Main Introduction Possibilities Ethics Physical Security Digital Security Bibliography

Ethics


The majority of the criminals that breech information security are called hackers. Of course the name meant many things, though today it is mostly understood to mean criminal. However there are those who consider themselves hackers who are not criminals. The first thing that must be understood when dealing with the actions of hackers is the fact that, while the great majority follow the society's ethical code, there are always deviants, just like in any other society. Of course there are those who interpret those said ethics in different ways as well. It's generally accepted that the hacking community can be divided up into three categories. White hats, the legitimate, legal, hackers, who work for the establishment, securing computers by breaking into them at the request of their owners. The white hats may or may not be in it for fun, but they get paid, they have turned their skills from an illegal practice to a paying job. The most famous of these is Kevin Mitnick, once considered "the most wanted hacker in the world," (Hafner) who is now one of the foremost authorities in computer security, helping others to secure their computers and having written a series of books on the techniques hackers use to break into systems. Within this category are a number of old time first-generation hackers who after having done their jail time have decided to make their work and self-training pay off in the real world. Then there are the gray hats, hackers who mean well. They break into systems when they feel like it, firm in the belief that they should be able to travel where they wish within the information superhighway. While they illegally break into computers and play around in them they usually don’t do anything, (beyond perhaps leaving their signature) and sometimes will even tell the system administrators of the systems how they hacked in and how to fix the vulnerability so it can't be done again. The most poignant example of this type of hacker can be seen in the story Mungo and Glough tell in their book Approaching Zero, in which a hacker breaks into one of the major credit agencies and discovers that the credit information for the people in the federal Witness Protection Program was out in the open and reported it to the FBI. (Glough 365-367) The third type is the more recently developed black hat, Hackers who hack for profit. They are shunned by the mainstream hacker community. Many of these black hat hackers learned their skills from hackers who had gone to prison for simple “access crimes”. Some of these are hard core criminals who then learned hacking and some are members of larger organizations within the criminal establishment. These hackers are the ones that do the most real damage and since they are the most experienced at being criminals they are the least caught. The most well known example of this is the hacker group documented by Clifford Stoll in his book The Cuckoo's Egg, about how he tracked a group of hackers who were stealing US military information and selling it to the KGB.