It’s an ordinary day at work – you switch on your system, go through your email, check a few attachments. Eventually, you log off for lunch, and by the time you’re done and are back at your desk – congratulations, you’ve been hacked! Your system and all the files on it are being held hostage by some college kid on vacation with too much free time on his hand. Welcome to the world of modern hackers.
2016 was, by many measures, the worst year for digital security. Although every passing year is turning out to be exactly that, 2016 had its fair share of leaks and breaches. In fact, it had a good helping of revelations from years gone by as well – be it the 2012 LinkedIn breach which affected 117 million instead of the originally estimated 6 million or the double reveal from Yahoo totalling to a hefty 1.5 billion credentials lost to attacks in 2013 and 2014.
Gone are the days when hackers were accurately depicted in popular culture. The general conception about hackers has remained unchanged – some geeks sweating their fingers out over keyboards, furiously typing out malicious code and attacks in a secret basement. As long as we hold that image in our head – we’ll never really understand hackers, and hence, their actions. So to start off, let us talk about that hacker in the basement, and why he almost no longer exists.
The term ‘hacker’ is said to have originated in the 1960s in the MIT computer labs. Hacking is defined as the act of altering a standard process or system to improve it or customize it to one’s choice. When the model train hacking enthusiasts (among others) of MIT got their hands on the new computer systems being deployed on campus, they applied the same practice to software. These and other computer hackers were mainly programming enthusiasts who liked to alter and rewrite software code to improve and customize programs or take them apart just to understand how they worked.
Ken Thompson (sitting) and Dennis Ritchie working together at a PDP-11
One of the most elegant hacks – and perhaps the most enduring hack ever – to come out of this period was UNIX. Built on the shell of the failing Multics project from Bell Labs, MIT and General Electric, UNIX was the brainchild of Ken Thompson, who, along with a team of researchers led by himself and Dennis Ritchie, wanted to build a system “around which a fellowship could form”. One can safely say that they were successful.
Come the 1970s, hacking temporarily took a new direction – telephone networks. While phone ‘phreaks’ had existed since the 1950s, it was AT&T’s implementation of fully automatic switches which used a tone dialing system which galvanised their popularity. One of the internal-use tones was of 2600 Hz, which caused a telephone switch to think the call had ended, leaving an open carrier line. This line could then be exploited to provide free long-distance, and international, calls. At that time, long-distance calls were quite expensive. Some of the most notable phone phreaks are Joe Engressia (a blind seven year old who had the perfect pitch needed for the hack), William ‘Bill’ Acker (who discovered that the recorder he owned could play the tone) and John ‘Cap’n Crunch’ Draper (who discovered, through his friendship with Engressia, that the whistle in Cap’n Crunch cereal boxes could also work).
Captain Crunch at Maker Faire Berlin (2015)
Rise of the PC hacker
The 1980s essentially saw the first democratization of the computer – they weren’t out of reach anymore and the introduction of turnkey “personal” computers by Radio Shack, IBM, Apple and others had made computing accessible. With the advent of the ARPANET and modems connecting computers with each other being increasingly available, a hacker’s reach was further expanded.
Movies and novels that glorified hackers, or at least their abilities, increased in number around this time. War Games, a movie about an oblivious hacker almost starting World War III, is now held in cult status among hackers. Neuromancer, a hacking related novel released in 1984 is also credited by many as one of the main factors behind popularisation of the hacker among the general masses. Tron, Blade Runner, Cyberpunk and Terminator also rose in popularity around this time.
A first edition copy of the title ‘Neuromancer’
With this democratization came what can be termed as the ‘golden age for hacking’, although some of that gold might not have benefited everyone. The 1980s saw some of the first convictions for cyber crimes, including the first hacker convicted as a felon.
Good hacker bad hacker
In 1980, Ian Murphy (a.k.a. “Captain Zap”) along with three other hackers, got into AT&T’s computers and altered their internal clocks. AT&T users suddenly started receiving late-night discounts in the afternoon, while others who waited until midnight to use the phone had to deal with massive bills. For his role in the crime, Murphy was greeted with 1,000 hours of community service and 2 1/2 years probation (considerably less than what hackers would receive today). He also inspired the movie ‘Sneakers’.
In another first, the FBI busted the Milwaukee-based 414s (named after the local area code), with the accusation of 60 computer break-ins ranging from the Memorial Sloan-Kettering Cancer Center to the Los Alamos National Laboratory. The 1980s saw more such criminal convictions of hackers who had, in some way, had a malicious effect on computer systems. The public were now more aware than ever of being hacked and the demand for security measures soared.
