Criminal and black hat hackers beware - If the U.S. government finds you, it is not going to be lenient.
The stakes are rising in the world of cybersecurity and the Obama administration is not taking it lightly. The White House has proposed to congress an increase in maximum jail time for criminal hackers whose acts are "potentially endangering national security" from 10 to 20 years, according to Reuters. With Anonymous and Lulz Security bouncing around hacking seemingly anything they want, the government is pounding its gavel with one of only powerful rhetorical messages - sticking criminals in the deepest, darkest dungeon for as long as possible.
There Are No Lulz In Prison
The proposal would double prison time for offenses in just about every cybersecurity category when it comes to the government. Instead of 10 years for threatening national security, the maximum would be 20 years. Computer thefts would rise from five years and $5,000 to 10 years and accessing a government computer would go from one year to three years.
There have been attacks on the U.S. Senate and public site for the Central Intelligence Agency within the past month along with attacks on the International Monetary Fund and U.S. defense contractor Lockheed Martin. The attack on the CIA looks like it was a simple distributed denial of service attack (DDoS) that took down CIA.gov. That is not a serious breach (if a bit of an embarrassment for the CIA) but the hackers involved would probably get 20 years in prison under the proposal.
Catch Me, If You Can
The Reuters report quotes Frank Cilluffo, director of George Washington University's Homeland Security Policy Institute saying "smoking keyboards are hard to find."
The problem for digital forensics teams is that it is very hard to track down criminal hackers. Hiding origin points of hacks is very easy through server mis-location and botnets that, by definition, have no definitive source.
The question becomes: is it worth it to track down "hacktivists" that "do it for the lulz?"
"It seems to me that there was a big difference between attacks like those perpetrated by hacktivists which brought down the CIA website, and serious organized infiltration of networks to steal confidential information," wrote Sophos Naked Security blogger Carole Theriault.
Big Time Hacks on the Rise
The attack on CIA.gov had the essence of a "because we can" type of hack. The CIA's forward-facing website may host some user information and a lot of public documents, but the actual functioning of the CIA, the U.S. intelligence community and military are much harder to crack. Those operations often function in a different plane of Internet (more like an Intranet) existence -- think of it like a giant mote or air bubble between the World Wide Web and internal military operations - that are very difficult to bridge.
But, breaches or take-downs are making news every week. Sony's PlayStation Network is the biggest example recently. Google has been responding to what it claims has been a concerted, persistent effort of hacks coming from the Chinese government (or at least hacker groups inside China ... is there any difference?). National security experts deal constantly with what they call "persistent threat" coming from either outside the country or criminal groups inside the U.S. It is a race for government and corporations to stay one step ahead. Yet, the fact of the matter is that persistent threat and sophisticated black hat hackers are not going to go away, even if a few of them do end up serving 20-year prison sentences.