I usually feel sorry when I see the latest news about data compromise, hacks, or identity theft. Though I feel for the victims, I also think about the individuals carrying out the act. Society rightly looks down on such behavior, especially if the victims are everyday people.
What about when a high profile organization or government is hacked? What if an organization of questionable reputation is targeted? The online group Anonymous often aims at high profile targets with their hacks, DDoS attacks and other planned invasions. By making the decision to compromise organizations, even questionable ones, Anonymous assumes responsibility for its actions. Individuals that are a part of this online group hide their real identity to commit acts that are illegal.
Growing up, I believe most young people interested in computing are aware that there is a “wrong path.” As in, property damage and theft are wrong. This path includes learning how to break into different types of computer systems to seek information or modify a system’s behavior, typically for reasons advantageous to the hacker. Anyone that is involved with technology knows this path exists. Luckily, most of us are taught to respect others’ property, even if that property is digital. What’s more, this activity undermines the rule of law and the ability of people to freely create wealth (see Acton’s Core Principles).
Computer programming is an important craft. It’s simple to learn a little programming, but as you advance in skill the tasks become easier to perform. Whether it is building a website, desktop computer application, or a small game, many people obtain enjoyment out of building unique and useful tools and products. However, the same skills can be used to make an application that tricks people, steals their information or prevents their computer from functioning properly. Individuals who make these keyloggers, trojans and worms typically do so out of greed or hate.
People break into computer networks or systems with malicious intent are called black hat hackers. As you might expect, there are also white hat hackers. White hats break into computer networks and systems too, but instead of taking advantage of the system’s weakness, they notify the owner of the system about the vulnerability so they may fix the problem. Computer security is a classic case of good versus evil. You might even call it one of those moral issues that are clearly black and white.
What stops black hats from becoming white hats? Unfortunately, if there were no black hats there would also be no need for white hats. Most white hats start out as black hats since learning the craft requires knowledge of breaking into systems. White hats make a legitimate living through consulting and by working in organizations to ensure systems are secure. They (hopefully) have a strong sense of right, especially if they start out as a white hat.
Even if you don’t know someone who works in computer security, it’s likely that your favorite IT person deals with security on a daily basis. The IT professional that the white hat informs must secure their system against compromise, which requires knowledge of how hackers break in. System owners are stewards of activity and information they manage. They have the same access that hackers have to information stored in computers they work with. Their job is to protect that information as well as ensuring its proper use within the system.
If the system administrator fails at their job, unsuspecting individuals using the system lose something. It might be privacy, financial information, their own computer’s security or even their identity. Black hats and hackers like the ones from Anonymous abuse gaps in security for their own amusement, personal reasons and notoriety. They lack basic concepts of morality and are especially void of respect for any IT professional or individuals on the receiving end of their attack.