The rise of extremist hacking, criminal syndicates

LONDON: Islamist hacking groups and criminal syndicates have caused more damage to global computer systems in the third quarter of 2004 than in any preceding quarter, according to the latest study published by the mi2g Intelligence Unit.

The phenomenon of Islamist hacking for political purposes did not exist in any significant measure prior to the Sept 11, 2001, terrorist attacks in the United States, except for India-Pakistan and Israel-Palestine localised "cyber skirmishes," the consulting group said in a statement.

International Islamist hacking accelerated throughout 2002, as did global criminal syndicate activity on the Internet, to reach a new crescendo immediately after the start of the US war in Iraq in March 2003.

The last one year has seen further increases, said mi2g (www.mi2g.net), which specialises in digital risk.

The targets have included assets belonging to the United States, Britain, Australia and other coalition partners on the one hand; and within the domestic environments of Russia, Turkey, Indonesia, Pakistan, Saudi Arabia, Morocco and Kuwait on the other.

There is mounting evidence that politically motivated hackers from amongst Islamic countries are collaborating with each other and with criminal syndicates from Russia, Latin America and China, mi2g claimed.

They are devising and implementing new strategies for carrying out:

* SIMULTANEOUS attacks;

* SUBTLE reconnaissance and surveillance missions including identity theft;

* ORGANISED crime activities to raise funds through phishing scams, spam and malware proliferation; and

* GLOBALLY noticeable yet untraceable distributed denial of service (DDoS) business interruptions against publicly quoted household name corporations within the financial services, information technology and consumer goods sectors.

"The collaboration between radical groups and criminal syndicates is particularly significant because they both feed off each others' agenda to create short-term opportunities by injuring public confidence, creating misfortune for individuals and corporations, as well as accelerating local and global destabilisation forces," said mi2g chairman D.K. Matai.

According to the study published by the mi2g Intelligence Unit, the economic damage from DDoS attacks in 2004 has crossed US$34bil (RM129.2bil) worldwide, compared to US$1bil (RM3.8bil) only in the whole of 2003.

The number of phishing scams -- elaborate online financial fraud and identity theft -- carried out against customers of major brand names in 2004 has reached 117, compared to 54 in 2003. The phenomenon hardly existed in 2002, mi2g said.

The economic damage from phishing scams is estimated to have exceeded US$44bil (RM167.2bil) worldwide in 2004, compared to US$14bil (RM53.2bil) in 2003.

The number of spam or unsolicited e-mail messages was more than 3.3 trillion worldwide, compared to 1.6 trillion in 2003. The economic damage from spam in 2004 is estimated at US$119bil (RM452.2bil) worldwide, compared to US$58bil (RM220.4bil) the year before.

Major viruses, worms and trojans and other sorts of malware have caused upwards of US$165bil (RM627bil) in damages worldwide this year, as opposed to US$83bil (RM315.4bil) last year.

To sum it all, the economic damage from all forms of digital risk manifestation -- covert attacks, spam, phishing scams, DDoS, major malware and overt attacks -- in 2004 has crossed US$411bil (RM1.6 trillion) worldwide, compared to US$215bil (RM817.bil) last year.