Sunday, March 31, 2024

Why Hackers Are Now Breaking Their Own "Ethics"

 


It was just yesterday that I was writing a tentative outline for a possible course on Continuing Education (CE), at a nearby Junior College.  The proposed topic is on Penetration Testing, and I even wrote a blurb on the outline as to how Pen Testers are actually “Ethical Hackers”.  If you are new to Cybersecurity, you may be wondering, “OK, what is exactly hacking that is Ethical?”  Well, it does exist, and here is a technical definition for it:

“Ethical hacking is the use of hacking techniques by friendly parties in an attempt to uncover, understand and fix security vulnerabilities in a network or computer system.”

(SOURCE:  https://www.ibm.com/topics/ethical-hacking)

So as you can see from the above definition, the operative word is “friendly”.  In the world of Penetration Testing, the guys that do the actual hacking belong to what is known as the “Red Team”.  But they can only carry out their planned hacks with explicit and written consent for the client that they are doing it for.  But this now brings up another key point.

Even with the traditional “bad guy” hackers, there used to evolve a code of “Ethics” as well.  Hacking has been around since the 1960s, and since then, a certain code of cadence was created.  Examples of this include the following:

*Any entity that involved healthcare, and the delivery of life saving services, were completely of limits.  This means primarily hospitals and ERS.

*Critical Infrastructure could not be touched.  If it were to be, it would be considered an act of war by the impacted country, with the repercussions unthinkable (perhaps even a nuclear war).  But it is important to keep in mind here that Cyberattackers are pushing the envelope as far as they can, with the prime example being that of the Colonial Gas Pipeline attack.  Although the actual pipeline was not affected, it did affect the financial markets and the supply chain in a cascading effect.

More details on this can be seen at the link below:

https://www.cisa.gov/news-events/news/attack-colonial-pipeline-what-weve-learned-what-weve-done-over-past-two-years

*Individuals and businesses that were going to become a victim could only be hit once, and not anymore. 

*The COVID-19 pandemic also ushered in a new era of “bad guy” hacker Ethics, especially in the way of not targeting testing places and those entities providing the much-needed vaccinations.

But after the pandemic eroded away (it is still technically here, though), the rules of “Ethical Hacking” by the Cyberattacker has changed greatly. This has been brought up a lot by the covertness, stealthiness, and sophistication of Ransomware attacks.  For example, we are not just seeing computers being locked up and files encrypted, we are now seeing it in its worst form ever.  This includes the selling of PII datasets on the Dark Web and conducting Extortion like Attacks.

A lot of the disappearance of a kind of good gestures in “bad guy” hacking has been catalyzed by two main factors:

1)     The increased interconnectivity with just about everything (primarily brought on by the IoT).

2)     The advent of Generative AI.

In my own view, it is the latter which is the dominant force here.  For example, a Cyberattacker can easily create the source code for crafting a piece of malicious payload that can be deployed to launch a Supply Chain Attack (like the Solar Winds hack), or even use it to create a Phishing Email that it is almost impossible to tell the difference between a real one a fake one. 

Another unfortunate catalyst driving this new trend is the fact that many of the hackers are now getting much younger in age.  In fact, with so much that is available online and on the Dark Web, even a novice still in junior high school and rent a service called “Ransomware as a Service”, and have a third party launch a devastating attack for literally pennies on the dollar.

Also in the hacking circles, it has even become a badge of honor to attack high value targets, such as companies that are in the Fortune 500.  In fact, the Cyberattackers in this regard have become so brazen that will even leverage the media to their own benefit in order to fully advertise what they have done.  In a horrible sense, this is how a Cyberattacker adds to their “resume”.  More details on this can be seen at the link below:

https://www.darkreading.com/threat-intelligence/ransomware-gangs-pr-charm-offensive-pressure-victims

But this has also led to the take down of the more traditional Ransomware groups, such as “Black Cat”.  Heck, even Cyberattackers are snitching on their own brand so that they can remain at the top of the hacking list, with the “best reputation” that is possible.  More information about this can be found at the link below:

https://www.darkreading.com/cybersecurity-operations/feds-snarl-alphv-blackcat-ransomware-operation

My Thoughts On This:

Back in the day, hacking simply meant that somebody would just break into a computer system just to see what it contained, it was just a “curiosity” based attack.  But as it has been described in this blog, this is no longer the case.  Going into the future, just simply expect the worst.  Things will not get any better.  The more that you try to fortify your systems, the more the Cyberattacker is going to pound on your door.

For more information on what is expected in the way of hacks for 2024, click on the link below:

http://cyberresources.solutions/blogs/2024_Hacks.pdf

No comments:

Post a Comment

How To Launch A Better Penetration Test In 2025: 4 Golden Tips

  In my past 16+ years as a tech writer, one of the themes that I have written a lot about is Penetration Testing.   I have written man blog...