A Real Life Prison Break for Ugly Gorilla?

I’ve never thought there was much romance in cracking the networks of American companies and agencies, but a recent LA Times article underlines just how dreary it can be.

The piece is based on a blog diary kept by Wang Dong, identified in recent reports as the notorious Ugly Gorilla, whose code has been found in many successful attacks on US networks.  Though it never reveals Wang’s employer or his job, the blog makes clear that the life of even a talented PLA hacker is not a happy one:

With no money and little free time, he found solace on the Internet. He shopped, chatted with friends and courted a girlfriend. He watched movie and television shows. He drew particular inspiration from the Fox series “Prison Break,” and borrowed its name for his blog.

Richard Bejtlich, Mandiant’s security chief, said posts written by the blogger, who called himself “Rocy Bird,” provided the most detailed first-person account known to date of life inside the hacking establishment. Although the blog was discontinued four years ago, the techniques described in it remain the same. “It is relevant,” said Bejtlich. “Things have not changed that much.”

The hacker, whose real family name is Wang, posted some 625 entries between 2006 and 2009. “Fate has made me feel that I am imprisoned,” he wrote in his first entry on Sina.com. “I want to escape.”

Hmm, maybe he can.

In the past, I’ve proposed that the US deny visas to people and institutions that contribute to cyberattacks. But sometimes carrots work better than sticks, and visas can certainly play that role as well. 

The Justice Department is authorized to issue a couple of hundred “S” visas each year to foreign nationals “in possession of critical reliable information concerning a criminal organization or enterprise.” The visa allows family members to enter as well, and it becomes a permanent residency if the witness’s “information has substantially contributed to the success of an authorized criminal investigation.”

Systematically hacking US companies and agencies surely constitutes a criminal enterprise under US law, and I note that an investigation can apparently be deemed a success without leading to a criminal conviction. 

So under current law, the Justice Department could send QQ messages to all the guys we’ve already identified as Chinese hackers, saying “The first of you who shows up at a US consulate with a full flash drive will get an S visa and a million bucks; the second one will get an S visa and $100,000.  The third will get an S visa and $10,000.  And the rest of you will be indicted with the evidence supplied by the first three, making China a prison you’ll never break out of.”

Somehow it just seems fitting for Prison Break to meet Prisoner’s Dilemma.

Credit:  Thanks to the official who first suggested this idea to me.  You know who you are!