Underground: Hacking, madness and obsession on the electronic frontier - Suelette Dreyfus

Attacks on security experts are still common, but a new trend is the increase in attacks on other hackers' systems. One Australian hacker joked, `What are the other hackers going to do? Call the Feds? Tell the AFP, "Yes, officer, that's right, some computer criminal broke into my machine and stole 20000 passwords and all my exploitation code for bypassing firewalls".'

For the most part, elite hackers seem to work alone, because of the well-advertised risks of getting caught. There are still some underground hacking communities frequented by top hackers, most notably UPT in Canada and a few groups like the l0pht in the US, but such groups are far less common, and more fragmented than they used to be.

These hackers have reached a new level of sophistication, not just in the technical nature of their attacks, but in their strategies and objectives. Once, top hackers such as Electron and Phoenix were happy to get copies of Zardoz, which listed security holes found by industry experts. Now top hackers find those holes themselves—by reading line by line through the proprietary source code from places like DEC, HP, CISCO, Sun and Microsoft.

Industrial espionage does not seem to be on the agenda, at least with anyone I interviewed. I have yet to meet a hacker who has given proprietary source code to a vendor's competitor. I have, however, met a hacker who found one company's proprietary source code inside the computer of its competitor. Was that a legal copy of the source code? Who knows? The hacker didn't think so, but he kept his mouth shut about it, for obvious reasons.

Most of the time, these hackers want to keep their original bugs as quiet as possible, so vendors won't release patches.

The second popular target is source code development machines. The top hackers have a clear objective in this area: to install their own backdoors before the product is released. They call it `backdooring' a program or an operating system. The word `backdoor' is now used as both a noun and a verb in the underground. Hackers are very nervous discussing this subject, in part because they don't want to see a computer company's stock dive and people lose their jobs.

What kind of programs do these hackers want to backdoor? Targets mentioned include at least one major Internet browser, a popular game, an Internet packet filter and a database product used by law enforcement agencies.

A good backdoor is a very powerful device, creating a covert channel through even the most sturdy of firewalls into the heart of an otherwise secure network. In a net browser, a backdoor would in theory allow a hacker to connect directly into someone's home computer every time he or she wandered around the World Wide Web. However, don't expect hackers to invade your suburban home just yet. Most elite hackers couldn't care less about the average person's home computer.

Perhaps you are wondering who might be behind this sort of attack. What sort of person would do this? There are no easy answers to that question. Some hackers are good people, some are bad, just like any group of people. The next generation of elite hackers are a diverse bunch, and relaying their stories would take another book entirely. However, I would like to introduce you to just one, to give you a window into the future.

Meet SKiMo.