These hackers are out to do real economic and/or political damage. | REUTERS Cyberwarfare niche for hacktivists

As 2013 comes into full view, I believe the new year may bring cyber events that will have the greatest impact yet on homeland security and foreign policy. My company recently released the 2013 Threat Predictions Report, and it paints an ominous picture of how rapidly the burgeoning “cyberchaos” industry is maturing.

So far, activist hackers — hacktivists — have rarely inflicted genuine trauma. Usually it’s shenanigans, political embarrassment or low-grade anarchy — as when the hacker group Anonymous hijacks websites of the Syrian government or the Westboro Baptist Church.


We think that’s changing. More extreme groups are getting the hacktivist habit.

These are transnational forces united by devotion to a cause. They mean to do more than just tweak the powerful or spray revolutionary rhetoric across an official website. They are out to do real economic and/or political damage — to organizations, governments — and perhaps to you personally.

Imagine an ideological faction with the fervor and commitment of Al Qaeda, plus the technological talent and discipline of a Silicon Valley startup. We have counted on conventional digital terror groups to limit their impact through their own incompetence and disorganization. The 2013 hacktivist, we believe, is much less prone to self-sabotage.

No less of a concern than the rise of extreme hacktivism is the exploding global marketplace for hacking services. It is literally malicious technology for hire, and it’s on the rise.

Leading-edge hacktivists are usually passionate about an agenda. Hackers for hire, on the other hand, are cyber mercenaries — usually willing to promote any agenda for a price. You’ve heard of SaaS — software as a service. Welcome to HaaS — hacking as a service.

Just as a company looking to cut IT costs considers outsourcing certain functions and applications to the cloud, a criminal or fringe political group can now outsource certain kinds of havoc to third-party providers. It’s no great trick to find the underground forums where malware kits and custom development services are bought and sold. Email password hacking services are about as hard to find as a Starbucks at the airport.

The mayhem merchants adopt the language and practices of global commerce: marketing, productizing, consulting, outsourcing and contracting. Like soldiers of fortune in an earlier time, they know no borders, fly no flag and flaunt relatively toothless, ineffective regulations.

Between the extreme hacktivists and the institutionalized marketplace for hacking services, we see a clear and present threat to our financial and information systems, our power and security infrastructure, government information databases — all the things that keep sovereign nations stable.

It’s not as though world governments pay no attention. The CIA, FBI, Interpol and the United Nations all recognize the threat, and United States law enforcement and intelligence are both responding impressively. But the new McAfee report makes clear that it is racing ahead of global law enforcement. The threats are growing more powerful, capable and strategically minded.

Our law enforcement agencies need more resources, and we need a concerted multinational response — an expanded global effort that takes its cue from the successful collaboration on cybersecurity between the U.S and the European Union, launched with the do-it-now urgency of a modern-day Manhattan Project. Businesses will continue to innovate — indeed, technology strides are in the long run the key response to coordinated cyberthreats. But it is also important to make computing security a priority for intergovernmental cooperation. And at the end of the day, governments and businesses must work together even more closely on this problem.

Digital security may be the most pressing, broadly affecting diplomatic issue of our time because we are increasingly dependent on computer networks for all society’s basic functions; and because the Brazilian banker, the Australian diabetic, the Zimbabwean farmer and the American filmmaker have equal, urgent stakes in their security, availability and growth.

Beyond basic food and shelter, perhaps no issue affects more of the world’s people more evenly. We are all in this together.

The threats to our computer networks from extreme hacktivists are real and deadly serious. Our response must match, exceed and overpower them.

Pat Calhoun is a digital security expert and Silicon Valley veteran who is responsible for the strategic direction of McAfee’s network security business unit. He can be followed on twitter at @calhoun_pat.