Sunday, March 9, 2014

Hackers of Many Hats

Hack·er: noun. 
  1. A person who secretly gets access to a computer system in order to get information, cause damage, etc.
  2. A person who illegally gains access to and sometimes tampers with information in a computer system.
Merriam-Webster Dictionary
By JC (Privacy Rights) - According to popular culture, hackers are the new super villains of our technological era.  They steal our information, exploit our security weaknesses, and threaten our national security.  They’re the Green Goblins of cyberspace, coming out of their evil lairs to terrorize innocent civilians.  Even official dictionary definitions of “hacker” have overtly pejorative connotations.
Hackers make headlines.  “How hackers stole millions of credit card records from Target,” “Indian hackers pose as Netflix Tech Support, aim to steal files, identity,” and “Bitcoin bank Flexcoin shuts after theft by hackers” are just a few of many recent high profile hackings.  The “saving the world from an evil hacker” trope has also been a Hollywood favorite in recent decades.
This hacker reputation is laughable; it's equivalent to labeling all gun owners as bad guys.  This is a naïve view of hacking and fails to make the distinction between method and intent.  In order to improve cybersecurity and protect individual privacy, we need to address these misconceptions about hacking.  It's time to fix the hacker reputation.

On the most basic level, a hacker is a person who seeks and uses weaknesses in a computer system or computer network—Merriam-Webster isn't wrong about that.  However, the more nuanced understanding of hacking involves the intent of the hacker.  On one hand, we have “black hat” hackers.  These are the stereotypical hackers who hack with the malicious intention of illegally breaking into computer systems and networks to steal private information and benefit from improper use of this information.  On the other hand, we have benevolent “white hat” hackers who hack into computer systems and networks in order to ensure the security of information systems by performing preventive penetration testing and finding bugs and other potential security weaknesses.
Black hat hacking tends to receive more media attention due to the intrinsically flashier nature of its crimes.  The massive Target credit card security breach happened last December but is still being discussed today.  Black hat hackers such as Guccifer gain notoriety by hacking influential public figures and celebrities—one of Guccifer's claims to fame is his leaking of George Bush's personal paintings.  Black hat hacking is exciting because it is so bad.
However, the media also paints a narrow view of benevolent hacking by only associating it with controversial hacktivist groups like Anonymous.  Anonymous has taken action on high profile issues such as anti-digital piracy campaigns, major corporations (PayPal, Sony, etc.), WikiLeaks, and the Occupy movement.  Depending on your stance on these topics, you may view Anonymous as a group of freedom fighters or a group of cyber terrorists.
The current media treatment of hacking is a serious problem; we need to expand public understanding of hacking in order to create a more secure cyber future.  Hacking is a self perpetuating problem nowadays: hacking's controversial and predominantly negative reputation creates general aversion to hacking, which in turn increases both state and third party organizations' vulnerability to hacking by simultaneously decreasing the supply of qualified white hat hackers and creating widespread ignorance about why and how to pursue preventive cybersecurity measures.
Today, most governments and companies are not adequately protected against cyberattacks.  We are all too familiar with cybersecurity breaches against targets such as the US government, media agencies, and major corporations.  In fact, the loss of private data is becoming a problematic norm; does a week go by without a successful significant cyberattack?  To fix this problem, we need more benevolent hackers.  We need to prioritize preventive hacking.  And most of all, we need to first fix the hacker reputation.
Hackers aren’t just storybook super villains; they’re the heroes too.  If the Green Goblin is a hacker, then Spiderman is an even better hacker.  Peter Parker’s uncle once said, “With great power comes great responsibility.”  He’s right.  We can perform both great and terrible feats through hacking—what really matters is how we use this new hacking power.  So now, we need to stop criminalizing Spiderman.  He can’t fight crime if he’s being chased by both the police and the villain of the week.

No comments:

Post a Comment