U.S. sends scary message to hackers, but the truth is even scarier

In the United States, it is now officially National Cyber Security Awareness Month. Fittingly enough, the U.S. Department of Justice has kicked off October with an indictment against 4 North American hackers, which alleges the group stole $100-200 million in digital, intellectual property from some very big-name software developers and the U.S. Army.

More specifically, the indictment lists theft of:

• Source code and tech. specs on Microsoft’s XBox One at a time when the console was still unreleased
• Intellectual/proprietary data related to Microsoft’s XBox Live online gaming network
• Apache helicopter training simulator software developed by Zombie Studios for the U.S. Army
• A pre-release version of Epic studio’s Gears of War 3
• A pre-release version of Activision studio’s Call of Duty: Modern Warfare 3

Video games and more video games. At a glance, this looks like the work of teenage hackers. Not surprisingly, the ages of the 4 young men (2 of which have already plead guilty) range between 18-28. Trivial cybertheft? Maybe. But the DoJ doesn’t seem to think so.

“Electronic breaking and entering of computer networks and the digital looting of identities and intellectual property have become much too common,” said U.S. Attorney Oberly.  “These are not harmless crimes, and those who commit them should not believe they are safely beyond our reach.”   –Department of Justice press release

“These were extremely sophisticated hackers … Don’t be fooled by their ages,” assistant US attorney Ed McAndrew said after a court hearing on Tuesday. –The Guardian article

The DoJ press release goes on to state that crimes like these are crimes against innovation. In a world where intellectual property is now almost always digital property as well, it’s hard to disagree with that. It may be that this was simply a group of kids who stole some video game code, but it is still cybercrime. And, what the DoJ and The Guardian don’t write is that while these 4 young hackers behaved very badly – using SQL injection to steal employee login credentials – there are much, much worse cybercrimes being committed every single day, and far, far more dangerous cybercriminals currently roaming the Internet at large.

What is most frightening is what remains unwritten:the smartest cybercriminals around know better than to target Microsoft and the U.S. Army. Instead, they target those who can’t fight back. Instead, they target you.

This October, don’t just be aware of cybercrime. Protect yourself against it…

And have a great (cyber-crime-free) month ahead!