Publetariat was brought down by yet another hacker attack this weekend, and Evernote reports hackers succeeded in breaching its site this weekend as well. While nothing on Publetariat was actually compromised, thanks to all the security updates applied following the last hacker attack in December of 2012, this attack’s brute force attempt to run multiple malicious scripts on the site overloaded the server and caused Publetariat’s host company to shut the site down. The attempt was traced to two suspicious user accounts, and those accounts have been deleted. But that’s not the end of the story, unfortunately.
Recall that following the 12/12 attack, all new user memberships were suspended, precisely because of the excessive demands of weeding out hacker / spammer registrations from legitimate ones. However, shutting down new registrations wasn’t enough, because it turns out there were already nefarious user accounts previously registered on the site. For security purposes, all user accounts were put under review over the weekend and any that looked suspicious for any reason were deleted. Since all site content is visible to anonymous site visitors, even if a few legitimate users were caught in that net, it shouldn’t have a seriously negative impact on most Publetariat visitors’ use of the site. Unfortunately, these are the lengths to which we are now forced to go in trying to thwart cyber attacks: we ALL suffer.
Remember, Publetariat doesn’t make any money, it’s an entirely volunteer effort, funded totally out of pocket by myself. These attacks make it more and more difficult to justify keeping the site going at all. This time, after the many hours of work spent getting the site back online and culling user accounts were over, I decided to do something more. From my Digital Media Mom site:
I am sick and effing tired of working months and years to build a site and grow an audience for that site, only to have a target painted on my back by spammers and hackers precisely BECAUSE my site has become successful (and heavily trafficked). Every time it happens, I ask myself if it’s worth all the bother to run my sites at all. And one of these days, when the damage done is severe enough, the answer to that question will be, “No.” And on that day, some valuable resources for writers and people who need tech help will be gone.
I think all organized spammer and hacker collectives should be prosecuted as terrorist organizations, just like any other collective that sets out to commandeer, attack or subvert a public utility. The internet has become a necessity of life in the developed world, no different from electricity, phone or sewer service. Any group that attacked THOSE services would be dealt with very severely. It should be no different for hackers and spammers who are sucking down untold millions of our productive work hours and valuable technology. Maybe if the punishment were severe enough, more of those pieces of human garbage would find less risky means of employment.
Sign my White House Petition if you agree, to ask the President to classify organized spammer and hacker groups as terrorist organizations for purposes of law enforcement and prosecution. The deadline to get 100k signatures is 4/2/13, so please share this link with anyone you know who would like to see this done: http://wh.gov/fWcw
And yes, of course I know many, if not most, of these collectives are operated from overseas, which makes them harder to find and prosecute. But this is no longer a mere annoyance, it’s a daily threat to our productivity, financial stability, and even national security. And again, if some foreign collective were to target a U.S. power grid, there would be no question of tracking that group down and bringing them to justice. Hackers and spammers are no better, and should be treated no less severely by international law enforcement agencies.
I’m asking all American citizens who use and value Publetariat to sign this petition, and share it with their social media networks. If 100k signatures are collected by 4/2/13, the White House is required to look at the petition and issue an official response: either that they are not going to take action and why, or that they are going to take action and how.
For those who are concerned that approval of such a petition would take valuable resources away from the fight against other types of terrorism: the White House has always prioritized all threats to the nation, and it will always do so in the future. Hackers and spammers will usually be pretty far down the list, but having them classified as terrorists gives international law enforcement agencies more and better tools to track them down and subjects them to much stiffer penalties when they are caught.
Note that I include organized spammer collectives in this petition because they now regularly employ hacker tactics. Spammers waste millions of man-hours of website administration staff effort all over the world in finding and deleting their fake comments, fake user accounts and unwanted links. They waste millions of man-hours that belong to the general public, too; how many hours have you wasted over the past month deleting spam from your email inbox, your Facebook pages, your author sites and blogs and your Twitter account? Spammers have made hijacking our tech resources for purposes of inflicting unwanted advertising a for-profit business model. They infiltrate sites like a swarm of despised parasites, and are no more welcome than their hacker brethren.
Hackers and spammers continue to proliferate and make all our lives miserable in a multitude of tiny ways because it’s very easy and mostly consequence-free. They have automated scripts they can unleash online to seek out vulnerable sites, email accounts and devices. They have automated systems in place that make it difficult to trace the source of those scripts. And when their destructive handiwork is discovered, site, computer and device owners have to invest many hours of effort —and sometimes considerable amounts of cash, too— to undo the damage, but no harm befalls the criminals who caused all the trouble in the first place because we’ve largely adopted a “whaddyagonnado?” attitude about it. Even if we can find them, it’s nearly impossible to successfully prosecute them under existing civil and criminal statutes.
Maybe if those criminals were facing the much more draconian penalties facing other terrorists, and if the government were empowered to use the same tools employed in tracking down terrorists to track down organized hacker and spammer collectives, would-be and existing hackers would start looking for a new line of work.
The more connected our society gets, the more this problem is going to snowball. Now is the time to take action. Please sign the petition, and share it with everyone you know who’s just as sick of spam and hacker attacks as I am. The direct link to the petition is http://wh.gov/fWcw .