Hackers: Coming Soon to a PC Near You
This just in: After 15 years, Tupac Shakur is still dead.
It seems reports of the rapper's resuscitation have been slightly exaggerated -- or, rather, completely fabricated by a hacking group calling itself Lulz Sec (and/or the Lulz Boat). That "group" took over the website of PBS NewsHour over the weekend and posted a story that Tupac, who was gunned down in internecine hip-hop combat on the streets of Las Vegas in 1996, is actually alive and well and living in New Zealand, raising sheep, no doubt, along with Biggie Smalls.
[ Want to cash in on your IT experiences? InfoWorld is looking for stories of an amazing or amusing IT adventure, lesson learned, or tales from the trenches. Send your story to email@example.com. If we publish it, we'll keep you anonymous and send you a $50 American Express gift cheque. ]
The reason for the hack? The Lulzers apparently took exception to a PBS story about WikiLeaks called "WikiSecrets." It/them also released links to PBS network logons and passwords, along with a statement:
"Greetings, Internets. We just finished watching WikiSecrets and were less than impressed. We decided to sail our Lulz Boat over to the PBS servers for further... perusing. As you should know by now, not even that fancy-ass fortress from the third s***y Pirates of the Caribbean movie (first one was better!) can withhold our barrage of chaos and lulz. Anyway, unnecessary sequels aside... wait, actually: second and third Matrix movies sucked too! Anyway, say hello to the insides of the PBS servers, folks. They best watch where they're sailing next time."
Well, if they hated the third "Pirates" movie, they'd better not go anywhere near the fourth one -- it sank shortly after leaving the harbor. Johnny Depp, you have now been warned. Also, Keanu Reeves your iPhone is vibrating; it's Anonymous on line one. Don't answer it.
This is the new rule, it seems. In the past, when you did something somebody else didn't like, you might get a sternly worded e-mail or maybe some crank phone calls. Now your website gets defaced, your passwords buttered all over the InterWebs, and dead rappers come back to life as hip-hop zombies.
I declared 2011 the Year of the Hacker back in February, and so far it has not disappointed. Last week Lockheed Martin suffered a massive cyber attack following a a hack at RSA Security two months ago, where the attackers presumably obtained the SecurID tokens for Lockheed's network. Then there was the attack on previously obscure security firm HBGary Federal, which angered the Anonymous hydra, and on Gawker Media last December, which similarly thumbed its snarky nose at 4chan and got pwned by a group calling itself Gnosis.
Of course, there's the ongoing nightmare of Sony and its many hacks, including at least one performed by these very same Lulzers. Those, you may recall, started as revenge for Sony going medieval on two PlayStation 3 hackers who posted jailbreak code that allowed PS3 fans to install unapproved and/or pirated software. I bet Sony is sorry now it didn't pursue a more nuanced solution to its PS3 problems.
There's a lesson here: Don't screw up. Ever.
Write a blog post someone disagrees with? Get hacked.
Cut somebody off in traffic? Get hacked.
Wear plaid shorts with a striped shirt? Get hacked.
This would be funny (at least, to those of us who weren't hacked) if it weren't also becoming deadly serious. The Pentagon is about to reclassify hack attacks from foreign entities as acts of war and will respond with physical force to virtual attacks as needed. Per the Wall Street Journal's Siobhan Gorman and Julian E. Barnes:
"One idea gaining momentum at the Pentagon is the notion of 'equivalence.' If a cyber attack produces the death, damage, destruction or high-level disruption that a traditional military attack would cause, then it would be a candidate for a 'use of force' consideration, which could merit retaliation.....
'If you shut down our power grid, maybe we will put a missile down one of your smokestacks,' said a military official."
I don't think it's a big leap to assume that if the Pentagon is going to respond with force to hack attacks, the cops won't be far behind. I think over the next few years we'll see legislation making hacking a much more serious crime than it already is and offering local law enforcement more resources to fight it.
In other words, if you're hacking, you'd better also be packin' -- a suitcase, at the very least, if not some heat.
In the meantime, welcome to the era of PO'd script kiddies with an ax to grind. Watch your step and buckle your seat belts, it's going to get bumpy.
Ever been hacked? Share your tale of woe below or email me: firstname.lastname@example.org.
This article, "Hackers: Coming soon to a PC near you," was originally published at InfoWorld.com. Follow the crazy twists and turns of the tech industry with Robert X. Cringeley's Notes from the Field blog, and subscribe to Cringely's Notes from the Underground newsletter.