Whistleblowers, criminals or gold-diggers? Inside a hacker’s world

“This is our world now… the world of the electron and the switch […] We exist without skin colour, nationality and religious bias… and you call us criminals. […] Yes, I am a criminal. My crime is that of curiosity.”

Remember these lines from the famous 1995 Jonny Lee Miller and Angelina Jolie-starrer crime thriller Hacker? The film talks about a group of high school hackers and their involvement in a corporate extortion conspiracy.

Cut to 2016.

A hacker group, which calls itself Legion, claims responsibility for the hacks of digital accounts of prominent Indians, including Congress vice-president Rahul Gandhi, embattled business tycoon Vijay Mallya and senior journalist Barkha Datt.

In between, there have been whistleblowers, including Wikileaks founder Julian Assange and US NSA contractor Edward Snowden, who have released so-called “secret materials” with global implications; other groups, such as Lizard Squad, Anonymous, LulzSec and Syrian Electronic Army, have also mushroomed from time to time.

So what makes them do what they do?

Legion, which has cops from five countries — Sweden, Romania, the United States, Canada and Thailand — following them, has said in several interviews that it wants to stage exposes on the internet.

“As uncomfortable as many of us are with these groups and their sometimes harsh, even illegal actions, they serve an important function in society. They can be a prod, a disinfectant, and an amusement. Sometimes, and to some people, they will represent a threat. They will be with us forever,” says Mark Graff, CEO of Tellagraff and former chief information security of Nasdaq.

“As psychologist Carl Jung pointed out, many human societies celebrate some form of the character known as a ‘trickster’. Some Native Americans celebrate an ‘anti-establishment’ figure called Coyote. There was Joel Harris, who celebrated the struggles of African-American slaves in the antebellum South by telling tales of a rascal, ‘Bre’r Rabbit’. All these characters share some common traits: cunning, sometimes playful deceit and a knack for puncturing the pretensions of windbags and self-important upholders of the mainstream social order… With the emergence of the Internet, like-minded individuals around the globe can team up, combining a knack for technology with a disregard for prevailing rules of conduct, to strike a blow for or against whatever causes and institutions they wish.”

But Altaf Halde, managing director of Kaspersky Labs, South Asia, claims that the intent of a hacker will always be criminal in nature. He compares it to a person who walks into an unlocked house and then leaves a note saying — “Hi, I was here, your door was open, but don’t mind me and BTW, fix your lock’. If you wouldn’t want someone to do this to your house, you wouldn’t want someone doing it to your computer or account.”

Some, however, think that hackers do whatever they do to prove a point. “Although there exists a strong grey market where cybercriminals offer their skills as a service, there have been an increasing number of high-profile cybercrimes conducted with the motive of just making their presence or protest felt. We need to acknowledge that an increasing number of cybercrimes/hackings are being executed with the motive of simply making a point,” says Anand Ramamoorthy, managing director, South Asia, Intel Security. “Quite a few of these incidents have only served to prove that there exist multiple exploitable vulnerabilities in software and hardware privacy issues.”

Rana Gupta, regional vice-president, Asia-Pacific, digital security company Gemalto, echoes his views.

“Hackers are like Olympians. While anyone can play sports, it requires special talent to be an Olympian. And Olympians take pride to be medalists – the ones with the gold. The ones who strike gold at Olympics also have a shot at big money… And India, with its focus on Digital India, obviously presents a lucrative target for the hacking community to strike and claim their gold medals.”

It’s a dragon lurking there, literally.

“Data integrity attacks have the power to bring down an entire company and beyond; entire stock markets could collapse due to faulty data. And the greatest danger is that many of these could go undetected for years before the true damage reveals itself,” says Jason Hart, chief technology officer of data protection at Gemalto.

“In today’s world, four basic intents for cyberattacks include nation or state-sponsored disruption, industrial espionage, hacktivism and commercial gain. The first three usually target large organisations or high-profile individuals, but the motivator for the majority of cybercrime is financial gain,” adds John Shier, senior security advisor, Sophos, a digital security company.

So no matter how much you might hate them, you can’t ignore them.

“Advanced technology, especially software-based technology, will always have exploitable flaws. Basic economics and the limitations of complex design ensure that. What is also certain is that young, passionate, adept technologists will make their presence felt, and opinions heard, by hacking their way into our national conversations,” concludes Graff.


. . . . . . . .

Leave a Reply