International Journal on Criminology Volume 7, Number 1, Winter 2019/2020 | Page 51

International Journal on Criminology has been hacked repeatedly. Considered by the Congressional Commission of Inquiry to have been a total debacle—the worst shock in the history of American Intelligence—TAO was penetrated to its very heart, eviscerated. According to the Commission of Inquiry, the hackers, known as the Shadow Brokers, now know everything, or nearly everything, about the NSA’s secret operations. In contrast, even after eighteen months of internal investigation, Washington knows nothing about them—not even the magnitude of the theft. Are they brilliant hackers? Moles? Both? Nobody knows. Among other things, the Shadow Brokers have stolen all the NSA’s cyber weapons designed for breaking through Windows and Linux firewalls. The CIA is in no position to smirk, either. Its cyber intelligence has also been penetrated, and its secret documents subsequently passed, en masse, to Wikileaks—by whom? Once again, no idea. Then the NSA’s cyber weapons EternalBlue and DoublePulsar found their way, perhaps sold, perhaps quietly smuggled out, to some Chinese, Russian, or North Korean hackers, who are probably not particularly hostile toward their own official agencies. And finally, these hackers put together virulent ransomware (including WannaCry and NotPetya) that has been ravaging the digital world since May 2017, blocking millions of computers, and so on. According to American insurance giant AIG, a big player in commercial cyber risk, 2017 saw an explosive rise of more than 26 percent in ransomware attacks (WannaCry etc.), probably carried out with state involvement. The company estimates that the damage inflicted worldwide runs to 8 billion dollars. In spring 2017, Action Fraud (the UK’s national fraud and cybercrime reporting center) reported a sudden spike in online cyber fraud (alongside Wanna- Cry attacks), rendering the digital security profession completely exposed: more than 63 percent of reported episodes came from the business sector. The Fundamentals of Hacking Going Forward For experts, the term “cybercrime” covers a range of offenses, the foremost being: • identity theft (real identities of real, physical persons) • creation and use of fake identities (representing fictitious persons, and able to pass the security checks of target organizations) (These two kinds of identity fraud enable a whole range of thefts and scams, losing US banks around 2 billion dollars a year.) • use of ransomware to “kidnap”—that is, “encrypt”—data on servers belonging to a company, a government department, or a municipal authority, and so on, and releasing them in return for a payment in cryptocurrency. • a range of digital incursions against companies and others in order to carry 46