So, after announcing an alleged hack to Italian Prison Guards, the threatening tweets anticipating the latest hack, have suddenly disappeared from @LulzSecITALY and replaced by a tweet announcing a day of relax. Of course the doubt if the announcement was a hoax or not remains… But in my opinion this is not the most relevant point of the story.
As a matter of fact this is only the last occurrence of a strange phenomenon that is changing the rules of hacking. In the old world, the attacks were performed silently, and disclosed (if discovered) only several months later and never because they were directly announced by the alleged authors.
What is happening after the example of Anonymous and LulzSec is a kind of “Consumerization of Hacking”, not only because the public availability of tools such as LOIC or TOR has allowed to enroll many “would-be” hackers, but most of all because in these strange days, advertising an attack, too often before performing it, has become even more important than the effect of the attack itself, that is the quality of the data leaked. In this scenario the social media play as a sounding board allowing a viral spreading of the information (which grants more importance to the action itself rather than to its content)
This trend has several consequences:
- Sometimes the attack are advertised even if they are not particularly sophisticated (for instance the massive DD0S campaigns), or the quality of the data stolen is irrelevant;
- Attacks are often anticipated or followed by many claims which make hard to identify the real author. Before or after an attack appears, different alleged authors claim the paternity (consider for instance the case of Italian Cyber Police Hack), also because many attacks of the last days are poor in quality, so that the author does not need to prove its skills.
- Also the quality of hacking is decreasing, as it often happens when something become available for (too) many, most of all because the many lack the necessary skills.
This dos not mean that information security professionals do not need to be worried, but only that the landscape is changing: more attacks, maybe less sophisticated, with an impact more quantitative than qualitative.
Have you ever tried to think to Stuxnet developers announcing with a pastebin their intention to stop the Iranian Nuclear Program, or a tweet announcing the Shady RAT, rather than the Mother of All Breaches disclosed by The Pentagon?
One could say that this attacks were mostly driven by military reasons, nevertheless honestly speaking, at this point I would not be surprised from Cyberwar Tweets announcing sensational operations in the fifth domain of war. Probably they are already between us even if hidden between us: this explains the intention for Department of Defense to invest millions in Twitter Tracking.