Categorizing Hackers

I l @ ve RuBoard

Categorizing Hackers

There have been numerous studies and surveys trying to understand the type of people who use computers to commit crimes. Some studies have focused on the juvenile hacker while others have examined those who perform specific types of attacks. Some of these studies report similarities while other illustrate only the diversity in both the crimes and the criminals.

It may be a stereotype to describe computer hackers as anti-social geeks , but it is an accurate one ” at least for the best-known type of hacker, says Marc Rogers, a University of Manitoba psychologist and former Winnipeg police officer. He reports that the average " cyberpunk ," a hacker whose hobby has put him before the criminal courts, is a white, middle-class male, aged 12 to 28, who lacks social skills and comes from a dysfunctional family. They tend to be loners. They feel more comfortable behind a computer system than in face-to-face interaction. ^[7]

^[7] Bell, Stewart, "Computer Hackers Really Are Anti-social Geeks," National Post Online , 13 April 1999.

Sarah Gordon, who profiles cyber-criminals for IBM's Thomas J. Watson Research Center, performed a study of virus writers which indicated a different picture of these cyber-criminals.

The virus writers in Gordon's study range from teenagers to college students to professionally employed grown-ups. Most virus writers have normal social lives, get along just fine with family and friends , and generally mean no harm.

Most lose interest in virus writing as they get older. However, adults who remain in the "virus underground " do tend to have a few social problems.

Otherwise, the only evident pattern she has found among virus writers is that they tend to be intelligent , educated , and male. Given the tools required for their trade, common sense also suggests that most probably live in households with middle-class or higher incomes. ^[8]

^[8] Beiser, Vince, "Inside the Virus Writer's Mind," 8 July 1999.

I l @ ve RuBoard

Demographics

The wide variety of people who identify themselves as hackers makes it is difficult or even dangerous to assume that all hackers fit some specific profile. However, there are demographics of hackers which warrant specific consideration, due to the difficulties which they bring to the process of identification, capture, and conviction of these attackers .

Age

The usual hacker starts when he is a minor and is no longer dedicated to hacking by the time he is thirty. Many hackers are minors and are not held to the same level of responsibility as adults. The criminal justice system in the U.S. and other countries makes a clear distinction between adults and minors. There are separate courts, separate detention centers, and separate views of how the laws should be applied and the punishment implemented. Punishment for juveniles, even if convicted, is often little more than a slap on the wrist.

A 15-year-old hacker chose to launch an attack on the Television Corporation of Singapore's (TCS) Internet site after seeing an advertisement for it on television. He replaced all the pages on the news channel's site with a variety of obscene and abusive messages for about 10 hours for no discernible reason.

The judge passing sentence requested that the boy be home before 6 pm every night for a year, and demanded that he write a formal apology, to be posted on the news channel's web site. ^[9]

^[9] Knight, Will, "Hacker Grounded for World's Easiest Crack," ZDNet UK ( www.zdnet.co.uk ) , 30 September 1999.

Sympathetic

Computer crime, like other white- collar crime, is not violent. It generally does not cause bodily injury . It is often difficult to explain the crime to a jury. The theft of information does not deny the victim the information; it is a copy which is stolen. Some people have sympathy for hackers who have been caught.

Many people are enamored of hackers. Much like Robin Hood, who committed crimes against the rich and became a hero of the poor, the victims of computer crimes are generally big businesses. Some people believe that it is acceptable to steal information from companies if their systems are not secure enough to keep them out. This makes it difficult to enlist a sympathetic jury. In computer crime cases, the defense will capitalize on the David and Goliath syndrome. They will paint the hacker as the little guy and the company as evil. This is true throughout the world.

Israeli Prime Minister Benjamin Netanyahu praised a teenage hacker, known as the "Analyzer," who intruded upon hundreds of government computers in the U.S. and Israel. After the incident, the hacker was drafted into the Israeli army to serve in an information warfare division, an assignment which will utilize his computer talents.

Before his induction, he celebrated with friends at a disco near his hometown of Hod Hasharon, north of Tel Aviv, where the disc jockey told the crowd "The Analyzer" had done their town proud. ^[10]

^[10] "Israeli Teen Hacker Details Prowess," Associated Press , April 1998, Reprinted with permission of The Associated Press.

Location

The global environment of the Internet makes it possible to access systems anywhere in the world. This also allows hackers to attack systems from anywhere in the world. There are no political boundaries on the Internet. There are no border checkpoints or customs inspectors.

Tracking attacks across a world-wide network is a difficult task, especially when the hacker is trying to obscure his tracks. This problem is compounded when there is a need for search warrants or other participation from investigative organizations. Inconsistencies in international laws make what is legal in one place illegal in another. This makes it difficult to get support for investigating someone for committing an offense which is legal in the location where he is. However, sometimes agencies in different countries do work together.

A computer hacker using the name "Curador" allegedly compromised multiple E-commerce websites in the U.S., Canada, Thailand, Japan and the United Kingdom, and apparently stole as many as 28,000 credit card numbers with losses estimated to be at least $3.5 million. Thousands of credit card numbers and expiration dates were posted to various Internet websites. After an extensive investigation, the American FBI assisted the Welsh Dyfed Powys Police Service in a search at the residence of "Curador," an 18-year-old whose real name is Raphael Gray. Gray was arrested in Wales along with a co-conspirator under the UK's Computer Misuse Act of 1990.

This case was predicated on the investigative work by the FBI, the Dyfed Powys Police Service in the United Kingdom, Internet security consultants , the RCMP in Canada, and the international banking and credit card industry. This case illustrates the benefits of law enforcement and private industry around the world working together in partnership on computer crime investigations. ^[11]