A Chinese Hacker’s Identity Unmasked
Joe Stewart’s day starts at 6:30 a.m. in Myrtle Beach, S.C., with a peanut butter sandwich, a sugar-free Red Bull, and 50,000 or so pieces of malware waiting in his e-mail in-box. Stewart, 42, is the director of malware research at Dell SecureWorks, a unit of Dell (DELL), and he spends his days hunting for Internet spies. Malware is the blanket term for malicious software that lets hackers take over your computer; clients and fellow researchers constantly send Stewart suspicious specimens harvested from networks under attack. His job is to sort through the toxic haul and isolate anything he hasn’t seen before: He looks for things like software that can let hackers break into databases, control security cameras, and monitor e-mail.
Within the industry, Stewart is well-known. In 2003 he unraveled one of the first spam botnets, which let hackers commandeer tens of thousands of computers at once and order them to stuff in-boxes with millions of unwanted e-mails. He spent a decade helping to keep online criminals from breaking into bank accounts and such. In 2011, Stewart turned his sights on China. “I thought I’d have this figured out in two months,” he says. Two years later, trying to identify Chinese malware and develop countermeasures is pretty much all he does.
Computer attacks from China occasionally cause a flurry of headlines, as did last month’s hack on the New York Times (NYT). An earlier wave of media attention crested in 2010, when Google (GOOG) and Intel (INTC) announced they’d been hacked. But these reports don’t convey the unrelenting nature of the attacks. It’s not a matter of isolated incidents; it’s a continuous invasion.