There was a time during childhood when my fascination with computers — hardware now mere relics such as the Commodore 64 and the Tandy TRS-80 —translated, or maybe “spun off” is the right phrase, into an interest in cybersecurity. From my limited understanding of the world I didn’t even consider the spin off as surrounding security, the positive angle, but rather from intrigue about the people who were bucking security principles. The poster child of that sect, again based on recollection, was Kevin Mitnick.
I intentionally pulled back from [re-]researching Mitnick before writing this. I wanted to only recall and focus on young Ed[die]’s perceptions, including whatever has happened meanwhile that colored my memory. To think about the evolution of the hacker, at least for this exercise, was to begin with an admittedly ignorant starting point in the spirit of “Out of the mouth of babes.” There’s something valuable to its purity. So, with that highly subjective backdrop, and in case you’re totally unaware of this fella, Mitnick, I’ll share my memory of his hacking ways that caused something to begin germinating in me that’s evolved into my professional and academic interests of today.
Back then, and again no homework here so let’s agree that it was early ‘80s, home computers weren’t really a thing but some homes had computers. Mine were as much toys as computers, and I was somehow charmed in youth to have owned them. I read about them, and tinkered, and made them do rudimentary things; and, I played games on them. I learned, then, about Mitnick who’d hit the news. Maybe that was later in the decade. No matter, this guy caught my budding interest in computers and amped it up because he was doing things with the technology that took their functions to new places, albeit along criminal paths. Mitnick was a criminal, no doubt. His crimes, though, were as much experimental and limits-pushing as they were malicious.
Hacking’s origin, for anyone willing to pin it to this guy, was way low-tech compared to what we think of it today. He levied his technological chops against “the system” in milquetoast ways. He learned how payphones translated coins dropping into signals that allowed for long-distance calls, and then mimicked the signals without using coins. Did he need to make those long-distance calls? Was he bypassing the costs to save money? Nope. He wanted to understand the system, and then to prove something by overcoming its rules. Still, criminal. He broadened his antics into computers, as I recall, by further study and experimentation. Really, though, he was exercising his own talents, began using newer tools, and contriving bigger challenges. He hacked into government and utility computer systems and caught the attention of the feds.
Fast-forwarding some unknown number of years, and likely after my personal interest in him waned considerably, I know that he was ultimately caught, sentenced, and either did some time or had it commuted when he agreed to turn his skills into tools benefitting law enforcement and government. He’s now a well reputed “white hat” who’s a renowned security analyst, or perhaps he’s retired at this point. After this piece I will be ferreting out his more accurate story and updating myself about his. Maybe you too will poke around Wikipedia or such to learn about him and find all of my factual errors. My point in even invoking him is that the hacker game has changed immensely since then, as has the technological landscape within which the black hats operate.
In answering my own question about what the hackers are up to these days, I do regularly research that and know two things. One is that 50 of my brief pieces couldn’t answer the question comprehensively. Also, by the time a few weeks would have passed, the landscape and hackers’ practices would have changed enough to make the first installments moot, thus making it a logical impossibility to keep up. Cops always chase robbers. Secondly, I know that hackers’ targets are limitless, and their effects range from deadly down to free phone calls. I want the question answered more practically, though, then by calling on some esoteric, academic research published in the peer-reviewed International Association for Computer Information Systems journal. Let’s traipse through the news from the past week or so.
I’ll start with a story about the hacking group Anonymous. I’ve dropped their name before, and you may be familiar with their logo of sorts, the Guy Fawkes mask. Anonymous attacked TikTok, the wildly popular Chinese app that facilitates brief videos produced by young’uns and pop culture adults who want to stay connected. The vaguely organized “hacktivist” group is using its powers to shut TikTok down. They claim that the Chinese government is using it for spying purposes.
Another story explained how hackers broke into the Russian Foreign Ministry systems, stole its database, and now seeks $600,000 for the booty. Money’s a more familiar end game for hackers than social justice or national security. What about criminal justice though? The next story was a spin, to me. In the Netherlands, police hacked into an encrypted cellular network used by criminals and collected millions of incriminating communications. Time will tell if justice results.
Ransomware plots continue, too. The hacking group NetWalker is holding data hostage since it hacked Fort Worth’s transportation agency. In June they won that game elsewhere when UC San Francisco ponied up a million in ransom.
Without bearing down, we see in a week of news that hackers’ causes are all over the map: money, justice, security. The tech evolves as do the hackers. Both the hardware and the users, good or bad, always do more than intended. Add to that the fact that the best hackers will never let us know what they’re up to. What comes from them tomorrow, then?
Ed is a professor of cybersecurity, an attorney, and a trained ethicist. Reach him at firstname.lastname@example.org.