Posted
After thoroughly enjoying the fifteenth Hackers on Planet Earth (HOPE) conference this past July, I have decided that it’s time for the term ‘hacker’ to be clarified. Because of the broad range of those who call themselves hackers, as well as the common perception of hackers based on the actions of a few, I want to explore the etymology of the word ‘hacker’ and the four main motivators for those who call themselves hackers.
This project initially started off as just one article, but the more I delved into each type of hacker, the more information I found necessary to include. This is the first part of three, wherein we will discuss the history and etymology of the word ‘hacker’ and explore examples of hackers motivated by political ideology. The next part compares hackers who are motivated by financial gain and hackers who are motivated by a desire for chaos or power, and delves into the evolution (or disappearance) of the "script kiddie". The final part discusses hackers motivated by a desire for knowledge or safety, my experiences at this year's Hackers on Planet Earth conference, and my own stance towards hacking.
If you stopped a person on the street and asked them to define the word 'hacker', what do you think they would say? Given what's on the news these days, it is likely they would describe someone who breaks into company or government systems in order to sabotage them or gain access to confidential data. If that person pays a little more attention to geopolitical conflicts or data breaches, you might hear words like “election interference”, “extortion” and “ransomware”, or company names like Change Healthcare and AT&T.
If you asked the same question twenty years ago, you might hear less about hackers who hacked for their governments or for profit, but that doesn’t mean that the perception of hacking was any more positive. Instead, the American media popularised the image of hackers as young men who worked alone or with their young male friends to deface websites, bring down companies’ systems, steal intellectual property, and generally cause mayhem. The stereotypical hacker’s motivators and actions may have changed, but his reputation has remained just as nefarious.
It’s a shame that the word ‘hacker’ now has this connotation, because the original definition of the word actually had nothing to do with malicious activity. The first people who called themselves ‘hackers’ were curious, problem-solving people who were interested in computers. Generally, these hackers simply wanted to understand and improve systems, not exploit them for personal gain or to cause widespread negative effects -- and importantly, they often denounced those who attempted to sabotage or reverse-engineer systems for gain, dubbing them ‘crackers’ . Today, many who are called hackers actually fall under the original definition for ‘crackers’ (also known as ‘phreakers’, if they attempt to reverse-engineer telephone systems, as Steve Jobs and Steve Wozniak used to do as teenagers).
Those who call themselves hackers in the original sense, including many ardent 2600 Magazine readers and HOPE attendees, still regularly refer to the hacker/cracker dichotomy and have spent decades trying to change the connotation of the word in the public eye. Personally, I think changing the minds and language of so many people is fruitless at this point – the headlines are basically the only way most even see the word ‘hacker’ – but we shouldn’t let the original meaning die out, either. This is the fundamental reason for why I now want to explore my typology for the four main schools of hackers. Whether others would call them hackers, crackers, or simply IT professionals is unimportant to me in this context; I specifically want to explore the four most common motivators of those who call themselves hackers. Let us now explore hackers who are motivated by political ideology.
From 2022 to 2023, cyberattacks motivated by “religion, politics and the quest for fame” increased from 1% to 35% of all cyberattacks. Many have heard of 'hacktivists' or 'nation-state-affiliated hackers'-- in this section, we discuss what a politically-motivated hacker looks like. The most obvious examples of this type of hacker are those employed by or affiliated with the governments of countries such as the United States, North Korea, Israel, China, and Russia – although the list of all countries which utilise hacking or cyber assaults for the stated purpose of ‘national security’ would be far too long to list here.
In the United States, pro-government ‘hackers’ are likely to be individuals employed full-time by the NSA or military to engage in ‘proactive cyber defence’, which includes hacking individuals and organisations (see well-known exploits or weapons such as Stuxnet and EternalBlue , but also allegedly the Stuxnet descendant Flame and Regin). In other countries such as Russia, it appears relatively more common for existing hacker collectives (such as Fancy Bear, Noname057(16), Killnet, and Xaknet) to be recruited or simply not persecuted by the government in exchange for executing attacks on enemies of the Kremlin (see: the cyberattacks that occurred on Ukrainian infrastructure and essential websites immediately prior to the Russian invasion of Kiev in 2022). We could certainly debate whether all nation-state-affiliated hackers act out of sheer patriotism or if they are motivated by something else (are they being pressured by their government? Are they just doing it for a paycheck?), but at the end of the day, the intended result of their hacking is that the government with whom they collaborate gets their aims furthered.
Also noteworthy are non-government-affiliated hacktivism groups such as Anonymous and WikiLeaks/DDoSecrets. Anonymous is a loosely-organised anarchist hacker collective which has regularly engaged in politically-motivated cyberattacks against a variety of targets since at least 2008. In my opinion, the sheer size and decentralised structure of Anonymous allows for those who simply want chaos to be easily lumped in with those who are genuine anarchists and hacktivists. Past targets include those who Anonymous has perceived to be “pro-censorship” (such as the American, Chinese, Russian, Belarusian, Tunisian, Zimbabwean, and Israeli governments, and various government sites and companies in Hong Kong), “anti-Wikileaks” ( Amazon, Mastercard, and Paypal), and controversial religious groups ( Westboro Baptist Church, the Church of Scientology). The extreme pro-anonymity, pro-anarchy and antisemitism that Anonymous has historically expressed are likely due in part to its origins as a trolling group on 4Chan.
WikiLeaks and DDoSecrets differ strongly from traditional hacktivist groups in that they don’t engage in attacks that bring down websites or affect availability-- instead, they publish previously secret data and act as whistleblowers. WikiLeaks is most famous (or infamous) for their leaking of controversial US military logs and footage provided to them by then-US Army soldier Chelsea Manning, and later, their public archive of Hillary Clinton's private email server during her 2016 US presidential campaign. DDoSecrets, while slightly less-known, is the world's "largest public library of previously-secret information". It has published historic leaks of confidential American police force data in 2020 (BlueLeaks), a huge amount of data about the Russian military since the start of the war in Ukraine, and leaked Parler data which was used as evidence during the second impeachment of Donald Trump.
Most recently, pro-Palestinian hacktivist group BlackMeta has claimed responsibility for the cyberattacks on the nonprofit Internet Archive, alleging that they did so in order to “[highlight] the plight of innocent Palestinian people” and that targeting the digital library “serves to underscore the importance of [Palestinians'] story and experiences”. They have also claimed involvement in DDoS attacks on multiple Israeli banks and Big Tech companies, but all of these allegations have yet to be confirmed. It is currently theorised that multiple actors were at play during the days-long cyber assault on the Internet Archive.
Thank you for reading the first instalment of this series! I look forward to publishing the next part, which will discuss financially-motivated hackers, hackers motivated by a desire for chaos or power, and the evolution of the "script kiddie": the unskilled teenage hackers of the 90s.
Throughout this series, I would also like to make it clear that I do not support any illegal or unethical hacking activities or groups. Given the seriousness of the subject, if you note any claims that are factually incorrect, don't hesitate to let me know by email, and I will correct them as soon as possible. Thanks!