2011: The year hacking goes mainstream

Chinese hackers attack oil companies, criminals attack Nasdaq, and now Bank of America wants to hack WikiLeaks. These days, if you're not a hacker, you're probably being hacked

I've said it before and I'll say it again.This will be the year of the hacker –- or rather, the year hacking goes mainstream.

It's been brewing for quite some time. According to McAfee, a team of Chinese hackers has been infiltrating computer networks for the world's largest oil and gas companies. Last week the Wall Street Journal reported that Nasdaq's network was penetrated (though not the Nasdaq market –- as far as we know). And the ongoing battle between Anonymous and the folks who are aiming to take it down is just heating up.

[ Also on InfoWorld, Cringely looks at the AOL-Huffington Post buyout and warns: The mediocre shall inherit the Web. | For a humorous take on the tech industry's shenanigans, subscribe to Robert X. Cringely's Notes from the Underground newsletter. ]

Before you fire up your email program or leap immediately to the comments to correct me: Yes, I know -- "hacker" isn't the right word for this kind of activity. Hackers are not necessarily criminals or even evil-doers. There are white-hat, black-hat, gray-hat, and the occasional houndstooth-hatted hackers.

The appropriate word for people who attack computer systems for their own nefarious criminal purposes is "cracker." But to most people, a cracker is either something you spread cheese on or someone you try to avoid at cocktail parties. These days everybody understands "hacker" –- at least, the Hollywood version. Sorry, but that's just the way it is.

And when hackers get tired of eating Doritos for dinner and have actual bills to pay, they grow up to be highly paid security consultants who are hired to do battle with their younger doppelgangers.

Case in point: The war between HBGary Federal, a security firm hired by the FBI to suss out who was behind the revenge attacks on assorted "enemies" of WikiLeaks and Anonymous.

Last weekend, HBGary CEO Aaron Barr made the fatal mistake of bragging to the Financial Times about how his firm had managed to infiltrate the computers of leading members of Anonymous. Per the FT:

Of a few hundred participants in operations, only about 30 are steadily active, with 10 people who "are the most senior and co-ordinate and manage most of the decisions," Mr. Barr told the Financial Times. That team works together in private internet relay chat sessions, through e-mail and in Facebook groups. Mr. Barr said he had collected information on the core leaders, including many of their real names, and that they could be arrested if law enforcement had the same data.

You'd think he'd know better. But no. Sure enough, HBGary's servers got hacked and Barr's Twitter account got hijacked by, yes, Anonymous. They posted Barr's address, phone number, and Social Security number on his Twitter feed, and sent out numerous taunting tweets on his behalf. They also hacked HBGary's website and replaced it with this message, which reads in part:

You have blindly charged into the Anonymous hive, a hive from which you've tried to steal honey. Did you think the bees would not defend it? Well here we are, You've angered the hive, and now you are being stung.

1 2 Page 1
Page 1 of 2