International Journal on Criminology Volume 7, Number 1, Winter 2019/2020 | Page 51
International Journal on Criminology
has been hacked repeatedly. Considered by the Congressional Commission of Inquiry
to have been a total debacle—the worst shock in the history of American
Intelligence—TAO was penetrated to its very heart, eviscerated. According to the
Commission of Inquiry, the hackers, known as the Shadow Brokers, now know everything,
or nearly everything, about the NSA’s secret operations. In contrast, even
after eighteen months of internal investigation, Washington knows nothing about
them—not even the magnitude of the theft. Are they brilliant hackers? Moles?
Both? Nobody knows. Among other things, the Shadow Brokers have stolen all the
NSA’s cyber weapons designed for breaking through Windows and Linux firewalls.
The CIA is in no position to smirk, either. Its cyber intelligence has also
been penetrated, and its secret documents subsequently passed, en masse, to
Wikileaks—by whom? Once again, no idea. Then the NSA’s cyber weapons EternalBlue
and DoublePulsar found their way, perhaps sold, perhaps quietly smuggled
out, to some Chinese, Russian, or North Korean hackers, who are probably
not particularly hostile toward their own official agencies. And finally, these hackers
put together virulent ransomware (including WannaCry and NotPetya) that
has been ravaging the digital world since May 2017, blocking millions of computers,
and so on.
According to American insurance giant AIG, a big player in commercial
cyber risk, 2017 saw an explosive rise of more than 26 percent in ransomware attacks
(WannaCry etc.), probably carried out with state involvement. The company
estimates that the damage inflicted worldwide runs to 8 billion dollars.
In spring 2017, Action Fraud (the UK’s national fraud and cybercrime reporting
center) reported a sudden spike in online cyber fraud (alongside Wanna-
Cry attacks), rendering the digital security profession completely exposed: more
than 63 percent of reported episodes came from the business sector.
The Fundamentals of Hacking Going Forward
For experts, the term “cybercrime” covers a range of offenses, the foremost being:
• identity theft (real identities of real, physical persons)
• creation and use of fake identities (representing fictitious persons, and able to
pass the security checks of target organizations)
(These two kinds of identity fraud enable a whole range of thefts and scams, losing
US banks around 2 billion dollars a year.)
• use of ransomware to “kidnap”—that is, “encrypt”—data on servers belonging
to a company, a government department, or a municipal authority, and so on,
and releasing them in return for a payment in cryptocurrency.
• a range of digital incursions against companies and others in order to carry
46