The Chinese Hacker Who's Seriously Dangerous

Interesting story in the New York Times about a Chinese hacker who really knows what he's doing. Code-named Majia, he's a solitary fellow in his early 20s who lives with his parents. Working out of his tiny bedroom, armed with just a PC and a high speed connection in his tiny bedroom, he's dangerous:  

"As he explains it, an online "trapdoor" he created just over a week ago has already lured 2,000 people from China and overseas -- people who clicked on something they should not have, inadvertently spreading a virus that allows him to take control of their computers and steal bank account passwords." 

He wouldn't say how much he's pocketed, but it's likely a substantial amount. He's part of a larger community of Chinese hackers that have earned major bragging rights in the underworld. 

Here's the chilling part: 

"Three weeks ago, Google blamed hackers that it connected to China for a series of sophisticated attacks that led to the theft of the company's valuable source code." 

Huh? A bunch of freelancer hackers...penetrated Google? Yes, in fact, they not only hacked in, they actually stole the crown jewels -- company source code. 

That's disconcerting because Google knows Web security better than anyone, don't they? Google, for goodness sake, is Google -- it's the galaxy's leading Internet company. 

I mean, c'mon, if you had a choice of being protected by a Web security team from one of the following entities, which would you pick? 

1) The U.S. Government

2) The average large corporation

3) Google

Personally, I'd pick Google. (Which brings up another worry. If Google was hacked, and its engineers are savvier than the government's, what about the safety of federal agencies?) 

So big 'ol Google, the Web's 500-pound gorilla, was humiliated by a bunch of self-funded black hatters, some of whom might have been operating from their parents' apartments. Amazing. 

(I guess if you were a conspiracy theorist you'd say they weren't self-funded - they had major help from the Chinese government. And the fact that the Gmail accounts of human rights activists were also hacked supports this - what garden variety hacker huffs and puffs to break into the the email of human right activists?) 

Majia and those like him are hackers but they're not slackers. He constantly studies cyber techniques, trades information, and -- here's the key part -- he can write code. 

"Most hackers are lazy," he says..."Only a few of us can actually write code. That's the hard part." In sum, this guy is a pro. A pro for the dark side, but a pro nonetheless. 

How many thousands (or tens of thousands, or hundreds of thousands) of talented hackers are there like Majia? Ultimately, who's going to win the war of Internet security, us or them? I'm hoping for us. In the mean time, please check your firewall.