Difference between revisions of "Extant Hacker Typology"
Mikepinder (Talk | contribs) (Created page with "==Extant hacker typology== Currently understood hacker types and sub types will now be discussed in order to distinguish potentially generative innovation sources for firms a...") |
(No difference)
|
Revision as of 14:51, 30 August 2014
Contents
Extant hacker typology
Currently understood hacker types and sub types will now be discussed in order to distinguish potentially generative innovation sources for firms and brief case studies giving real world examples.
The extant typology of hacking within literature provides a slightly broader conception of popular understandings into three hacker types:
- Computer Security Crackers
- Computer Hobbyist Hackers
- Enthusiast Programmer Hackers
Pressures to differentiate one form of hacking initially emerged with the introduction of new laws and legislation seeking to criminalise activities involving computer cracking acts, resulting in three types above.[1] Within these categories several sub-categories classify the actual type of activity performed along an illegal to legal dimension and spans from data theft and mere property vandalism to state sponsored hacking and IP regime infringements.[2]
The three types or classes define cracking or hacking in a pejorative, negative, illegal and destructive light, based on stereotypical profiling in popular media and culture. It is rarely used in a positive, innovative and generative sense. Hacking acts are instinctively and implicitly assumed to be counterproductive and solicited with selfish and destructive or politically motivated intentions that serve countercultural or even extremist views in the pursuit property theft or disturbing the establishment in some way: entirely negative consequences of the structure and nature of a competitive market-driven economy.
1. Computer Security Crackers
The first class defines a person who seeks-out weaknesses in computer security systems in order to exploit them and is motivated by financial gain or as a stimulating personal challenge by a third party to a computer system or network infrastructure. More accurately known in computing circles as a cracker, this type consists of several sub-groupings including: black hats, grey hats and white hats. All classes involve some form of criminal behaviour via intrusion, theft, or otherwise causing disruption to a computer and/or a network in some way.
Security cracker sub-types
Black-hat (cracker)
This sub-group is deemed the most disruptive and involves someone who intentionally violates computer security for personal gain by destroying or stealing data and/or rendering a network inoperable by its authorised users. Example tactics for black hat hacking include, writing of malicious code, deploying viruses, trojans, use of bot nets, rootkits, denial of service attacks (DDoS), remote file inclusions, spyware or other means to illegally infiltrate security systems with the intention of causing harm to it.
Further sub-classes of black hat crackers include:
- Elite (l33t) or rogue hackers – skilled hackers engaged in general malicious hacking through malicious means and intentions.
- Neophyte or ‘newbie’ – someone who attempts hacking with little or no understanding of the underlying technology used.
- Script kiddie – a non-expert crackers who uses the tools of others (with little or no working knowledge) to perform hacking acts.
- Spammers, adware and social engineering crackers (phishers, cyber criminals, fraudsters and organised criminal gangs.
- Corporate spies – competitor intellectual property and competitive information gathering
- Blue hats – a security expert cracker brought in to the firm to find security holes before a product or service is launched to the general public.
Black hat hackers are typically the source of demonisation in popular media and wider culture. For example, in a recent BBC Television adaptation of the Sherlock Holmes novels, the archenemy character, Moriarty is portrayed as a hacker and cyber-criminal mastermind, claiming the ability to “...open any door, anywhere with a few tiny lines of computer code... There is no such thing as a private bank account now” [BBC, 2012]. Playing on the illegal computer security black hat end of the stereotype extreme and inline with popular media usage, such contemporary hacking portrayals reinforce the general perception of cracking and hacking involving potential national security breaches, threats to privacy and personal data theft. These portrayals play upon a mysterious and unknown (zero-day) set of black box elite programming skills and capabilities to manipulate and exploit security weaknesses in computer systems for personal financial gain, that are as yet unknown security holes and weaknesses to administrators. Actual methods and practices are rarely revealed or explained and are left open to factual scrutiny (and generally superfluous to the narrative). There is however, an assumption that computer weaknesses can and do exist and are freely and easily exploitable by anyone in possession of the appropriate black box skills needed to compile and deploy devious and destructive code for a desired outcome.
Black-hat institutional hacking
Hacking in the computer security cracker sense, is not merely confined to cyber criminals, vandals and data thieves, but also applies to hackers of legitimised origins in activities commonly undertaken by nation states, governments and security agencies around the world; even international media organisations.
Lawful interception, as it is often labelled, refers to sanctioned and authorised cracking by government sponsored security agencies, for example:
- UK Global Communication Head Quarters (GCHQ); MI5; MI6.
