Russian Hackers? Nah. Three kids playing hardball in Minecraft
To the average person, the Internet is just magic. They have no clue how it works or how you can mess with it. That ignorance makes it easier for TPTB to create boogeymen, like "Russian Hackers". But, techies, sometimes, are more interested in the facts instead of politics. Hence, this interesting story about the Mirai botnet in Wired Magazine (which I have called "Hacker of Fortune" since the day it was founded).
The most dramatic cybersecurity story of 2016 came to a quiet conclusion Friday in an Anchorage courtroom, as three young American computer savants pleaded guilty to masterminding an unprecedented botnet—powered by unsecured internet-of-things devices like security cameras and wireless routers—that unleashed sweeping attacks on key internet services around the globe last fall. What drove them wasn’t anarchist politics or shadowy ties to a nation-state. It was Minecraft.
The Wired story is very solid investigative technical reporting. It is a readable, if somewhat lengthy, whodunit. If you have ten minutes, it is worth a read. The rest of the quotes are from that story.
The story is about the tech itself, and Russian hacking only comes in for an incidental mention:
Coming just weeks before the presidential election—one in which US intelligence officials had already warned about attempts by Russia to interfere—the Dyn and Mirai attacks led officials to worry that Mirai could be harnessed to affect voting and media coverage of the election. The FBI team scrambled for a week afterward with private-industry partners to secure critical online infrastructure and ensure that a botnet DDoS couldn’t disrupt Election Day.
What is really fascinating about the story is the monster that the Minecraft ecosystem has evolved into:
The huge income from successful (Minecraft) servers had also spawned a mini cottage industry of launching DDoS attacks on competitors’ servers, in an attempt to woo away players frustrated at a slow connection. (There are even YouTube tutorials specifically aimed at teaching Minecraft DDoS, and free DDoS tools available at Github.) Similarly, Minecraft DDoS-mitigation services have sprung up as a way to protect a host’s server investment. The digital arms race in DDoS is inexorably linked to Minecraft, Klein says.
...according to court documents, the primary driver behind the original creation of Mirai was creating "a weapon capable of initiating powerful denial-of-service attacks against business competitors and others against whom White and his coconspirators held grudges.”
After a year of Russian hacker hysteria, the fact is that three non-state-actors were the perps for one of the few genuine (as opposed to media crapola, like the Vermont power company "hack") and truly dangerous hacks of the recent past. I predict this story will get no further coverage. The circumstance that the trial happened to be held in Anchorage, Alaska will help keep it off the front page.
To drive home the point that the major hack was just another day on the Wild West Internet, we learn what the perps had been up to since then:
They’d given up DDoS attacks for something lower-profile—but also lucrative. They were using their botnet to run an elaborate click-fraud scheme—directing about 100,000 compromised IoT devices, mostly home routers and modems, to visit advertising links en masse, making it appear that they were regular computer users. They were making thousands of dollars a month defrauding US and European advertisers, entirely off the radar, with no one the wiser. It was, as far as investigators could tell, a groundbreaking business model for an IoT botnet. As Peterson says, “Here was a whole new crime that industry was blind to. We all missed it.”
"a groundbreaking business model for a botnet" - this is beyond Pottersville. This is gangsterism. It pulls back the curtain on what a dirty mess the non-dark internet is. Who needs the dark net when Minecraft is a trade school for hackers?
Every service the corporations force onto the internet, either to extract a fee or to gain control over users, is another can of gasoline that we slosh onto our civilization. One of these days someone is going to toss a match.
The lack of genuine, public interest regulation of a
potentially proven dangerous technology has been caused by a techno-libertarian propaganda campaign praising the "freedom" of the internet. But, freedom for whom? Freedom for hacker crooks. Freedom for corporate tax dodgers, like Amazon.
What few cops are on the beat are either FBI folks, who see state actors when there are none, or corporate-funded security centers that are interested in protecting corporate property (i.e., the internet itself) and reputation - and not really worried about free speech or honest elections. This convergence of law enforcement and corporate security is another red line that no one seems to be tracking.
When WW3 comes, it will start on the internet. If we are lucky, all that will be blown up is our financial system and our libraries of data.