Amateurs draw attention to themselves. The quiet ones are the professionals.
While Chinese hackers have been causing a ruckus invading U.S. web sites during the last few years, a gang of Russian hackers has apparently pulled off the largest heist yet of digital data. The group has stolen 1.2 billion username and password combinations, according to Hold Security of Milwaukee, and more than 500 million email addresses.
Russia, with a vast techno-industrial complex dating to the Cold War, is generally considered to have premier cyberwarfare capabilities. “When I was in government, we thought the Russians were the best in the world at this, after the United States,” security expert Richard Clarke, a top White House advisor during the George W. Bush administration, said during a panel discussion at this year’s Milken Institute Global Conference.
“That is still the prevailing view,” said Chris Inglis, who until earlier this year was deputy director at the National Security Agency.
There’s no evidence the huge Russian hack was a government operation. But Russia’s Orwellian security sector has spawned an army of cyberruffians Vladimir Putin’s government has done little to rein in. A year ago, for instance, U.S. prosecutors revealed details of a 7-year scheme perpetrated by Russian hackers who obtained access to 800,000 U.S. bank accounts and more than 160 million credit and debit card numbers -- believed at the time to be the biggest cybercrime ever.
Hold Security says the Russian group carrying out the latest attack seems to be using the stolen data for spamming operations, which would be less serious than the theft of credit-card information that has afflicted Target (TGT) and other companies. Still, the kind of data the Russians stole can be matched with other information and used for identity theft—on a potentially huge scale, given the sheer amount of personal information gathered.
The most notable thing about the Russian hack may be its astonishing breadth. Many cyberattacks drill deep into one company’s databases to extract as much information as possible on the firm's customers. The Russians, by contrast, gathered their data from 420,000 different web sites, ranging from big companies such as Adobe (and many others not yet identified), to small sites that probably have marginal security.
At the Milken conference in May, Clarke pointed out how the Russian government has the capability to conduct cyberwar against the United States, if tensions should ever rise to that level. Russia lacks the economic clout to go toe-to-toe with the U.S. over sanctions, like those being imposed now in response to Russia’s military adventurism in Ukraine. But cyberwarfare could level the playing field. “What they can do, and do it covertly, is a series of cyberattacks to get back at us for sanctions,” Clarke said. “Attacking our financial institutions in ways that we would never be able to prove it was them.”
There’s no public evidence anything like that has happened, but it is assuredly a consideration as President Obama and European leaders consider how tough sanctions against Russia ought to be. It’s also likely Russia could conduct more aggressive cyberwarfare in Ukraine itself. Up till now, Russia has held back, perhaps because it doesn’t want to reveal its capabilities, invite retaliation or appear to be escalating its support for Ukraine separatists.
Whoever the attackers are, cybercrime and more sinister variations backed by foreign governments have become a major problem for American companies, imposing an annual cost of at least $100 billion per year. The White House has singled out economic espionage conducted by units of China’s People’s Liberation Army as a particular threat to U.S. firms. Hackers from China, Syria, Iran and other countries have also attacked a variety of U.S. companies, including media giants such as the New York Times, CNN and the Wall Street Journal, in fairly obvious ways that might best be described as online vandalism.
There’s one cyberpower that tends to stay out of the headlines: the United States. While Chinese and Russian hackers might be good, they do tend to get caught. The best hackers are the ones who go completely unnoticed.
Rick Newman’s latest book is Rebounders: How Winners Pivot From Setback To Success. Follow him on Twitter: @rickjnewman.