- US National Security Agency (NSA); Central Intelligence Agency (CIA);
- Federal Bureau of Investigation (FBI)
- Bahrain National Security Apparatus (NSA)
- Israeli Institute for Intelligence and Special Operations (MOSSAD)
Institutional hacking includes: surveillance and spying of citizens and nation states by cracking digital devices, computers and smartphones by intercepting or hijacking emails, instant messages and chat service monitoring (Skype, Google Talk and other IP telephony services), bugging conversations, GPS tracking; even deploying viruses and spyware in some cases.[3]
Black hat case study: Iran’s nuclear enrichment program
One such high profile case recently emerged in the now proven state-sponsored, multi-governmental deployment of a super-virus using cracker tactics similar to those found within underground, mystical cracker groups that occasionally emerge in the public domain.
In January 2010, nuclear investigators from the International Atomic Energy Agency (IAEA), reported on the state of uranium enrichment in Iran and the anomalous number of component malfunctions, failures and replacements within its facilities. Investigators found that centrifuges used in the enrichment process were being replaced well above the rate that was expected during the normal component working-life expectancy.
In June 2009 a digital worm virus labelled: Stuxnet by Microsoft was deployed by an unknown organisation or group of crackers and was later discovered upon reverse engineering, to be the most sophisticated piece of malware ever written and was dubbed the world’s first cyberweapon [Sharma, 2012].
The virus was written with several stolen driver certificates stolen from device manufacturers in Taiwan with the intention of targeting industrial control software for motors, valves and switches in a broad range of assembly line systems, gas pipelines and water treatment plants made by the Siemens corporation. At first it appeared a simple case of industrial espionage, but on deeper inspection by various anti-virus firms, a plethora of complex data and complex hidden commands were revealed. Particularly of interest was the way in which the virus stored its data in RAM (Random Access Memory) rather than the hard drive by actually modifying the operating system files themselves, making it nearly impossible to detect.
Once the virus’s reporting servers were located and traffic re-routed to servers at anti-virus firms, the extent of the infection started to emerge, with a focus on Iran with the highest number of Stuxnet infections. It also emerged that the virus was initially spread by USB storage sticks at five different organisations within Iran and not via the Internet as is usually the case. Deeper inspection revealed the virus had 400 attacker controller remote configuration commands and had an inbuilt self-shutdown date of June 24th 2012. After the virus checked if the particular Siemens software was installed, it decrypted the system file payload to install its operational functions.
Stuxnet worked by intercepting commands between machinery and operating computers and replacing commands with its own as well as disabling automatic alarms and masking it’s actions to other operating computers. It was designed for sabotage and hid its own tracks in the process and was the first time digital code had been found to cause actual physical damage, crossing the boundary between virtual and real world, usually only found in fictional movies.
It eventually emerged that the virus targeted a specific coding value ‘2C CB 00 01’ before it decided to attack, hidden within two manufacturer reference codes for specific frequency converters occurring in just two hardware components that increase or decrease the spin of centrifugal device motors. This in effect allowed Stuxnet to destroy the centrifuges used for the enrichment of uranium used in nuclear weapons development and led to delays, estimated to around 2015, before Iran will reach full nuclear enrichment capabilities. The sheer complexity of the virus, insider knowledge and vast resources needed to develop the 15,000 lines of skilled code (that only a handful of people are trained to use and develop); to execute commands within a propriety manufacture developed programming language, on two specific and different devices suggested and was later admitted as multi-governmental involvement driven by a common World political agenda between the US and Israel.
Other forms of black hat hacking such as these could create power blackouts by permanently damaging generators, cause oil and gas pipelines to explode, ground aircraft, disrupt water supplies, distribution systems or other critical infrastructure. These attacks can happen at the interface between the virtual and physical worlds via computerised controllers, similar to those targeted by Stuxnet. Although Stuxnet achieved its goal of delaying Iran’s nuclear enrichment processes, it also put the virus and accompanying code into the public domain. Other crackers could in theory at least, hack the virus and modify it for deployment into other computer controller environments around the world, particularly in the west, where Internet dependent infrastructure technologies are commonplace.
Whilst clearly an extreme black hat cracking case, the Stuxnet history demonstrates one of the most complex cases of illegal cracking to date and is a far cry from any form of generative hacking that could help drive firm innovation efforts.
Governmental cracking in Germany
In 2011, a group called the Chaos Computer Club cracked state spying software programs allegedly used by the German authorities; pitting underground hackers against state sponsored hackers directly in combat with one another. It was later revealed that a trojan horse capable of spying on Internet communications, placed files on an infected machine and reported back to a central server in the United States.[4] If it transpires that such code was deployed to compile criminal evidence to be used in legal proceedings and prosecutions, this would violate German constitutional law and severely breakdown the boundary between government and democratic society.
