Did you know that in 2018, the total cost of cybercrime amounted to 1 trillion US dollars? In this digital age, almost everyone relies on some form of technology to store information. From social media accounts, bank accounts, to confidential government projects, there are countless pieces of information stored in computer systems, most of which users wish to conceal from the public. As a result, just hearing the word ‘hacking’ might lead you to think of devastating cybercrimes. While it is true that hacking has caused a lot of havoc on computer systems of individuals, organizations, or even governments across the globe, hacking has also been crucial to the development of modern computer technology. Aside from the common stereotypes, there are actually many facets of hacking that the public remains unenlightened on. This study will take a closer look at these neglected fronts and introduce a whole new world of hacking.
In general terms, hacking is the action of breaking into a computer system through any means, with intentions of which include but are not limited to compromising the system, causing delays, crashes, or exploiting data. The results of hacking could be beneficial or destructive, depending on the intentions of the hacker executing the attack. The term ‘black hat’ refers to a hacker who has malicious intentions and is hacking to achieve a selfish goal or to create a nuisance. Two common motivations of black hats are either to gain fame or to gain wealth. The term ‘white hat’ refers to a hacker who is hacking not to achieve malignant objectives but instead to find a vulnerability in a computer system in order to fix it. White hats are a contrast to black hats and usually have a strong sense of virtue.
The word ‘hacking’ can be traced back to the 1960s in the Tech Model Railroad Club of the Massachusetts Institute of Technology (Williams, 226). At that time, hacking wasn’t used on computers at all. Instead, the engineers and workers in the club hacked their advanced train systems, hoping that they could improve the functions of their train systems. Later, they moved on to using IBM 704’s computers, creating new paradigms and expanded the abilities of the computers. During this time, hackers had positive intentions, and they were pioneers of the modern computer industry (Williams, 153). For example, Dennis Ritchie’s and Keith Thompson’s UNIX operating system was created by hacking, and it was actually a really advanced system at the time (Ritchie, 35).
In the 1970s, while computer hackers continued to explore the abilities of computers, a new type of hacker appeared, called ‘phreakers’ (Chirillo, 6). Phreakers were phone hackers who used the internal-use tones of different telephone companies to ‘trick’ public telephones into dialing long-term calls without taking money from the user. Interestingly, one of these tones was the illustrious 2600 Hz tone, which were emitted from the toy whistle in Cap’n Crunch cereal packages. As a matter of fact, even Steve Jobs and Steve Wozniak were phreakers at this time (Leeson, 5).
After the 1980s, personal and household computers became more popular, and with the rising amount of computers, new types of hacking like viruses were created. The amount of bad hackers, or black hats rose significantly (Williams, 161). In this decade, the first ransomware, the notorious trojan horse virus, and many other malwares were invented (Burger, 5). It was also at this time that the legislature around the world started to make laws against hacking, like the Computer Fraud and Abuse Act in the United States, and the number of white hats, or ethical hackers who wanted to improve cybersecurity systems and computer networks, rose subsequently.
The next decade gave birth to some of the most notorious hackers of all time, like Kevin Mitnick, Kevin Poulsen, Robert Morris and Vladimir Levin.
Now, as we advance into the 21st century, the development of the Internet has led to a golden age of hacking, and large amounts of new hacking methods were developed such as DDoS attacks, baits, clickjacking, etc. Nowadays, computer systems of large companies, different governments, and personal computers are all in risk of cyberattacks, and these attacks can sometimes cause severe damage to the systems. According to the statistics of the Ponemon Independent Research Institute on Data Protection, the United States is at the top of the list of countries targeted by hackers, but many other countries also take up a significant portion of the attacks, including Taiwan. It is evident that despite the developments of new cybersecurity protocols, hackers and new hacking technology always seems to stay one step ahead; therefore, to understand hackers better, we need to analyze their motivation and the underlying economics of hacking.
The Motives of Hackers and the Economics Behind Hacking
Costs of hacking hackers can be separated into two main categories: white hats and black hats. Both types of hackers have to face an initial fixed expense that includes computers, cables, modems, and most importantly, electricity bills (Leeson, 18). In addition, other than the basic expenses, hacking itself is an unlawful action, so for black hats there is another underlying price–the law. Even white hats will have to face the law if they hack without approval. Due to these costs and risks, hacking isn’t something the majority of hackers will do just for fun under normal circumstances. Of course, there are always exceptions such as Kevin Mitnick or Kevin Poulsen, but there are very few of these examples compared to the number of hackers out there. Hackers must have a motivation, otherwise their actions would not fit in a supply-demand system (Leeson, 7).
Motives of White Hats
The motives of white hats that work for other companies is usually either to receive a salary while not violating the law, or to fix vulnerabilities in systems due to a sense of integrity. There are also white hats that don’t work for companies, and thus their motives are usually harder to analyze because they aren’t motivated by profit or any personal gains. These white hats are the minority of hackers that try to improve the cyber world while risking their own necks, as they are still hacking without approval.
Motives of Black Hats
Black hats can mainly be categorized into two categories: those who hack for fame and those who hack for profit.
