EVIL SPIRITS ? ALIVE AND HACKING / THE FINANCIAL TIMES COMMENT & ANALYSIS ( RECOMMENDED READING )

Evil spirits? Alive and hacking


By Gillian Tett

Published: November 19 2010 23:36

Last week, I received an embarrassing e-mail from a long-lost Japanese friend. “Is this really you?” he asked, attaching a message which had been sent from my personal Hotmail account, selling dodgy computer parts.


“Hello friends!” this missive went. “Christmas is coming. I would like to introduce a good company who trades mainly in electornic (sic) products the price is a surprising happiness.”




Within minutes, other messages arrived: “Your account has been hacked – you have to stop it!” friends shrieked across the world.


But how? I tried to log on to my Hotmail account, but my old password no longer worked. Frantically, I searched the Microsoft website to find someone – anyone – who might help stop the spam, but it was devoid of live humans. The only option was an online-only “solutions” forum that did not appear to present any solution at all.


The spam kept piling up. “It might be porn next,” a friend cheerfully observed, muttering about weird spam messages he had once seen “about hamsters and things”. Then, a few hours later, my password suddenly reactivated, the spam stopped – and I regained control of my account. Briefly, I felt relieved; then I started to worry about what the cyber demons would do next. Who had grabbed control of my account? Was a hacker now reading all my e-mails? What exactly did he – or she – plan to do next with my password?


As I pondered the faceless threat – and frantically downloaded new internet security software – I suddenly felt an unexpected twinge of déjà vu. Many years ago, I spent time working among Pakistani tribal groups in the Sindh desert, who were constantly fretting about the evil eye. This particular group was at the mercy of the harsh physical elements, but had limited understanding of how the weather or medicine worked. Thus, within their world view, the desert was a place beset with hidden, malevolent spirits, against which they defended themselves – with limited success – with amulets and other rituals (such as smearing black kohl around the eyes of babies).


These days, Americans (and other westerners) like to think they live in a vastly more rational and sophisticated world. In some senses it is true. However, the internet has produced a curious paradox. In some ways, this innovation has liberated and empowered us: with the click of a few computer buttons, we can send messages around the world or access information, free from social or geographical constraints. Yet, in other ways, technology has trapped us into a position of great vulnerability. Though our lives now depend on the internet, few of us have any clue how it really works; even fewer can predict or control its threats. We thus live in a mysterious modern cyber landscape that feels as beset with dark spirits as the Sindh desert. But this time, the unseen demons are computer malfunctions, disembodied hackers and virus attacks.


Of course, in theory, modern technology is supposed to offer a defence better than any amulet. An industry of consultants now exists online, offering “internet security” services – for a price. This autumn, the American government activated its first centralised command system to protect government networks, creating a buzz in Washington. “As a doctrinal matter, the Pentagon has formally recognised cyberspace as a new domain of warfare,” William Lynn, the deputy secretary of defence, recently wrote in the magazine Foreign Affairs.


But while the fighting rhetoric sounds impressive, the reality is that these defences – like those amulets – do not always work.


Surveys suggest that American companies have suffered losses of more than $8bn due to cyber attacks in recent years. And the US military is concerned about its own vulnerability, given (as Lynn himself admits) that the battle is very lopsided. Though the targets of attack are visible, the “enemy” is invisible: everywhere – but nowhere. Some hackers hail from China, Russia or Nigeria, others might be next door. Just like those desert demons.


In my own case, I spent time last week trying to investigate the spam dispatched in my name – and spotted a link to a Chinese company called “ShenZhen Suning Electronic Business Trade”, a group that says it “plays the leadership role in doing the internet business trade of China ...owning the advancest technology team worker of china! We have a good series of policy in doing net buisness” (sic). I duly tried to contact that ShenZhen group, to ask them about the spam, but there was no telephone number listed. And my e-mail entreaties went unanswered.


So did ShenZhen Suning hack into my account? Did a third-party marketing group assume my identity – while ShenZhen turned a blind eye (apparently, this is common)? Or was ShenZhen itself the victim of identity theft? I don’t know. But if anybody else gets a weird message from “gilliantett”, selling computer parts – or far worse – please delete it.


Better still, if you know ShenZhen Suning, contact me at the e-mail address below. That, at least, has not yet been possessed by evil spirits, be they from China – or anywhere else.


Copyright The Financial Times Limited 2010.