In the anti-terrorism age, governments have vested interests in keeping computers open to security vulnerabilities as it allows easier access by intelligence agencies to spy on its members of society, raising fundamental questions about constitutional and individual rights.
News international phone hacking/cracking
Another example security data theft cracking or ‘hacking’ as it was labelled, featured extensively in the media through 2011 and 2012 with controversy in what became known as, the Phone Hacking Scandal involving The Sun and News of the World newspaper’s owned by News International.[5] These were in fact acts of black hat cracking, not hacking but involving information data theft from various celebrities’ mobile phone voicemail boxes via malicious means and unauthorised caller ID-spoofing. This was simply achieved by news reporters disguising an originating caller ID, using freely available tools to match that of the desired voicemail box, simply by obtaining the correct phone number of the target. By using factory default PIN codes (if a user code was in place at all), reporters could gain legitimate access to listen to voicemails. Sensational and highly private conversations, information and stories were then reported and written in the press accordingly to the utter surprise of those targeted.
Various forms of institutional cracking are not merely confined to underground deviant groups and individuals working in organised gangs, but also apply to public institutions and legitimately empowered organisations throughout society.
Cracking acts to access private data fall under the black hat cracker definition by the nature of attempting to circumvent security measures in order to steal information by acting maliciously. Such reckless scandals serve only to distort popular perceptions of the full spectrum of hacker activities disregarded all as deviant and highly illegal acts to be punished by the full extent of the law. Under these popular extremes it is hard to see and no wonder to imagine hacking as anything potentially useful or widely beneficial to society as a whole.
Grey-hat hackers
This group lies between black hats and white hats and are seen as skilled hackers (also known as elite’s, leet’s, l33t, 1337[6]) and security researchers, sometimes acting illegally and other times legitimately. These crackers autonomously search for vulnerabilities in computers, networks, products and services and may sometimes notify owners for direct financial reward for fear of going public. Grey hats scan the Internet for security holes and then charge owners a fee for notification about what to fix in order to become more secure.
White-hat hackers
White hats break into computer networks, not for malicious reasons, but for testing purposes. These hackers are known as ethical (good) hackers who provide network security information and advice on penetration testing and protection against other malicious hackers seeking to gain unauthorised entry or access. Firms employ white hats (sometimes called blue hats) to find security holes in their computer systems in order to make them more secure to other hacker attacks.
2. Computer Hobbyist Hacker (primarily hardware)
The second class involves a person who heavily modifies the software or hardware component of his or her own computer system. This group differs from the Computer Security grouping in many ways; primarily as acts of hacking are executed to one’s own possessions, rather than that of a third party. Here the purpose is to modify, rebuild, add features or improve a device some way. Hobbyist hacking requires high-levels of computer knowledge and is regarded by peers as ‘elite’ due to the complexity of writing circuit level code, drivers or firmware.
Well known computer hobbyist hackers include Steve Wozniak and Steve Jobs who helped create the personal computing industry based on hardware and software hacking of existing computer components within their parents garages. Job’s famously hacked a quote originally by Pablo Picasso saying, “lesser artists borrow, great artists steal” to “good artists copy, great artists steal,” referencing the often illegal use of other owners IP and the re-combinatory nature of artistic works and commercial design methods that also follow closely with the hacker legal dimension.[7]
Examples of Computer Hobbyist hacking by changing hardware components:
- Product Hacking
- Musical instrument hacking
- SLABS touch pads
- GuitarBot
- Commodore64
- Atari 2600
- Children’s electronic drum pad hacking
- IKEA furniture hacking
- Toy hacking
- Quadrotors/quadcopters/hexacopters
- Furby
- Nerf Guns
- Bicycle hacking
- Vacuum cleaner hacking
- Rhoomba mods
- Nintendo Wii-Mote hacking
- Industrial crane controller
- Lawn mower controller
- Head tracking
- Radio controlled car controller
- Protractor measuring tool
- Graphical visual interaction sensor
- PC game controller
- Finger tracking and image browser
- DJ music controller
- Smartphone controller
- Musical instrument hacking
Examples of Computer Hobbyist hacking by changing the software component:
- Mod Chip Development
- TiVo
- Microsoft XBOX, Sony PlayStation, Nintendo Wii
- Microsoft Kinect hacking[8]
- Nintendo Wii-mote hacking
- Single Board Computers
- Arduino hacking
- Raspberry Pi hacking
- Google Nexus Q hacking
- OUYA games console hacking
- Oculus Rift DK2
3. Enthusiast Programmer Hacker (primarily software)
This third class includes hackers that originated in academic circles at Massachusetts Institute of Technology’s: Tech Model Railroad Club and Artificial Intelligence Lab. These enthusiast programmers go to great lengths to emphatically-distinguish themselves from continued popular media and journalistic misuse of the term hacker in an illegal, negative sense; but instead, refer to illegal black hat criminal and malicious acts as crackers (computer security hackers: black, grey and white hats).[9]
Enthusiast programmers are a class of hackers who find pleasure in intimately understanding the internal workings of systems and enjoy the challenge of enabling a technology to execute a task that it was not originally designed or intended to do.[10] For this group, hacking is about the excitement and exploration of unlocking and harnessing the un-tapped creative potential within digital devices as a means to expand personal learning and knowledge about how an artefact works, by modify and improving its functionality or features some way.
