Why do hackers hack?
14.9.2016
Translation: machine translated
Private photos of stars here, 68 million public accounts there. Hackers make things public that don't make them any money and don't make the world a better place. But what exactly are they after?
Those who want to see Jennifer Lawrence naked can do so in just a few clicks. Photos from her personal iCloud have been hacked, as have private photos of one celebrity or another. Lawrence is shocked and likens the data leak to a sexual assault.
Edward Snowden left his quiet life as an analyst to expose the activities of the NSA. He applied for asylum in Russia. Since then, the world has lived in fear of being monitored.
A group of hackers, calling themselves The Impact Team, hacked the Ashley Madison dating site. The published data shows that most of the women on the website were not real. With this information leak comes personal data, fetishes and passwords of 32 million private users.
From a technological and social point of view, these major hacks are real masterstrokes. But in the end, it's always the users who suffer. Clearly, Edward Snowden is one of the most important figures of recent decades. And people need to be protected from online scams too. But what are the consequences? Powerlessness, frustration, fear and questions about why. What makes these people do it? Are they always behind us? What are they after?
"Hackers have different motivations. Sometimes they want to make money from stolen data. Sometimes they just want to make a splash," says Troy Hunt, Security Researcher and operator of the HaveIBeenPwned platform. He knows the scene better than anyone, as his site offers a service that allows users to check whether they've been the victim of one of the big data leaks. Currently, the database includes 1,406,283,736 entries from 138 hacked websites, including MySpace, LinkedIn, Snapchat and Dropbox. Its aim is not just to protect users: it also wants to draw attention to the fact that the big services on the web are not necessarily well protected. "On the other side, we have industrial espionage and state hacking. To tell the truth, they all have one thing in common: they want to infiltrate a protected system and extract data from it."
Statements from hackers
Often, hackers don't say why they did what they did. Only a few of them speak out. The media have mostly been talking about the Impact Team's statements after hacking Ashley Madison.
[Ashley Madison] and [Established Men] must be removed from the web immediately.
They say they are against the business idea of Ashley Madisons' parent company - Avid Life Media - and that they want to uncover their fraudulent activities. This is because, when the data made public was analysed, it was found that Avid Life Media had not deleted customer data, despite customers being told otherwise. To bring the company to its knees, Impact Team released user data.
The result: Ashley Madison is still online, and boasts over 45 million users. The sexual preferences of all users at the time of the hack are freely available. Shortly after the hack, it even recorded an increase in user registrations.
Cybercriminal Phineas Fisher recently gave an interview to Motherboard magazine and explained why he hacked the server of Italian company Hacking Team and published all the company's data.
Phineas Fisher calls himself an idealist. He read a report from Citizen Lab - an institute at the University of Toronto specialising in the interaction between information technology and human rights - on Hacking Team and became convinced that it was a criminal enterprise. "That's why, and also because it's so much fun, I decided to hack Hacking Team," he says in the interview.
The result: Hacking Team is still practising. The company continues to sell IT solutions for maintaining public order, so for the police and secret services for sometimes dubious governments. Phineas Fisher has published a document in which he describes his intrusion into Hacking Team's system.
Tiny tidbit: Hacking Team sold spyware to the Zurich cantonal police.
"I have no intention of hiding, because I know I have done nothing wrong," says Edward Snowden in support of the fact that he does not wish to remain anonymous. He currently lives in Russia, where he has applied for asylum, but would like to seek refuge in another country. He too is convinced that he has acted in favour of justice, openness and democracy. The price he has to pay for what he has done: he will never set foot on American soil again.
What's left
Sure, hackers shock the world, but they rarely get their way. The NSA is watching, Hacking Team is doing harm and Ashley Madison is carrying on. In the end, it's innocent people's data that gets exposed. Jennifer Lawrence's breasts are still on the Internet, even though the actress did everything she could to prevent it. The sexual orientation of 32 million people is accessible to anyone who can read text files several gigabytes in size.
What's left is us. We are afraid of malicious governments, evil corporations or even evil hackers. We are not powerless. We can use complex passwords, encryption, security software, as well as a little common sense.
The difference between good and bad hackers is pretty hard to make. Troy Hunt, on the other hand, can tell them apart: "I think the main difference is interest. Most hackers who publish data do so either to become famous or to be able to sell a lot of data. Whistleblowers like Chelsea Manning and Edward Snowden had ideological reasons. They put themselves in danger, and not in order to get rich."
But one thing is certain: data leaks will not stop. "The increase in data leaks goes hand in hand with the increase in information that is online," explains Troy Hunt. This upward trend is also accelerated by the growing number of services that require a password.
Header image: Hacker: Heroes or villains?
Journalist. Author. Hacker. A storyteller searching for boundaries, secrets and taboos – putting the world to paper. Not because I can but because I can’t not.
13 comments
later