The term "hacker" is commonly used in media and popular culture to refer to someone who breaks into secure computer systems, often to extract, release or manipulate sensitive information. Though commonly portrayed in a negative light, hackers of one kind or another have existed for far longer than they have been a part of the public consciousness, and have developed an exclusive jargon, mindset and methodology around which they shape their work and daily lives. In this chapter, we examine the social forces that have shaped hackers and the hacker culture, investigate the moral implications of hacking, show the legal framework in which hackers operate, and explore case studies that might help better explain the mindset behind a hacker or group of hackers.
History and Background
Despite its recently applied negative connotation, “hack” was originally a neutral term. Originally coined in the 1960s at the Tech Model Railroad Club at MIT, “hacking” was used to describe the process of understanding and modifying model train sets and other technologies.  The term proliferated and evolved through the late 60s and 70s until it became synonymous with computer modification. During this time, hacking was a way of gaining an understanding and appreciation of how computer systems worked. During the 1980s, a subset of hackers, no longer satisfied with benign “curiosity hacking” began using their knowledge to gain entrance to secure systems and exploit those systems for personal gain. Vilified by the media, this new breed of hackers, dubbed “crackers” by the more traditionalist hacker community, have become the model for public perception of hackers. WarGames (1983), Hackers (1995), and Swordfish (2001) are examples of movies which misconstrue hackers and have helped draw the connotation of the word "hacker" away from its original meaning.
Today, hacking is more in the public consciousness than ever. Articles about "hacktivist" organizations and discussion of potential cybersecurity threats have led to an even more sensationalist portrayal of hackers in the news and media. The "hacker" vs "cracker" divide is more well defined and the moral and legal implications of hacking more serious. Despite this, hacking remains a highly misunderstood activity. Though not easily defined, hackers can be more easily thought of as "white hat" hackers, security specialists focused on the improvement of security systems, or "black hat" hackers, crackers and other malicious parties who may seek personal gain from their actions, often at the expense of others.
Types of Hacking
Black Hat Hacking
A Black Hat hacker is someone who violates computer security for reasons of malice, personal gain, or a desire to advance a particular cause. These are the individuals who represent the stereotypical view of hackers in popular culture and their activities can take many forms including hacking a particular organization's databases, more general phishing scams, and computer worms such as the Love Letter virus. The profile of a black hat hacker ranges from trained professionals and hacktivists to inexperienced script kiddies and malicious insiders who use their access to confidential information to cause great harm.
The Love Letter Worm
The Love Letter worm was a May 2000 computer worm that sent itself to the first ten contacts in a victim's email address book when an attachment was opened. The worm spread extremely rapidly due to a number of factors including the masking of the attachment's file type as an innocuous text file and the curiosity sparked by the personal receipt of a love note. In this way the worm took advantage of social factors of trust in a friend's emails and the stated curiosity to induce victims to click the attachment that spread the virus further. The virus eventually caused $5.5 billion in damages and forced many companies and governments to shut down their email services for several days. The design of the virus had no benefits like viruses described later in the chapter, and in the most positive description can only be termed an academic exercise unleashed on the world.
White Hat Hacking
A white hat hacker is a person who uses hacking to protect computer systems in some way, often by identifying a security weakness and then somehow notifying an administrator of the computer system's vulnerabilities. White hat hackers are sometimes hired beforehand to conduct a penetration test. A penetration test is a method of evaluating a company’s security by simulating a real attack from malicious hackers. The etymology of white hat hacker came from the western genre of movies where heroes often wore white hats and villains often wore black hats. Many white hat hackers are former black hat hackers.
Tsutomu_Shimomura is a famous white hat hacker who tracked down Kevin Mitnick, the most-wanted computer criminal at the time. After Mitnick sent a personal attack to Tsutomu's computer, Tsutomu began working with the FBI. Using call information, Tsutomu located Mitnick's apartment and notified authorities leading to Mitnick's arrest and conviction on several charges. Mitnick now runs a computer security consulting firm as an apparent white hat hacker.