Areas of Enthusiast Programmer hacking by changing software:
- Software hacking modifications
- Homebrew computer games
- Game console ROM emulation
- Open Source software
- Jailbreaking devices
- Bootloader replacement
- ROM development teams
Specific Examples:
- Hackintosh computing (running OS X on PC platforms)
- Smartphone hacking: iOS, Android, Windows (developing custom
ROM’s)
- XBOX Media Center (XBMC)
- Apple TV hacking
- E-Reader hacking (Amazon Kindle Fire, ASUS Nexus 4, 7, 10)
- Sony Aibo Dog hacking
- OUYA games console hacking
- Network Attached Server hacking (NAS drives)
- Tablet hacking (iPad, Amazon Nook, Kindle Fire)
- Netbook hacking
- Canon Hack Development Kit (CHDK customised firmware) o Home internet router hacking (WWRT, Tomato customised
firmware)
- Audio sampling hacking: remixing and sampling mashups (the birth to hip-hop music)[11]
- Lego Mindstorms NXT hacking[12]
4. Hacktivists and other emergent meanings
Further term meanings have emerged in recent years in popular culture in the context of political activism termed hacktivism. A hacktivist is defined as someone who uses technology by any means to promote a political message or agenda. Since 2010, a variety of politically motivated hacker acts have featured heavily in the World press, triggered by global unrest amidst economic uncertainty, austerity, conflict, global terrorism and resistance to dictatorship rule.[13]
Usage for the hacktivist term comes from the context of challenging the existing establishment. A form of rebellion and public protest by using information technologies at strategic and tactical levels in public protest of governmental secrecy and privacy measures, governmental world policy, legislation, freedom of speech, civil liberties and Internet information freedom. Hacktivists use world wide digital technologies, services and networks to collaborate, organise and coordinate in non-hierarchical structures to act against the vectorialist ruling classes, who in their eyes who abstract and abuse the idea of private ownership over nature and its people, information and personal freedom to an intolerable point, whether through authoritarian corruption, legislation, abuse of power, control or rule (particularly in a time of international economic instability and mass youth unemployment), where the divide between the haves and have-nots becomes more apparent. Under these conditions, hacktivism acts as a type of direct public protest and demonstration using digital disruption as electronic sit- in protest.
A variety of high profile black hat computer security attacks have occurred with the support of cracker groups. These range from WikiLeaks whistleblowing Web site publicly disclosing private, secret and highly-classified governmental data from black hat hacking activities to the Internet hacker group Anonymous, targeting Egyptian governmental infrastructure with the political aim of aiding democratic free rule, freedom of speech and toppling suppressive governments.[14] Hacktivisists are self proclaimed geo-political hackers, part of the rise of the hacker class; a borderless and anonymous class fighting for governmental transparency, openness, accountability and democracy by any means, legal or otherwise in the digital landscape.
Underpinning hacktivism are the same hacker ethics found across all hacker classes. Ideals and values such as freedom of information, censorship, democratic rule and crucially, access to truth. Hacktivists take the form of left- wing aggressive (mostly illegal) extreme political activism, but more generally perceived as confrontational protectors and guardians of the wider hacker ethics. When the vectoralist class encroaches too far upon hacker ethics to an unacceptable degree, in any context or country, then hacktivists will most likely become sufficiently motivated to take direct confrontational action. As the Anonymous hacktivist group themselves put it, ‘we are the final boss of the Internet’ referencing computer gaming culture bosses who are found at the end of long campaigns and must be defeated in order to win the game once and for all. Once the bosses have been defeated, the game is won and there is no higher authority or brute, more powerful to overcome [Nappenberger, 2012]. Hacktivists in this sense are self-classed as the most powerful bosses with no contender able to defeat or be controlled by. In their eyes transcend any and all forms of authority and rule other than to themselves.
