they transgress sacred ground, they're more often than not lauded by the press, honored and praised by journalists, and admired by the common man.
Would these knights of digital virtue be equally praised if they broke into your local bank under cover of darkness, forcing their way into a vault using crowbars and acetylene torches? I think not.
If I broke into your castle, using whatever means necessary, regardless of how clever I was in sidestepping your home burglar alarm and security cameras, would you admire my ability in the name of rectitude? Would you call off the cops and implore the judge to release me because I had exposed vulnerability in your dwelling's defenses against common midnight robbers? Again, I think not.
Isn't it about time that we level the playing field for hackers? Hiding anonymously behind their computers, far from prying eyes, they're scoundrels, nothing more---regardless of their questionable skills. Just as gutless robbers conceal themselves under cover of darkness, wearing badger-like masks and hoods, so too do these cowards who call themselves the Deceptive Duo.
Worse, the Duo and their ilk are deceptive outlaws. They're deceiving the editors at eWeek, the system administrators they target, and the general public at large. It's about time that we treat hackers who steal information as common criminals---in all cases. It's past time for us to tear off their masks and expose them for what they are. A rose by any name is still a rose. A robber by any name is still a thief.
