First of three parts
TWENTY-Year-old Kyuubei is a hacker, and he’s good at what he does.
Lanky and standing at 5″3′, he passes off as a regular among thousands of college students in the country’s largest engineering educational institution. He slacks, procrastinates and crams for his academics. Kyuubei, his preferred alias, admittedly never topped the class: His real talents lie somewhere he deems more practical and
useful outside the four corners of a classroom.
He started young. In fifth grade, autorun viruses that were captured in storage devices were spreading like wildfire. Kyuubei decided to venture out and look deep into the Internet for communities centered on hacking and specialized in dealing with malicious software (malware).
There, he stumbled upon a fellow enthusiast “Tear[A]Door” whom Kyuubei credits to having spawned the vbscript-worm generator that allows users of the program to construct viruses of their own. He also met “alcopaul,” who has mastered and is one of the creators of the Joint Photographic Experts Group infector malware. Their conversations became regular correspondences. Kyuubei was hooked.
“It looks cool, like in the movies, where you type and code and you look like you really know what you’re doing,” he said in an interview. “But in real life ,you look stupid reading logic functions and algorithms.” The computer engineering major said he is a “master of none” and knows only basic hacking. Nevertheless, he already managed to infiltrate a government web site one morning in May 2011 while he was still in high school. Along with a fellow hacktivist, who uses technology mainly for political agenda, they used the handle “BatangMahiligMagBatibot” and defaced the “What’s New in DILG” tab in the Department of Interior and Local Government home page.
Originally, the tab would take
viewers to a page with a current news blast. Kyuubei and his companion capsized the page and flashed the logo of an infamous pornography site. It was instantly taken down the same evening.
A few weeks later, he teamed up with the group “Puella Magi Madoka Magica Squad [PMMMS]” and vandalized several sites, namely, the WWF Philippines, EarthHour and science.ph, leaving animé videos on their trail.
Sans Kyuubei, the same group was credited for allegedly hacking into the Bureau of Customs web site later on. Upon confirmation, it was not the
PMMMS that terrorized the web site but Philker, a different group who noted the weak defenses of government web sites. This compromised several sensitive information, including usernames, passwords and confidential government data. The hackers also put up a page, redirecting to a message that explained the group only wanted to impose a warning to the public. “May this deface serve as a reminder that you always have to look out for intruders. No matter how intelligent and competent your computer personnel are, there will be unethical hackers that are constantly working on
breaking in your security,” a part of the message said.
Elections at risk
PETER Sparks, senior director of Symantec’s Cyber Security Services for Asia Pacific and
Japan, said in a conference that large-scale events have a vast tendency to trigger malicious attacks. “People should be on the lookout for them, especially that the country is so focused on electing prominent government officials,” Sparks said.
A couple of days before the 2013 midyear elections, web sites of several government agencies were compromised by a Distributed Denial of Service (DDoS) attack. DDoS attacks are the most common form of cybersecurity breach, a well-coordinated attack aiming to interrupt the normal traffic on the web site. According to IP Converge Data Services Inc. (IPC), DDoS disrupts the regular functions of a web site, triggering a crash in the system.
IPC, an Internet-data center, telecommunications and cloud-services company, said that DDoS attacks enables hackers to manipulate any part of the site that they decide on interfering with depending on the assailant’s agenda.
DDos attacks may also be a logistical façade, according to Sparks. There might be more to an attack defacing a web site. This may only be a diversion to cover up for a larger attack ongoing behind the scenes, like pilfering data or classified
information. Niño Valmonte, IPC director of Product Management and Marketing, said in an interview the worst case scenario for the elections would be the hacking of a Precinct Count Optical Scanner (PCOS) machine to manipulate the election results. “Launching DDoS attacks on a web site showing partial results [examples are Comelec or Namfrel] to incite speculation is also possible. Attackers may also create malware that could give them a way to steal crucial information from PCOS machines or other unprotected and/or unsecured government computers,” he said. According to Valmonte, there may be various reasons as to why cyberattacks are launched. It could be for money, intimidation, hacktivism and other personal motivations.
Data from Symantec shows that on an estimate, hackers earn billions, trillions maybe, globally through cybercrime, espionage, subversion and sabotage, the losses and cost of damage not included. Because of the covert illegal operations, precise numbers could not be determined as to how much money is generated from cybercrime.
However, Kyuubei said this may be an overkill, except for the mafia groups that, according to him, are mostly of Chinese decent with wide-scale
botnets. At the moment, their DDoS services stands at $300 per hour.
Nationwide threats
FOR the time being, Kyuubei linked up with Anonymous Philippines. Most of his obligations with this group involved hacking government web sites and putting up their success in Facebook, making them instant celebrities in their respective cyber communities.
Anonymous Philippines has been credited for countless cyberattacks in the country. Information-technology experts regard it as the largest hacktivist group in the Philippines, tampering with government web sites to publicly express their political woes. The social media has become an effective outlet in spreading the group’s agenda. Aside from web site defacement, Kyuubei
relished aggravating system administrators whom he accuses of letting their guards down.
“I mess with the ‘friendly neighbor’ system administrators in the government for not properly [doing] their jobs,” the hacker said. Admittedly, he said that compared to the years 2011 and 2012, government web sites have considerably improved in terms of security.
“Before, it was very easy to check e-mails of government employees
because the web sites were so exploitable. Now some government web sites are using CloudFlare so it did level up a notch,” he said. “[The web sites are] a bit more secured than before.”
CloudFlare is one of the many cloud services that offer online protection. The most common cloud service
resources are Software as a Service, Platform as a Service and Infrastructure as a Service. These coincide with IPC’s insight that cloud-based solutions will be more beneficial to the ease and speed of deployment of the web sites. These softwares optimize Web pages to peak performance and prevent malwares from blocking web-site traffic and help decrease other forms of attacks.
“Any form of technology is
vulnerable to attacks,” Valmonte said. “In order to ensure the security of the elections, the Philippine government can take advantage of technologies available in the market today.”
To be continued