The underground world of computer hackers has been so thoroughly infiltrated in the US by the FBI and secret service that it is now riddled with paranoia and mistrust, with an estimated one in four hackers secretly informing on their peers, a Guardian investigation has established.
Cyber policing units have had such success in forcing online criminals to cooperate with their investigations through the threat of long prison sentences that they have managed to create an army of informants deep inside the hacking community.
In some cases, popular illegal forums used by cyber criminals as marketplaces for stolen identities and credit card numbers have been run by hacker turncoats acting as FBI moles. In others, undercover FBI agents posing as “carders” — hackers specialising in ID theft — have themselves taken over the management of crime forums, using the intelligence gathered to put dozens of people behind bars.
So ubiquitous has the FBI informant network become that Eric Corley, who publishes the hacker quarterly, 2600, has estimated that 25% of hackers in the US may have been recruited by the federal authorities to be their eyes and ears. “Owing to the harsh penalties involved and the relative inexperience with the law that many hackers have, they are rather susceptible to intimidation,” Corley told the Guardian.
“It makes for very tense relationships,” said John Young, who runs Cryptome, a website depository for secret documents along the lines of WikiLeaks. “There are dozens and dozens of hackers who have been shopped by people they thought they trusted.”
The best-known example of the phenomenon is Adrian Lamo, a convicted hacker who turned informant on Bradley Manning, who is suspected of passing secret documents to WikiLeaks. Manning had entered into a prolonged instant messaging conversation with Lamo, whom he trusted and asked for advice. Lamo repaid that trust by promptly handing over the 23-year-old intelligence specialist to the military authorities. Manning has now been in custody for more than a year.
‘World’s most hated hacker’
For acting as he did, Lamo has earned himself the sobriquet of Judas and the “world’s most hated hacker”, though he has insisted that he acted out of concern for those he believed could be harmed or even killed by the WikiLeaks publication of thousands of US diplomatic cables.
“Obviously it’s been much worse for him but it’s certainly been no picnic for me,” Lamo has said. “He followed his conscience, and I followed mine.”
The latest challenge for the FBI in terms of domestic US breaches are the anarchistic cooperatives of “hacktivists” that have launched several high-profile cyber-attacks in recent months designed to make a statement. In the most recent case, a group calling itself Lulz Security launched an audacious raid on the FBI’s own linked organisation InfraGard. The raid, which was a blatant two fingers up at the agency, was said to have been a response to news that the Pentagon was poised to declare foreign cyber-attacks an act of war.
Lulz Security shares qualities with the hacktivist group Anonymous that has launched attacks against companies including Visa and MasterCard as a protest against their decision to block donations to WikiLeaks. While Lulz Security is so recent a phenomenon that the FBI has yet to get a handle on it, Anonymous is already under pressure from the agency. There were raids on 40 addresses in the US and five in the UK in January, and a grand jury has been hearing evidence against the group in California at the start of a possible federal prosecution.
Kevin Poulsen, senior editor at Wired magazine, believes the collective is classically vulnerable to infiltration and disruption. “We have already begun to see Anonymous members attack each other and out each other’s IP addresses. That’s the first step towards being susceptible to the FBI.”
Barrett Brown, who has acted as a spokesperson for the otherwise secretive Anonymous, says they are fully aware of the FBI’s interest in them. “The FBI are always there. They are always watching, always in the chatrooms. You don’t know who is an informant and who isn’t, and to that extent you are vulnerable.”
How computer hackers do what they do … and why
The image of lone teenager in a dark bedroom is outdated: hackers now are often gregarious and connected at all times
The only entrance requirements for becoming a hacker are an inquiring mind and plenty of time. These are things that young teenagers — especially, though not exclusively, boys — tend to have.
The classic — and outdated — picture of the hacker is of a teen sitting in his bedroom, obsessively coding something impenetrable on his own, waiting to unleash a terrible virus that will wreak havoc on computers around the world.
In fact modern hackers are a gregarious bunch, who have grown up in a world where instant messaging and video chatting makes it possible to be connected to people at all times.
Hacker conferences are often friendly events: Corley — who styles himself Emmanuel Goldstein, after the figure of hate in Nineteen Eighty-Four) — is a watchful but otherwise outgoing person. Conferences tend to be fun affairs, with people showing off their latest hacks.
The initial lure of hacking — getting past the security hurdles on computers that are intended to turn the vast majority of people away — is simply the achievement. There’s also the attraction of the fact that machines will do what you tell them, without argument, again and again. Once mastered, it’s a delicious power.
Hacking knows no national boundaries: China, the former Soviet states and Eastern Europe all have produced dangerously effective hackers. The US, Germany and Britain do so as well. Some of the better hackers may be persuaded to work for governments. The suspicion is that in China the most successful are given no option.
Hacking is possible because modern computer systems are so complex that there will always be a flaw to be exploited somewhere.
The web offers hackers a bell curve of targets: most are fairly secure, some are very secure, but there’s a long tail of sites running outdated software that can be exploited.
Roughly half of the world is using Microsoft’s Windows XP, which is 10 years old and — in its original form — riddled with security holes. Many of the copies used in the far east are pirated, and Microsoft refuses to let them be updated, which leaves the holes “unpatched”.
This is meat and drink to hackers, who can often call on widely distributed “hacking kits” that let would-be “l33t haX0rs” (elite hackers) target sites by clicking a few buttons.
Many start their hacking career by breaking into websites to deface them; this is regarded by their elders as the lowest form of hacking (getting caught is even lower).
The more time they spend doing it, the sooner they realise that a certain level of skills will make it possible to make money, either by stealing credit card details and using them to buy virtual goods, or by getting paid to create “malware” that others will pay for.
That might be programs that will silently take over a computer, or subvert a web browser so it goes to a particular site for which they get paid, or lace a website with commercial spam.
That is where the road forks. The commercial hackers do not go to conferences, and keep out of the public eye as far as possible, which can be hard when you are making serious money from it.
They are the ones who the security and police services try very hard to keep their eyes on by any means possible, including infiltration and coercion. – guardian.co.uk