After LulzSec just where is hacking heading?

With the popular focus firmly on 'hacktivism', you might suspect changes were afoot in the world of online crime, says Rik Ferguson

The present preoccupation with hacktivism and groups such as Anonymous might suggest a shift in the pattern of online crime. Nothing could be further from the truth, says Rik Ferguson.

Over the past couple of months, we've seen many instances where hackers have used their expertise to make political or social statements. Do these attacks imply a shift in focus among cybercriminals and a move away from organised crime looking for financial gains?

I don't believe that any recent increase in hacktivism is fuelled by disaffected criminals, or criminals deciding to use their skills for another purpose. The rise in hacktivism is a phenomenon that is apart from the ongoing criminal theft of data and abuse of systems.

The people taking part in hacktivism are often young people with varying levels of computer skills who are getting involved either for a political cause or, in the case of, say,LulzSec, simply for fun.

Their activities are still illegal and in some cases more harmful than more traditional online criminal activity, but they are not the same people as the ones behind Koobface, Zeus or SpyEye, for example. They are not the same people who are selling fake pharmaceuticals or sending phishing emails. They are not even the same people as the ones who broke into Google, RSA, Lockheed Martin, Epsilon or any one of the other advanced persistent threat cases I could mention.

Characteristics of the Anonymous approach

How do I see this evolving? Well, Anonymous as an organisation has been effective at attracting many thousands of people to its cause through the clever use of social and traditional media. It has also released easy-to-use tools that allow any volunteer to take part in DDoS attacks organised by the group.

The Anonymous approach is a natural evolution of the kinds of protest movements that have been around for centuries. This kind of activity will continue and increase over the coming years as individuals realise that the power available to them to protest online is in many ways vastly more effective than protests in the offline world.

Of course, this activity may have the unfortunate consequence of leading to a tightening and strengthening of legislation when it comes to activity online. It may even lead to the development of a two-tier internet, one where anonymous activity is still possible and a second where users are required to identify themselves before making any online connection or transaction.

State-sponsored hacking

Recent publicity has put the media focus very clearly on state-sponsored hacking, with the finger often being pointed at China. Again, this phenomenon is nothing new, but the willingness of enterprises to come forward and admit to being victims has definitely contributed to the feeling that this activity has increased recently.

We shouldn't be surprised to see nations using all the tools at their disposal to carry out espionage-related activity. But again, this pattern of behaviour has been the norm for centuries.

Rik Ferguson is director of security research and communications, EMEA, at Trend Micro. He has over 15 years' experience in the IT industry with companies such as EDS, McAfee and Xerox.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.