Why Malicious Hackers May Be a Reflection of Our Society
We are a proud soccer family. Our weeknights are filled with our 3 kids playing and practicing with each other down our basement (and daddy yelling at them for being too wild), driving them to multiple practices and excitement-filled games on the weekends. Soccer is a positive outlet for them, and they truly enjoy it. There is one exception: when my son’s team plays “Luigi’s” team (for the sake of anonymity, that’s not his real name). Luigi is about a head taller, two steps quicker and physically more mature than the rest of the players in the league. They are all the same age, but Luigi is advanced in these areas. These are all great traits and benefits for a young gifted player but his temper and recklessness make facing Luigi unenjoyable for parents and dangerous for players. Each game, my wife and I hold our breath, say a prayer and hope that nobody gets seriously hurt. I have no idea why our schedules cross so often, but with each passing game against Luigi, the post-game discussion in our car but also amongst many parents often muses over Luigi “sinking to a new low”.
This cliché of sinking to a “new low” is not limited to Luigi, as I am hearing the saying and reading about it daily. Turn on the T.V. to a cable news station or browse a news media site, and I am sure you will see countless headlines insinuating athletes, politicians, Hollywood, etc. hitting a new low. Social media sites are also full of clickbait headlines promoting new low articles. Personally, I find the polarization of it disheartening.
I began to put serious thought into my industry (cybersecurity), and how over the years cybercriminals continue to lower the bar in their criminal activities. I am reminded of the many well-documented accounts of elderly, widows and newlywed couples losing their home or life savings after being swindled by sophisticated online scams. The Nigerian fraudsters hustled hundreds of thousands of dollars from unknowing Americans and sent many of them spiraling into depression. The very nature of ransomware is bad enough (the idea of encrypting user’s data and holding that data captive until a ransom is paid), but what about a recent massive global ransomware cyberattack targeting hospitals: the attack forced several hospitals to shut down, thus putting hundreds of critical care patients at risk. How about cyber-attacks against America’s critical infrastructure? Because lots of these attacks may be getting successfully thwarted and not made public, doesn’t mean they aren’t happening. Have we already witnessed the lowest of the lows? I am not sure.
On January 31, 2018, the FBI with the U.S. Department of Education’s Office of the Inspector General released a joint notification titled, “Cyber Criminal Group Threatens Schools and Students”. The notification alerted school systems Nationwide of an extortion scheme focusing on public school systems. The extortion scheme is affiliated with TheDarkOverlord. TheDarkOverlord is a group of highly trained hackers who target businesses, governments and in this case-schools, to steal confidential information and then demand a ransom or risk the lease of their data collection publicly. Per the notification, TheDarkOverlord hackers have been responsible for at least 69 intrusions and the attempted sale of over 100 million records. The group is infamously known for their large-scale hack of Netflix, and the subsequent leak of the “Orange is the new Black” series. Unfortunately, their maliciously-focused targets have not only included high-profile companies like Netflix, but they have also shamelessly hit an Indiana cancer charity.
In September 2017, TheDarkOverlord group escalated its extortion tactics by using the collected data from an educational hack and then “threatening school shootings through text messages and emails directed at students, staff, and local law enforcement officials.” As you can imagine, these threats of violence caused much panic and even lead to a couple school districts shutting down. Recordings of panicked (and ticked!) parents returning calls to the hackers were made public, leading to additional embarrassment.
I apologize, as my heart is heavy. As I am finishing this article to go to print, we as a Nation just witnessed another horrific mass school shooting. The unimaginable (and unforgettable) effects that yet another troubled kid’s actions will have on so many families for the rest of their lives is crushing to consider. And yet, here at the forefront of the latest cyber threat tactics, we have a group of cybercriminals looking for a financial payout via threatening school shootings. Have we hit rock bottom yet, folks?
I started this article light-hearted talking about our enjoyment for the game of soccer, and our frustrations with an opposing player. Luigi is a decent soccer player, however, because of his God-given advantages (in height, strength and speed), he could be a great player. What we have seen is that his supporting cast doesn’t seem to be influencing him in a positive direction. His mother is very vocal, likes to pick fights with our parents and most times not only supports but praises the dirty and dangerous play. We have also seen no indication that his coach is trying to detour his actions. When his temper is lost, and he is spiraling out of control on the field, it often ends when a referee has him removed from the game. In speaking with one of our team-player’s dads, he mentioned how he would love to recruit Luigi over to our club. His raw talent is hard to find. But raw it is. He noted that with the right coaching, training and character building, we could build into his character, develop discipline and transform his raw energy into professionalism. He concluded, “[Luigi] would be a real force to reckon with.”
Because I love technology and its positive advancement of our world, I just cannot relate to the insatiable desire that hackers must push the “malicious” envelope. Our data is most certainly critical and valuable to us. When our machines or devices are encrypted or hacked, it is inconvenient, a violation of privacy and time-consuming. But recent revelations about TheDarkOverlord group threatening the safety (or lives!) of our children, our most prized possessions and treasures—well this goes beyond “a new low”. If scareware threatens and tricks us into clicking the wrong thing, I am not sure what we would term this kind of latest threat by the cyber-thugs.
When we face Luigi’s team, I use this relatable situation to help educate my son, and it lends itself to our cyber-topic today as well: Luigi is blessed with athletic gifts, but he needs to learn or be taught how to use them well. To play hard, but to be civil and demonstrate sportsmanlike conduct. Likewise, because of the advancement of technology for toddlers and even babies, there are so many technologically-talented and gifted kids being brought up in our world. We need to be aware of this and be actively building into them, because if we want to raise the (technical) bar in our favor, we need to start teaching our youth how to use their gifts for good and not evil. We need to move them from a reckless, selfish path to one of serving and doing good works, which provides its own rewards. Who doesn’t want a new generation of techie’s that are “a real force to reckon with” for the good of society.
It’s tempting to hear today’s headlines and shake our heads at the world as it goes to the dogs. But we can also take those headlines as a challenge to make a difference. If you are reading this magazine, you are some sort of techie. What if each one of us found a young techie and took him or her under our wing? Yes, it would take some time, and we might have to actually invest in someone other than ourselves. But it might make a difference. It might make the difference, in someone. One less injury on the field of life, or in the classroom, or in the cloud.
Thirtyseven4, LLC is dedicated to serving customers with a full palette of security solutions including AntiVirus, AntiMalware, Anti-Ransomware and Zero-Day Threat Protection.