Washington, 30 November 1998 (RFE/RL) -- A U.S. expert on the phenomena known as computer hacking -- or making unauthorized entries into someone else's computer system -- says the practice is spreading from the U.S. and other information age countries to every corner of the globe, including Eastern Europe and Russia.
According to Gerald Kovacich, President of Information Security Management Associates, computer hacking is becoming more commonplace as an increasing number of people around the world purchase personal computers and log on to the Internet to conduct both personal and official business.
Kovacich, who has been in the business of computer security for more than 35 years, told RFE/RL that as computers and computer networks have grown more sophisticated and complex, so have the people who hack into them.
Kovacich says it is interesting to note that the word "hacker" originally had positive connotations when it first came into use in the U.S. more than a decade ago. He says a hacker was known to be just a computer enthusiast or someone who enjoys tearing apart computers and discovering what makes them work.
But Kovacich says as the popularity of the Internet grew and crimes began to be more frequently committed on the network, eventually the word became co-opted by the media which began labeling all people breaking into systems as hackers.
Kovacich says there are basically three types of hackers.
First, he says there is the "curious hacker" -- a person only wants to learn about computers. They have no intention to do damage, destroy or harm any system, he says. But since hacking of any kind, with or without intention to do damage is illegal in the U.S, Kovacich says that person is still breaking the law.
The second kind of hacker, says Kovacich, is known as the "meddler." He says this person is more of a vandal and a snoop, and may have some desire and intention to do damage.
The third type of hacker is the "criminal," says Kovacich. The criminal is very purposeful and destructive, and goes to Internet sites with the intention to steal information for criminal purposes such as conducting economic or industrial espionage or modifying or destroying information, he adds.
Hackers are now beginning to make regular headlines in countries around the world, including Eastern Europe and the former Soviet Union.
In Russia, perhaps the most notorious hacker to make the news was Vladimir Levin. In the early 1990s, Levin managed to hack into one of America's largest financial institutions, Citibank, and transfer 10.4 million dollars to his own accounts in a half dozen countries around the world. Although he was arrested in 1995 and pleaded guilty to a series of charges earlier this year, Levin was one of the first examples of how hacking is becoming a growing problem in Eastern Europe and countries of the former Soviet Union.
Another more recent, yet well-publicized, case took place in Russia in the southern city of Rostov-On-Don. According to reports from Itar-Tass, a computer hacker was arrested for trying to penetrate Rostsberbank's computer network and transfer funds to another account. The unnamed hacker, who ended up being a Rostsberbank's employee, failed in his attempt to penetrate the network when bank employees noticed the computer program and blocked his account. According to the news report, it was the first attempt of its kind in the Rostov region.
In fact, hacking is becoming so pervasive in Russia that on November 16, the first deputy director of the Federal Security Service, Viktor Cherkesov, announced that an agency for computer and information security had been established at Russia's Federal Security Service.
Cherkesov said the new agency will be responsible for the organization and implementation of measures to detect and prevent computer-related crime. He also pointed out that it was the first time information security had been ranked as equally important as political, defense, and economic security in Russia's national security strategy.
But Kovacich says that criminal hackers are not the only ones posing a threat to the world's economies and businesses. He says there is another brand of hacker on the rise -- one who breaks into computer systems for political purposes.
For example, Kovacich cites a case where at the end of October, a group of Serbian hackers called "Crna Ruka" (Black Hand) broke into the Internet site of the Croatian state-owned newspaper Vjesnik and wrote slogans like "We're fighting for the truth and for Serbia."
In retaliation, Croatian hackers penetrated the site of the Serbian National Library, blocking access and writing their own slogans like "Read Vjesnik and not Serbian books."
A similar incident happened in China, says Kovacich, when the government's new official human rights page was penetrated by a hacker who made a banner to the site using obscenities and labeling the site as "propaganda."
Kovacich says that there have also been other well-known cases ranging from animal rights activists breaking into web sites of businesses that sell fur to indigenous Indians in Mexico breaking into government sites to register their complaints.
Explains Kovacich: "It's almost a vigilante mentality appearing on the Internet today. And as the Internet grows, so will this kind of political activity."
Of particular concern to many nations around the world, and especially the U.S., is the possibility that terrorists will either employ the use of hackers or develop the skills themselves to wage what some experts are calling "cyberterrorism."
Daniel Kuehl, Chairman of the Information Operations Department at the National Defense University in Washington, told RFE/RL that cyberterrorism is a real threat.
He says as societies become increasingly reliant on computer-controlled infrastructures there is a good chance for either government-motivated or terrorist-motivated interference.
Kuehl cites a potentially devastating scenario when Dutch hackers broke into U.S. military computers during the Gulf War and then offered their services and expertise to Saddam Hussein -- for a price.
Explains Kuehl: "(Saddam) turned them down, but now you have the capability for a new (breed) of hackers -- ones I've been calling 'cyber mercenaries.' They offer their skills for hire to either a government or a non-state organization, or to something else."
Kovacich also sets up another possible cyberterrorist scenario. He creates a hypothetical terrorist group that is smart enough to break into the U.S.'s Internal Revenue Service (IRS) and cause a $5,000 check to be sent out to every American with a social security number. The terrorists are then able to scramble or wipe out the database so it would be difficult to determine who had received such a check.
The move would certainly generate sympathy from the American people, Kovacich says, since the IRS is one of the nation's most feared and disliked institutions in the U.S.. It would certainly be more effective than blowing up a bus of schoolchildren or blowing an airplane out of the sky, he adds. Moreover, he says the damage that would be done financially to the U.S. would be significant and might also result in a long delay in fixing and recompiling the records.
Says Kovacich: "Think about it. What kind of long-term damage would this do to a nation that couldn't collect taxes?"
Kovacich says this scenario is not that unbelievable.
He explains: "This could happen in the U.S. It could happen in any information age nation around the world. I think what is happening with most terrorist groups is that they haven't used it much yet, but I think they will find (hacking) the weapon of choice in the future."
(Part I of a two-part series on computer hackers)