Gray Hat Hacking
Things are rarely black and white. Although the above color designations are very large in scope there is a significant gray area in which hackers can operate. One type of gray hat hacker is the curiosity hacker. Curiosity hackers are people who are simply interested in hacking and security. They are not hired by any company to do penetration tests nor are they hacking maliciously, although there are cases of gray hacker work getting out of control and causing damage as in the case of the Morris Worm. A special subculture has evolved around curiosity hacking, closely tied to the Open Source Movement
The interest in curiosity hacking has produced a large and complex community. The social group has entire hacker conventions such as DEF CON, and even produces a hacker quarterly, 2600. Short collaborative coding sessions, termed hackathons, are a growing phenomenon and numerous websites have popped up where people can test and develop their hacking abilities. One such site is Hackthissite.org, which also includes an active forum where hackers discuss some of the harder hacks. The curiosity hacking community is a strong example of operating in the gray area since the skills the group uses and the makeup of the community fall into both the black and white categories.
The Morris Worm was created in 1988 by Robert Morris, a 23 year old doctoral student experimenting with what became the first widely recognized computer worm. The claimed intent of the worm was to gauge the size of the internet, however the system to system copying often monopolized a computer's resources until it had to be shut down. At its high point, the worm is thought to have reached 10% of entire internet. Unlike the Love Letter virus, the Morris Worm had a great deal of alleged merit in the mapping of the early internet. Yet the release of the worm at MIT to mask its origins at Cornell point to at least some knowledge of the malicious nature of the code.
Hacktivist is a term for those who use use hacking as a means for promoting or impeding a specific social or political cause. A hacktivist's actions often takes the form of distributed denial of service (DDoS) attacks, defacement of websites, and leaks of confidential information. Some hacktivist organizations such as Anonymous and Lulzsec have gain world wide notoriety while many others like the Turkish group RedHack have become high profile only locally. The purpose behind hacktivist organizations varies from group to group; however, members are usually linked by common ideals and shared opinions on targeted social and political groups.
Anonymous is a loosely associated anarchist, hacktivist organization. No structure or leadership is known to exist within the organization, though it is tied to certain websites, imageboards, and groups such as the Occupy movement and WikiLeaks. The organization has been known to publicly voice strong opposition to internet controls, censorship, and real or perceived attacks on human rights. In December 2012, a conference of the International Telecommunications Union (ITU) was hacked by Anonymous. The ITU's website and much of its related online information was temporarily blocked, impeding the already limited public access to proceedings and preventing some delegates from using online resources. The reason for the hack is likely the attempt by delegates from mostly autocratic governments to allow greater control of the internet within national borders. The US strongly opposed the measure on the grounds that it would promote censorship and the conference ended after a collapse in talks.
Computer crimes are regulated at the federal level by the Computer Fraud and Abuse Act §1030, the Wiretap Act §2511, and several other sections of the legal code. States have also enacted many individual statutes to combat computer crime. Federal agencies with jurisdiction over cyber crime include the FBI and Department of Homeland Security with prosecution by the Department of Justice. All of these US laws and agencies have to navigate the complexities stemming from constitutional freedoms and community backlash from overly restrictive or invasive regulation.
The legal recourse to a hacking incident often requires some form of multilateral participation because of the international nature of the internet. This adds a great deal of complexity since there is currently no unified international legal regime to handle cybercrime. Instead, a number of international agencies provide resources to aid individual countries in the tracking, arrest, extradition, and prosecution of cyber criminals. The head of one such organization, Interpol's Secretary General Ronald Noble has stated that while “a real breakthrough in fighting cybercrime might be possible once a substantial number of countries have updated their legislation and when more countries devote resources for police to develop greater technical expertise, Interpol and the world cannot wait for such an idyllic situation.” Instead of waiting, Interpol has gone on the offensive to take down cybercriminals.
In February of 2012, 25 alleged members of Anonymous were arrested in Argentina, Chile, Colombia, and Spain. Interpol coordinated operation spanned 15 cities and also included the seizure of over 250 items of IT equipment. “This operation shows that crime in the virtual world does have real consequences for those involved, and that the Internet cannot be seen as a safe haven for criminal activity, no matter where it originates or where it is targeted,” said Bernd Rossbach, acting Interpol Executive Director of Police Services. The same day, Anonymous hackers temporarily brought down the Interpol website in an apparent distributed denial of service (DDoS) retaliation attack. This is only one example of the exchanges between law enforcement and hackers.
