Imagine for a moment your favorite spy movie, maybe a James Bond movie for example. It’s cast of characters likely consists of five or so core archetypical personas. In this cast you likely have a cunning spy, a love interest, the shrouded head of the spy agency, the maniacal bad guy, and a clever hacker sitting in the background. Swooping in seemingly at a moment’s notice to disarm a security system or provide intel about a target’s movements, the hacker always seems to be a mysterious figure with deus ex machina powers. In the following article, we’ll dive into this archetypical figure, breaking down the driving factors behind hacking and the overall ideas behind what makes a hacker ‘tick’.
Information security, and hacking more specifically, is often romanticized not only by Hollywood and the general media, but also by our culture in general. This idealization, among other things, can lead individuals towards information security practices wherein we find three typical driving factors: Curiosity, notoriety, or money. Let’s dig a little deeper into these motivations and the general circumstances where they might arise.
Picture yourself sitting in homeroom at elementary school. Maybe the teacher is droning on about math and while you certainly are interested, you also have a new pen that’s keeping your hands busy. Maybe you’re taking it apart and putting it back together constantly, learning how the individual parts work and discovering maybe if they can be swapped with parts from other pens or pencils. Either way, your dead set on learning exactly how that pen works. Curiosity in hacking is just that, the want to take things apart constantly and learn more and more, seeing how all the pieces in a program make it work or how you can make it better. Not only can this curiosity be satisfying, it’s incredibly rewarding to be able to execute upon new ideas you’ve learned and make other things better, especially through hacking apart something like a domain.
Three or four years have passed from your time in elementary school and you’ve been introduced into the wonderful world of gaming. While this can come in varying forms - such as video games and board games - all of them share a few common threads: the potential for cheating. Imagine playing an adventure game and suddenly having the ability to spawn in as much gold as you could ever want, giving your character the ability to buy any item at the shop and become incredibly powerful. For a while this can be wildly entertaining, stomping any monsters that would dare to challenge you and easily beating the rest of the game. This sort of activity often leads to a level of notoriety and attention within the gaming community. Hacking a game likely becomes dull after a while, leading into our third leading motivation for hacking: money.
So you’ve cheated and beaten the game but now you want more. At this point, you have a few potential options: selling your cheating method and programs to other players OR make it so that no one can play the game until you’ve been paid. Often these options can be further incentivized due to socioeconomic status or simply because it seems to be easier to make money this way, leading to a tipping in the scales of risk versus reward dramatically in favor of rewards.
Throughout these three motivating factors we can see how differing driving factors can ultimately lead to shifting morality and the category of hacker an individual can fit into. Be it white hat, driven through curiosity and the want to make things better, grey hat, driven often by notoriety with a little curiosity mixed morality, or black hat, motivated either through want for money or with hacktivist goals, we can see how the hacker in that spy movie might have come to be.