The wrong side of the law
In 1986, in response to all the hacking-related felonies and convictions emerging across the country, the U.S Congress passed the Computer Fraud and Abuse act, the first legislation related to hacking. By then, the first major hacking groups had also been formed – the Legion of Doom in the United States and the Chaos Computer Club in Germany.
Pretty soon the two sides would face off in multiple instances. Operation Sundevil, which took place in 1990, was publicised as the largest crackdown on hackers. The crackdown took place in 15 cities and resulted in 3 arrests. As a response, the Electronic Frontier foundation was formed to fight for those accused of hacking in the very same year as Operation Sun Devil.
Kevin Mitnick, like many of his fellow convicted hackers, now runs a high-profile security firm
Empowered by the new law, the 90s would see more high profile hacker arrests. One such arrest was that of prolific hacker Kevin Mitnick. He was charged with obtaining unauthorized access to computers belonging to numerous computer software and computer operating systems manufacturers, cellular telephone manufacturers, Internet Service Providers, and educational institutions; and stealing, copying, and misappropriating proprietary computer software from Motorola, Fujitsu, Nokia, Sun, Novell, and NEC. Mitnick was also in possession of 20,000 credit card numbers.
What was evident, from the 80s to the 90s, was a clear division within the hacker community. Apart from the benign hackers whose sole objective was to explore, improve, and learn, there was a new, younger group of hackers who were in it for the personal gain. While this divide was pretty evident within the community, popular media and culture viewed any kind of tampering done with any system under the broad umbrella of ‘hacking’. This is something that traditional hackers didn’t take too well and came up with a new monicker for the other group – crackers. Their intentions varied from personal gain and vengeance to stealing data for criminal purposes, targeting universities, government agencies, and large corporations.
Script kiddies were another break-off group that were misrepresented to be hackers by the mainstream media and popular culture. This segment isn’t particularly skilled, technology wise, and generally uses ready to use tools to find weak spots in internet connected systems. They don’t usually have particular targets and run sweeping attacks to find loopholes. Most attacks reported by the media are of this type.
Enthusiasts all around the world have taken time to learn the skills and get their hands on the equipment necessary to make their presence known. Today, China alone generates more (41%) attacks than the next nine countries combined. Although, to be honest, the target hasn’t changed much, with U.S being the most targeted country, and the UAE being a surprise second on the list.
Many of you might have seen the show Mr Robot. While we’re not advocating what the protagonist does, that is pretty much what hacking stands for in today’s world. Pretty much any famous hacker group today stands for an agenda. However, the definition of hacktivism, the broad word for agenda driven hacking, in itself is highly debated. For example, take DDoS attacks. Groups like Anonymous, which is the biggest hacktivist group out there now, frequently use it as a method of protest against those they disagree with. It is argued that this particular method is against free speech, at times referred to as the ‘poison gas of the internet’.
Questionable methods apart, hacktivist groups have done some pretty significant stuff in recent years.
A real world Anonymous protest, where anyone can be Anonymous
During the 2009 Iranian election protests, Anonymous played a role in disseminating information to and from Iran by setting up the website Anonymous Iran; they also released a video manifesto to the Iranian government.
During the Egyptian Internet blackout, January 28 – February 2, 2011, Telecomix provided dial-up services and technical support to the Egyptian people. The hacktivist group also announced that they were closely tracking radio frequencies in the event that someone was sending out important messages.
Hackers are the internet’s immune system -TED Talk
Anonymous and New World Hackers claimed responsibility for the 2016 Dyn cyberattack in retaliation to Ecuador denying Internet access to WikiLeaks founder Julian Assange at their embassy in London.
Over the years, hackers have been denoted as a lot of things – from computer tourists and network voyeurs to dangerous criminals and nihilist anarchists; computer nerds to cyberpunks; public nuisance to catalysts for technology advancement. But amid all these roles, the confusion, and prosecution, there lies a simple answer – hackers are necessary.
Hackers work towards exposing the flaws that lie in the digital systems our lives are completely enmeshed in. Each revolution has its own form and practices. Since today’s world is digital, so are today’s revolutionaries. Perhaps someday, despite the occasional malpractices and the persistent misportrayal, we will be looking back at hackers as the ones who brought about the change we were waiting for.
This article was first published in April 2017 issue of Digit magazine. To read Digit’s articles first, subscribe here or download the Digit e-magazine app for Android and iOS. You could also buy Digit’s previous issues here.