There's a very real threat out there. This threat is made up of young people, many teenagers, who have an utter and callous disregard for the law and for other people's property. They are unscrupulous, clever, with their eyes always fixed on the chance to rob a citizen or a business.
Their immigration status is generally unknown, and many of them may not even be in the United States. They could be in Canada, Russia, China, Iran, or Chad. They aren't gang-bangers. They're hackers. Granted, cyber-warfare is already a troubling concern. China is already playing with this, as is Russia, and Iran, and we can hope, the United States - if only to learn about how to defend against it. But these kids are using it to steal.
The American Spectator's John Mac Ghlionn has more.
Teenagers get a bad name today. We call them lazy. Screen-addicted. Entitled. Unable to focus beyond 15-second videos.
We’re wrong about one group of teens. Dead wrong.
They call themselves Scattered Spider. They’re probably younger than your college freshman. They live in suburban bedrooms across America and Britain, and they’ve just brought industries to their knees.
This is the new face of warfare — young hackers with Discord accounts who can crash critical infrastructure between homework assignments.
Unlike a lot of common street thugs, these kids aren't stupid; quite the opposite. They do their research, they develop a target list and goals, and then they execute.
Here’s how it works. A Scattered Spider member calls your company. He sounds stressed. Professional. Maybe a little desperate. “Hi, this is Dan from accounting. I’m locked out of my email before the big presentation. Can you reset my access?”
The help desk worker wants to help. Dan sounds legitimate. His caller ID shows he’s calling from inside the company. His knowledge of internal systems seems authentic.
Dan isn’t Dan. He’s a teenager who spent 30 minutes researching your company’s structure. The phone number is spoofed. The knowledge comes from social media stalking and corporate websites.
Within minutes, “Dan” has access to your entire network.
And "Dan" isn't going away empty-handed.
Scattered Spider emerged from something called “the Com” — an underground network of trolls and criminals. Think 4chan crossed with organized crime. These malicious minors level up fast. What begins as petty harassment quickly turns into full-blown extortion. Afterwards, members shift their focus to cyber-terrorism. It all unfolds like a ridiculous game of Whac-A-Mole. The stakes, however, aren’t tokens; they’re tens of millions in actual damage.
Ransomware is the name of the game, and these kids are good at it. But consider this: There may be more to this than just extortion.
The problem is, much, if not all, of our societal infrastructure is online. Everything from electrical generation and distribution to supply chains for everything from food to automobiles, and even hospitals, may be affected. The rise of telehealth and modern computer-aided medical equipment, from diagnostics to life-sustaining equipment, is increasingly being put online. When I started in the medical device industry in 1990, this would have been unimaginable, but no longer.
Think of the results of a group like Scattered Spider gaining control of a big part of the nation's power grid and refusing to turn it back on. What would the U.S. government do? How much would it be worth to get the power back on? And this isn't a nation-state doing this, in this case; it's a bunch of kids, maybe scattered across the world. Trying to identify and round them up quickly would be like trying to catch smoke in a fish net.
One answer would be to air-gap a lot of these systems, like the power grid. We've already had one warning.
See Also: Washington Post Likely Targeted by Chinese Hackers While CNN Is Hesitant to Point Out the Obvious
Hacker Breaches HUD Televisions, Runs Gross Trump/Elon AI Video - Dem Response Is Disgusting
Mr. Mac Ghlionn concludes:
These pimple-faced pirates are demonstrating that the right teenager with the right skills can bring civilization to its knees. So, perhaps it’s time to stop underestimating them and instead focus on stopping them.
Here's a thought, though; slippery as these youths are, they aren't invulnerable. Sooner or later, some of them will get caught. And when they do, would it be the worst idea to turn them against their former compadres? Not as in "set the fox to guard the chicken house," but more like "set the fox to catch other foxes."
This kind of thing represents a kind of virtual arms race. Companies and individual citizens get wise to the latest, people are informed on what to avoid, there are software fixes; then the bad guys find and exploit a new back door, a new loophole, a new angle. This is the new online world - and this battle will continue as long as there's the internet.
