Hacking for Money or Glory or…

FastCompany says they have hacker motives all figured out. They report that attacks on Gawker, McDonald’s, and DeviantART suggest a “Massive Hacker Race for Glory”

While seeming ominous, the series of attacks might be nothing more than a giant pissing contest among different individual hackers or groups of hackers. And if that’s the case, it probably won’t end until we, the media, lose interest.

Hackers break into sites for one of two reasons: money or glory.

That is it? All the motives in the world and they can only think of these two? That is unfortunate. In fact, I would say they have confused consequences with motives. Some hackers may get money or glory from breaking into sites, but that is definitely not all that motivates them.

Motives are hard to understand but limiting ourselves to see only two makes our defenses weaker, as I have discussed before in my post “How to Make Quality Technology”.

Companies should always prepare themselves for far more than just the obvious financial-reward types and styles of attacks. This was a key tenet of my RSA presentations on the top 10 breaches, where I explain that financially motivated attackers actually end up in an anti-collaborative position, whereas socially, politically and culturally motivated attackers develop intent that is highly-collaborative (regardless of potential for glory).

Steven Levy gave a list in Chapter 2 “The Hacker Ethic” of the 1984 book called “Hackers: Heroes of the Computer Revolution” that should make it obvious why there may be more than two motives.

  1. Access to computers – and anything which might teach you something about the way the world works – should be unlimited and total. Always yield to the Hands-On imperative!
  2. All information should be free.
  3. Mistrust authority – promote decentralization.
  4. Hackers should be judged by their hacking, not bogus criteria such as degress, age, race, or position.
  5. You can create art and beauty on a computer.
  6. Computers can change your life for the better.

FastCompany bases their analysis on a single security expert from Hollywood and Beverly Hills of southern California — an area known for money and glory as motivation — who used to work for MySpace. They may have found one view, but there are others…as Anais Nin once said “we don’t see things as they are, we see things as we are.”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.