Hacking is an activity which has long been tied with ethical and legal complications. The term has evolved to have both ethical and unethical connotations, which can be confusing to the uninitiated. Hacker subculture has a myriad of terminology, sometimes with subtle variations, and this chapter identifies the main subcategories of hackers. The methods used by hackers to infiltrate systems will also be briefly examined, along with the motives for the activities. The question of whether or not hacking can be an ethical activity, and how it should be dealt with by the legal system is considered in this chapter. Consideration is also given to the international legal perspective. The evolving hacker ethic is described and examined, and the justifications provided by hackers are investigated.
TopBackground
There are numerous cases of famous hackers widely available. For example, Gary McKinnon, who hacked into 97 US government computers, including the US Navy and NASA, between 2001 and 2002 using the online name ‘Solo’. His declared motive was “to prove US intelligence had found an alien craft run on clean fuel” (BBC News, 28th July 2009, para. 3). McKinnon’s hacking became an obsession, and other aspects of his life began to suffer the consequences. He lost his job and girlfriend, stopped eating properly and neglected his personal hygiene. In hindsight he indicated that he “almost wanted to be caught, because it was ruining me” (Boyd, 2008).
Former hacker Kevin Mitnick in particular has made a career from advising on computer security and has authored a number of books on hacking, with a particular focus on social engineering methods (see for example Mitnick & Simon, 2002; Mitnick & Simon, 2005). Mitnick was involved in hacking behaviors from a young age, manipulating telephone systems in order to play pranks and later progressing to infiltrating computer systems. He was apprehended by the police several times, and served time in prison for his hacking. He has since founded a company aimed at improving organisations’ IT security, and regularly gives guest lectures based on his hacking experience and security expertise.
Adrian Lamo has also experienced a lot of publicity due to his hacking activities. His ‘white-hat’ attempts to improve the security of firms led to mixed responses from the companies involved – some were highly appreciative of his efforts, while others filed lawsuits against him (Mitnick & Simon, 2005). He has allegedly hacked into some very high profile companies, including Microsoft, Yahoo!, and Cingular. On managing to hack into the New York Times, he utilized their subscription to LexisNexis for three months, before reporting the security hole to the newspaper, via a third party journalist. The New York Times reported the infiltration to the FBI.