International Journal on Criminology Volume 2, Number 1, Spring 2014 | Page 15

The Behavioral Intelligence Paradigm in Fighting Cyber-Crime
The Cold War and the underground
battle for a free Berlin played a determinant
role in the evolution of the hacking
culture of the late 1980s. The Clifford Stoll
episode (an LBL astronomer who accidentally
discovered a computer intrusion from
West Germany in his laboratory) was the
first case to raise the importance of agency
coordination and the difficulties of attribution
in international computer attacks
(Stoll 1989). This case is also one of the
early symptoms (1986) of yet to come advanced
persistent threats, highlighting the
complexity and sophistication of intrusion
campaigns (for details see Stoll’s article,
1988 2 ).
The early 1990s are hence concomitant
with the emergence of the criminal
sub-culture of hacking. In the 1980s, cracking
events that led to theft or large-scale attacks
were rare. Two notable exceptions are
the 1986 Pak Brain logic bomb, known as
the first virus, and the 1982 First National
Bank of Chicago computer theft ($70 M
USD). The “Great Hacker War” (conflict
between Masters of Deception and Legion
of Doom, circa 1991–1992) is an example—today
disputed as an exaggeration of
trivial confrontations—of the interpersonal
dynamics of the early 1990s. A blend of
prestige seeking, bravados, and playfulness
were the core incentives of these early confrontations
3 . The publication of exploits by
hackers’ groups triggered, however, the interest
of Law enforcement. Operation Sundevil,
in 1990, was hence the first large-scale
cyber-enforcement operation, involving
15 U.S. cities and leading to three arrests 4 .
Most cyber-crimes involved wire-tapping,
calling card fraud, and credit card fraud.
The relative failure of this operation led to
an increased awareness of the central role
of cyber-deterrence for federal agencies
(Sterling 1994).
Publications such as 2600 and the
rise of the cyber-space participate in a democratization
of cracking, phreaking, and
hacking techniques, which render them
more versatile to their use “beyond technology”.
Focus on distant control, resident
threats (democratization of Trojans) creates
both a more organized criminal sub-culture,
and the birth of a societal reach for the
attacks (see Figure 2).
While attack preparation is targeted
to single point of aggression, the early
2000s is adopting a whole new dynamic.
The rise of electronic commerce means a
better monetization of cyber-crime with an
expectation of large-scale profits for organized
crime. The digitalization of the cultural
industry (MP3s) creates an appeal for
the popular growth of cracking. Profiles of
hackers accordingly change in two directions:
on the one hand, amateur crackers
(script kiddies and mass market consumers)
start to use without advanced knowledge
available tools (P2P file sharing and
cracking “CDs”). On the other hand, malware
production becomes a profitable black
market. Corruption of DNS paths, denial-of-service
attacks, defacing campaigns,
and corporate thefts find a rapid monetization.
The years 2000–2002 are among
the most active in malware generation with
viruses such as ILOVEYOU, Klez.h., Code
Red, etc. The group Anonymous is created
in 2003 as a loosely coupled and spontaneous
coordination of various interests,
ranging from militant activism, cracking
2
http://pdf.textfiles.com/academics/wilyhacker.pdf
3
http://www.textfiles.com/hacking/modbook4.txt
4
Anthony Lawrence Clapes, Softwars: The Legal Battles for Control of the Global Software Industry. (Westport,
CT: Quorum Books, 1993).
13