It seems like we hear about some incredibly brazen breach of computer security every week. Still, I tend to think of these events as anomalies, the work of rogue hackers and the like. I never really understood just how organized so much of this criminality was. After reading Misha Glenny’s new Darkmarket: How Hackers Became the New Mafia, I have had my eyes opened. Some of the situations and crimes described in this book make La Cosa Nostra look like child’s play. Darkmarket is a well-written, page-turner of a book. It is also one of the more sobering reads I have had in some time.
The name Darkmarket was chosen by a loose conglomeration of hackers, who had various reasons for their interest in breaching computer security. One early, and very notable quality I liked about the author’s approach to the subject was his careful distinction between so-called “black-hats,” and “white-hats,” when it comes to the subject of hacking. To briefly break it down, the white-hats are into hacking systems for their own amusement, and often attempt to inform the company (or whoever it is) about the gaping security hole(s) they discovered. To put it bluntly, a black-hat is in it for profit, or even just to create anarchy. In any case, black-hats are definitely up to no good.
It can be argued that white-hats are up to no good themselves. After all, they are committing crimes. But here is where good old human nature, and often the ugliness of being driven by self-serving ego comes in. There are stories upon stories of Darkmarket hackers who began their activities as teens, more out of boredom (or being unpopular “nerds”), than for any other reason. When they thought they were doing the right thing by informing the authorities of what they had discovered, they were often arrested and prosecuted as criminals.
This response could certainly be justified, as again, they were “up to no good.” But it is also a pretty stupid reaction when you think about it. These kids could have caused massive damage, but chose instead to provide valuable information to the company about their systems vulnerability. I just think that it is important to mention these things to offer an idea of the initial motivation of some of these guys. The term “hacker” is so pejorative these days, that it would do everyone a bit of good to have at least a small understanding of what motivates these bored (and highly intelligent) teens.
The Darkmarket website, and its members were a worldwide, and highly secretive group who had found ways of getting into extremely sensitive areas of computer systems. Again, for the layman, this world is one that is difficult to understand. Glenny lays out in the most basic way just why so many supposedly impossible to penetrate computer systems are so vulnerable.
Human fallibility is (once again) the major culprit. In case after case, what Glenny has turned up is so basic it would be funny, if the stakes were not as high. In many situations, it comes down to the programmer leaving himself what is termed a “backdoor.” That is to say, if he wanted to go in and make a quick fix to something, he has easy access through a little “door” he has created for his use only. Typically, nobody else even knows it exists, and he put it there simply for convenience. Rather than go through the proper channels to get in, he can just do it, and the problem is fixed.
Since he is supposedly the only one who even knows that this little alternate entry point exists, he may not even put a password on it. Or if he does, he goes with one of the most ridiculously obvious ones possible, “password.” Just as an aside, Glenny gives the stats about how many people use the word “password” as their password. In one study, it turned out to be over 50% of those who replied.
To summarize the basics of Darkmarket, it details the exploits of this loose coalition of hackers, who stole millions upon millions of dollars through their deeds. One of the more intriguing, and bold methods described was in changing the codes of ATMs, and drawing out $40,000 (or more) at a time. In fact, one of the challenges they faced was in how to deal with the stacks and stacks of cash they were able to steal.
Darkmarket is a 300-page book that explains what a lot of us might find far too sophisticated to really grasp. I know that was a challenge for me when I first opened it up. But Glenny’s writing style makes these crimes, the reasons behind them, and the all-too human errors that made the situation possible, very easy to understand.
It is clear that this is a world that offers the opportunity to steal incredible amounts of money, without ever having to walk into a bank and do an old-fashioned robbery. I found the book to be highly informative, and fascinating. And as I said earlier, also very sobering. The paperback edition of Darkmarket: How Hackers Became the New Mafia has just been issued from Vintage Books. It is recommended for anyone who uses computers, which is basically all of us. I found it to be one of the more compelling books I have read in quite some time.