Hacktivist groups such as Anonymous and LulzSec emerged in all contexts (working in globally distributed teams) where hacker ethics and information freedoms have been disregarded by the ruling classes and establishments who seek to control, restrict and regulate the flow of knowledge in society in one way or another. Direct action has been sought against nation states, governmental departments, religious groups, institutions and individuals perceived as encroaching too far upon hacker ethics.
Arab Spring Uprisings
In 2011 motivated by promoting freedom, democracy and truth for all, hacktivist groups targeted, defaced and brought-down governmental Web servers in Tunisia, Libya, Bahrain, Egypt, Jordan, Syria, Yemen, Algeria and Morocco by initiating DDoS attacks in response to governments shutting down Web infrastructure and communication technologies from their demonstrating citizens in an attempt to quell rising civil disobedience. Global hacktivist groups set up ad-hoc dial-up modem connections to allow information to flow in and out of countries digitally silenced by their rulers to the rest of the World. Such actions it has been claimed helped contribute to the toppling of several governments during the Arab Spring uprisings around the World in 2011.[15]
Anonymous in particular were involved in a range of global hacktivist activities:
- The launch of ‘the single largest attack in its history’ during Anti- government legislative protests against the US Stop Online Privacy Act (SOPA).[16]
- Distributed Denial of Service (DDoS) attacks on Visa, Mastercard, Paypal systems in response to shutting down financial services to WikiLeaks.[17]
- High profile DDoS attacks on: US Department of Defense (DoD), FBI, Church of Scientology as well as other governmental sites in Tunisia, Anguilla, Brazil, Zimbabwe, Turkey and Australia.
- Defacement of governmental Web sites in the People’s Republic of China in response to strict governmental control and censorships of information on the Internet, known as ‘The Great Firewall of China’.
- Defacement and data theft of child pornography sites including, data theft and publishing of subscriber user information to aid prosecutions.
Causal triggers
Some possible causal triggers for the recent rise in hacktivist acts by third party encroachment on hacker ethics:
- Western foreign policy in the Middle East post 2001, 2004 and 2005 terrorist attacks in the USA, UK and Span triggering war in the Gulf and Afghanistan.
- National and international security agency data spying and encroachment upon citizen privacy, policy and legal rights changes.
- Intrusion and surveillance measures by governments, restricting the freedom to move, arguably held exclusively for the powerful via technological sanction.
- Global economic crisis, limited access to economic opportunities under dictatorship regimes:
- Arab Spring uprisings.
- One hundred and fifty riots recorded Worldwide between 2010-
2011 alone.
- Physical and digital sit-ins such as the Occupy Movement.
- Government austerity measures and spending cuts highlighting the economic differences and access to opportunities between population classes.
- The recording industries battle against copyright infringement and rights to claim rents from proprietary created IP.
- Anti piracy and copyright legislation:
- Stop Online Piracy Act, Digital Economy Act (SOPA).
- Digital Economy Act (DEA).
- Anti-Counterfeiting Trade Agreement (ACTA).
- Bill C-11 of Canada.
- Online Piracy Act (OPA).
- Protect Intellectual Property Act (PICA).
- Cyber Intelligence Sharing and Protection Act (CISPA).
- Anti piracy and copyright legislation:
- UK parliamentary expenses claims scandal fuelling public opinion and demand for freedom of institutional information, data and accountability for the spending of public funds.
- Black hat hacking by News International & the Phone Hacking Scandal resulting in personal privacy data breaches and theft used to sell newspaper stories.
- Emergence and rise of identity theft and surveillance techniques by authorities and criminals (WiFi snooping, credit card readers, observing, RFID wireless passport scanners, mail theft, ‘dumpster diving,’ social network site trawling).
The emergence of the hacktivist class has arisen in the popular consciousness through high profile acts in response to disruptive World events over the past decade in tandem with the current economic crisis and the proliferation of digital technologies. An adverse side effect for hacker innovators is pressure placed upon governments, organisations and legislators to push for policy that intentionally curbs the flow of data, information as well as surveillance of its citizens, resulting in ethical encroachments and further aggressive retaliation by hacktivist groups.
There are clearly many triggers for the initiation of hacktivist activities by sufficiently motivated groups, but again, none of these directly involve forms of potential generativity or innovation consisting a degree of market value creation. As such hacktivist activities fall outside the scope of this discussion within innovation sources. Whilst outlining illegal and aggressive forms of confrontational hacking (data theft, sabotage and global protest movements) to place it in a wider hacking context, the innovation centric discussion will steer towards creative and generative activities and moving further along the illegal- to-legal dimension.
Cite error: <ref>
tags exist, but no <references/>
tag was found