For more information, see the cases of Malicious insiders Bradley Manning and the Anonymous response, Shanshan Du, and many others.
From curiosity hacking in the 1960s and 70s to malicious cybersecurity attacks on governments and private organizations, hackers have always existed in a moral gray area, never satisfied using technology exactly as it was intended. Recently, the entertainment industry and the heavily publicized actions of hacktivist groups have brought the issue of hacking into the public consciousness. As a result, governments have passed laws to crack down on cybersecurity crimes and companies have started to look for security professionals to help keep their digital infrastructure safe from attack. Hacktivists and other parts of hacker culture have responded to these changes, often aggressively. This continuously developing exchange has had great effects on the hacker community, including a push to divide the group into two categories. Though the differences between hired white hats and malicious black hats can seem stark, the divide is not so clear-cut. The hacker subculture is a community of complex individuals who are not easily defined. Each hacker unique, the product of their technological ability, personal moral code, and the society and social factors around them.
- Tech Model Railroad Club. TMRC History. http://tmrc.mit.edu/history/
- Trigaux, R. (2000). A history of hacking. http://www.sptimes.com/Hackers/history.hacking.html
- Clarke, Z., Clawson, J., & Cordell, M. (2003, November). A brief history of hacking. http://steel.lcc.gatech.edu/~mcordell/lcc6316/Hacker%20Group%20Project%20FINAL.pdf
- Pinguelo, F.M. & Muller, B.W. (2011). A Primer on Cybercrimes In the United States and Efforts to Combat Cybercriminals. Virginia Journal of Law & Technology, 16 (1), 117-188.
- Austin, T. (n.d.). The loveletter virus.http://www.viruzlist.com/loveletter.html
- e, M. (2007, June). White hat.White Hat Hacker http://searchsecurity.techtarget.com/definition/white-hat White Hat Hacker, additional text.
- Glynn, F. (n.d.). What is penetration testing?. Penetration Test http://www.veracode.com/security/penetration-testing Penetration Test
- Elizabeth, M. (n.d.). What is a white hat?. http://www.wisegeek.com/what-is-white-hat.htm
- Lee, J. (2012, July 13). 5 of the world’s most famous and most influential white hat hackers. http://www.makeuseof.com/tag/5-worlds-famous-influential-white-hat-hackers/
- Schmidt, C., & Darby, T. (2001, July). The what, why, and how of the 1988 internet worm. Morris Worm http://www.snowplow.org/tom/worm/worm.html Morris Worm
- Boone, J. (2012, November 26). Hackers face prison in turke'ys first ever trial of suspected cyber criminals.http://www.globalpost.com/dispatches/globalpost-blogs/the-grid/alleged-hackers-face-prison-turkeys-first-ever-trial-suspected-
- Jones, W. (2012, December 7). This week in cybercrime: Itu conference falls prey to a cyberattack. http://spectrum.ieee.org/riskfactor/telecom/security/this-week-in-cybercrime-itu-internet-conference-falls-prey-to-a-cyberattack
- U.S. fights Russia against regime to bring internet under more government control at worldwide talks. (2012, December 8).http://www.dailymail.co.uk/news/article-2245237/U-S-fights-autocratic-regimes-attempt-bring-Internet-MORE-government-control-worldwide-talks.html
- DOJ Cyber Crimes Manual.
- ITU activities related to cybersecurity. (2010, August 10). http://www.itu.int/cybersecurity/
- Interpol: An Organization Under International Law
- 'World must better prepare itself for emerging cybercrime threats', interpol chief tells prestigious meeting in india. (2012, March 30).http://www.interpol.int/News-and-media/News-media-releases/2012/PR028
- Karia, J. (2012, February 29). Interpol arrests 25 members of anonymous in ‘operation unmask’. http://www.techweekeurope.co.uk/news/interpol-arrests-25-members-of-anonymous-in-operation-unmask-63664, additional text.
- Norton, Q. (2012, February 2). 25 alleged anons arrested in international crackdown. http://www.wired.com/threatlevel/2012/02/anonymous-arrested-interpol