- Hacking for fame. One crucial concept that Schell gained from his research was that although hackers were viewed as nerds and geeks, oftentimes they behave just like normal people, and they also like to socialize with other members in the hacker community. This is why there are many hacker meetings, organizations, and communities around the world. Hackers who hack for fame basically strive to hack into strong systems to impress the hacking community and gain recognition among other hackers. As professor Leeson mentioned in ‘The Economics of Computer Hacking’, “In the language of economists, the hacking community has a reaction function, which specifies how this community reacts with fame to various quantities of hacking that are supplied by hackers. More hacking is rewarded with more applause and less with less applause. The hacking community’s reaction function is therefore positively sloped like the supply of hacking itself” (Leeson, 20).
- Hacking for profit. For hackers who hack for profit, their main goal is to gain as much monetary value through hacking; thus, they commit crimes such as stealing money from other people’s bank accounts, selling classified information on the dark web, working for illegal organizations, etc. As a result, the supply and demand graph for the profit-driven hacking ‘market’ is much like the conventional one.
Percent Distribution of Hackers with Different Motives
Currently, a comprehensive and accurate analysis on the demographics, motives, lifestyles of hackers is the research project done by professors Bernadette Schell and John Dodge. In their project, they randomly surveyed 200 hackers from around the world who attended the H2K hacker convention held in New York and the DefCon 8 hacker convention held in Las Vegas (Schell and Dodge, 22). To make the survey data accurate, Schell and Dodge promised all those surveyed that this would be an anonymous survey. According to their analysis, of all the hackers they interviewed, only 11% of hackers were actually maliciously motivated. Of the rest of the hackers, 36% of the hackers just aimed to surmount challenges and test their programming skills, 34% of the hackers were white hats working for different companies, and 19% hacked plainly to make the world a better place (Schell and Dodge 30).
The Effect of Hacking on the Modern Society
Some of the positive effects hacking has brought include the improvement of cybersecurity technology across the world and the evolution of computer and software technology (Levy, 38). Of course, these developments come with a price, and that is the growth of illegal hacking. There are countless misconducts hackers can commit, and victims range from individuals, organizations, all the way to large government agencies. Most of these attacks are intentional attacks, and the effects of these attacks range from minor delays to complete shutdown of IT systems. The following are specific examples of cyberattacks and the disruption that can result from them.
- Attack on personal computers (the Wannacry Ransomware Attack). One instance of a hacker attack on PCs was the Wannacry worldwide ransomware attack in May, 2017, which caused a global breakdown of systems operating with Microsoft Windows (Brenner 58). In this attack, countless computer systems in over 150 countries were affected, and victims ranged from regular people to large companies. Victims were forced to pay a ransom via bitcoin within the time limit, or else their data inside the computer would be deleted.
- Cyber warfare. Other than stealing data, leaking confidential information, and other forms of sabotage on different IT systems, the development of cyberattacks has also brought forth a greater consequence – cyberwarfare. A century ago, when a country planned to harm another country without actually going to war, they could only perform actions in the forms of sanction, spying, assassinations, etc., and these actions were often easily exposed. Starting from World War Two, however, countries have started to advance their abilities of cyberattacks. In the modern world, cyber warfare has become so ubiquitous that on average, there is an intentional cyberattack every 39 seconds (Milkovich). This has forced many countries to put ever-increasing amounts of resources into developing defenses for their networks and establishing IT security teams. Cyberattacks can also leak classified information of different countries, thus leading to the collapse of the economy, diplomatic fallout, etc. (Carr, 74). Even worse, many of these attacks are false flag attacks, meaning the hackers disguise their attack so as to frame a particular party, group, or nation for performing it (Thomas, 80). One of these devastating attacks was on the Pentagon on April 21st, 2009. In this attack, several terabytes of data on the 300-billion-dollar Joint Strike Fighter project were leaked, and the entire communications network of the Pentagon shut down for more than an hour before the attack was brought under control (Carr, 37). It was presumed that the hackers were from China and that the Chinese government initiated the attack, but due to the false flag technique the hackers used, the source couldn’t be determined (Carr, 38). This example is just one of the hundreds of devastating cyberattacks that have happened to countries all over the world, and despite the constant improvements in cyber security, black hat hackers always seem to be one step ahead.
After looking at the evolution, the economics, and the effects of hacking, we have a clearer understanding of hackers and their vital impact on the world, but why is hacking a thing, and why are there so many hackers? It began as a method to explore and improve the potential abilities of computer systems, but things went downhill when new hacking methods like viruses and malware were born. A decade later, numbers of hackers rose, and an economic system of hacking developed following the rise of the popularity of hacking. Nowadays, not only does hacking constantly affect the individuals in the society, but it has also become a new method of war. So, why did the once ethical and beneficial hacking decay into a tool for crime? The answer lies in human nature-greed, vengeance, or maybe even the joy of watching others suffer. How can we stop unethical hacking? There is no possible answer. Human nature is the reason there is so much unlawful hacking going on, and as long as there are desires in the hearts of people, unethical hacking will never stop. Despite the attempts of white hats and improvements of cybersecurity, black hats will always find vulnerabilities in computer systems where they can drill through and fulfill their desires.