When you picture a hacker normally the first image that comes to your head is of a loner who never leaves his mom’s basement but stays put in front of his computer screen illuminating his face with a green tinge of light. We have television to blame for this. There is so much more to a hacker than your typical movie portrayal of one. Hackers are computer gurus who have been around just as long as computers. They know computers inside out and have the ability to understand coding like most of us can read books. When we think of something getting hacked we think of someone forcing their way through our security systems to ultimately steal from us, or we think of revolutionary heroes exposing the ill-doings of our governments. Even though the word “hacker” has connotations of wrong-doing, it is because of hackers that our technology has developed and improved so rapidly. However, the question still stands, where is the line between a hacker and a cracker?
The history of hacking begins in the 1960s in MIT where the hacks were developed to improve operating systems. The original hackers were interested in learning how systems worked and by pulling them apart and putting them back together again they discovered how the different technologies worked and what they were capable of. These explorations helped build our computers. Accomplishments of self professed hackers include the World Wide Web, Facebook and Apple. White hat hackers are a subgroup of hackers. These white hat hackers hack into sites in order to help test and improve security systems of sites so that other types of hackers won’t be able to do it. They hack the sites using the same methods as other hackers do but the motives behind why they do it are different to the grey and black hat hackers. Grey hat hackers hack for personal recognition where as black hat hackers are the ones who break into systems for personal materiel gain (Mahmood et al, 2010).
“It is crucial for corporates to understand, even at just the conceptual level, what ethical hacking and penetration testing is about, so they can oversee the most effective risk assessment and management strategies” (Caldwell, 2011)
So the general consensus is that white hat hackers build things whereas black hat hackers, or crackers, break things. These cyberthieves have begun using “social engineering”- they send emails to people within a company and convince them it is from a colleague. By identifying these vulnerable targets they can then ween their way into the corporate’s network. This technique is called spear phishing (Saporito, 2011). LulzSec and Anonymous have the capabilities to do the same, however they are not normally seen as doing it for malicious, self-gain reasons.
Anonymous came about from the website 4chan. Here, posters sign in as ‘Anonymous’ and go ahead to gain hacking acclaim. LulzSec is a play on the abbreviation of ‘LOL’- they hack “for the lulz” and are believed to be a splinter group of former Anonymous members (Saporito, 2011). Because of the hacking done by LulzSec and Anonymous, the world is much more aware of information privacy, or lack there of. The information we have entrusted with corporations are not as safe as we would like them to be. No matter how much or how little information you give these corporations, if the company’s internet security isn’t good enough LulzSec’s goal is to name and shame them- much to the frustration of the corporation.
Corporation frustration aside, could this style of Robin Hood hacking be seen as acceptable whistleblowing- hacking for the greater good? There are always two sides to every story. For example, the Ashley Madison hack of 2015. Ashley Madison is a commercial website the provides a platform for people to meet and have extramarital affairs. A group of ‘hacktivists’ named The Impact Team did not morally agree with the ethos of this site and hacked into the company’s server to gain personal information of the site’s users and threatened to release it unless the site was shut down. In the end Ashley Madison refused and they released the details of 30 million users. Even though you might have agreed with the moral reasoning behind the actions of The Impact Team, extramarital affairs are not considered illegal so was this for the greater good or did it just cause hurt to those involved?
Another famous example of whistleblowing is the Edward Snowden case in which he leaked sensitive documents which revealed the full extent of public surveillance by the US NSA to the media. Snowden did this by (illegally) copying documents which were already accessible to him and distributed them without authorization. Snowden believed his actions were morally correct.
“As it stands, whistleblowing is hacking with a moral agenda.” (Ben-Meir, 2016)
Herein lies the question: are hackers hoaxers? Are they practical jokers or clever programmers? Are these whistleblowers Robin Hood style vigilantes or are they a menace to corporations and our society? In this age of information and cyber culture we can never be sure of what is being done with the information we give to our online platforms, but we also would never know to begin with if it wasn’t for the hackers in our societies.
- Hack Attack – Bill Saporito
- Ethical hackers: putting on the white hat – Tracey Caldwell
- Data Mining Application for Cyber Credit-card Fraud Detection System – John Akhilomen
- Moving Toward Black Hat Research in Information Systems Security: An Editorial Introduction to the Special Issue – M. Adam Mahmood et al