Computer Hacking: From Store Chains to International CyberWars

Hacking has generated controversy due to its use in alleged "cyberwars" between rival countries. In April 2001, for example, a U.S. surveillance aircraft collided with a Chinese fighter jet near China's southern coast, causing tensions to flare between the two countries. Chinese and U.S. hackers reportedly traded cyberattacks during that month, although some U.S. officials said that it was difficult to determine whether the Chinese government was actually sponsoring the attacks.

U.S. officials and press reports later claimed that China launched a concerted campaign of hacking attacks against the U.S., codenamed Titan Rain, starting in 2003. And in 2007, Chinese hackers were accused of targeting multiple countries: In May, they allegedly infiltrated computers in the office of German chancellor Angela Merkel; in June, U.S. military officials said that they had penetrated a non-classified computer system in the Pentagon; and in December, British media reported that they had attacked the network of Rolls-Royce plc, an aircraft engine manufacturer. The Chinese government, for its part, firmly denied participation in hacker attacks.

In April 2007, meanwhile, the computer systems of businesses and political institutions in the northern European nation of Estonia were hit by a wave of hacker attacks, which included the blocking and defacement of prominent Web sites. At that time, political tensions were high between Estonia and Russia, but the Russian government denied that it had authorized any kind of cyberwar against the Estonians.

Experts remain divided in their opinions on whether cyberwarfare has the potential to inflict serious damage on a targeted country. Writing in a December 2007 issue of Time magazine, Simon Elegant and Lin Yang noted that China's alleged hacking campaign against the U.S. "seems to be aimed mainly at collecting information and probing defenses," but added that "in a real cyberwar, a successful attack would target computer-dependent infrastructure, such as banking and power generation." The consequences of such an attack would be severe, but some observers still downplay the threat of cyberwarfare, characterizing it as more of a nuisance than a truly dangerous form of aggression.

Meanwhile, other forms of hacking have continued to flourish in the U.S. In 2007 alone, hacker attacks were blamed for exposing a staggering 95,405,165 personal records, including credit card and Social Security numbers. In January 2007, TJX Cos.--the parent company of clothing retailers TJ Maxx and Marshall's--reported that it had been subject to hacker attacks that were later revealed to have compromised at least 45.7 million credit- and debit-card records. (Some sources claimed that about 94 million records were stolen from TJX, making it the most extensive known security breach caused by hackers up to that point.)

The TJX incident prompted renewed calls for a government crackdown on hacking. However, many computer experts cautioned that poorly targeted legislation could stifle technological growth and might even ultimately benefit malicious hackers. Observers on both sides of the issue continue to debate the essential question: What is the best way to stop criminal hacking?

Sources

Elegant, Simon, and Lin Yang. "Enemies at the Firewall." Time, December 12, 2007, 56.

Elms, Eric R., John D. LaPrade, and Mathias L. Maurer. "Hacking of Corporate Information Systems." CPCU eJournal, February 2008, 1.