While not always realistically depicted on television and in films, most people with even the barest technological literacy have some idea of what hacking is. They may not understand the complex technical aspects of what it is, nor may they understand the social skills which facilitate the technical aspects. They may not be able to actually hack themselves; they may have never been hacked (for which they should thank their lucky stars). Their ignorance of the particular details of hacking does not prevent them from understanding what hacking is and the implications of a hack attack (also called a cyberattack). Most people appreciate the concept of hacking on a personal level – maybe they have had an Internet-based account hacked before; maybe someone managed to log in to their Facebook account and post strange messages on their wall. Maybe they had a credit card account hacked, and someone charged a bunch of stuff to their card. Regardless of the severity of the attack, the outcome was the same: someone violated their privacy and used their digital information. Global hacking is not much different from the hacking of an individual person in terms of how it is accomplished. It is the scale of global hacking and its impact that makes it remarkable.
Fundamentally, global hacking is no different from ‘plain’ hacking. Matt Bowles (2012) writes that hacking as it is understood today “was born out of pure curiosity in the 1970s and 1980s” as a result of “computer enthusiasts [who] wanted to learn about these mystical devices and see if they could be made more efficient” (p. 5). Eventually, this curiosity about the machines themselves evolved into a curiosity about the networks with which these machines interact. Unfortunately, “pure curiosity” evolved into “intent to commit crimes” – that is, the curiosity went beyond learning and into the development of malware and later into true criminal actions, namely the violation of privacy and theft of property (Bowles, 2012). The Internet only facilitated such behaviors, opening up the rest of the world to their efforts and actions. Wireless Internet access has only made hackers that much more mobile.
But even more so than the growing ease of hackers to access a multitude of devices around the world is what they find themselves able to access. In a study on Tor and anonymity networks, Keith Watson (2012) notes that Tor is not exclusively used for leaking sensitive government documents; it also has legitimate uses and is even considered by many to be necessary for protecting the identities of individuals such as “political dissidents living under oppressive regimes” (p. 719). In other words, the Internet has provided hackers with access to a wealth of information and resources. Whereas early hackers may have simply shared and traded information (Bowles, 2012), modern hackers seem to prefer more challenging (and lucrative) targets such as banks, credit card companies, and business firms like Target.
While the hackers’ preference for more monetary-rich targets can be understood by most people, the implications for such large-scale attacks are far more problematic than a hacker getting into one’s email and sending strange messages to one’s contacts. The disruption/interruption and compromising of the network of a global entity, whether a business organization or a government, affect more than the organization itself. The ability of the organization to function properly is undermined which, in turn, can undermine the trust of individuals affiliated with that organization. Any individual tied to that organization – such as a customer of the business or a citizen of the country – may find their private data violated and vulnerable. Leaked information, such as in the Wikileaks case, has the potential to leave countries vulnerable to their enemies and other potentially devastating attacks (Bowles, 2012). It isn’t just individuals whose sensitive data can end up in the hands of unscrupulous individuals; organizations can likewise find their data broadcast to the world. Sensitive, critical military data could be obtained by a country’s political enemies. Oppressive governments could identify and punish political dissidents. Stalkers could obtain more of their victims’ information which could be used to further harass and terrorize the victims, if not be used to outright kill them.
And with the Internet bringing all this information to people across the globe, it can become even more difficult to identify the culprit or culprits and bring them to justice. Differences in jurisdictions within a single country can make prosecuting criminals difficult; imagine the difficulty that emerges when crossing international boundaries. Furthermore, the anonymizing abilities available through networks like Tor make it easier for hackers to cover their tracks (Bowles, 2012), meaning that a perpetrator in England can launch an attack on an organization in Africa, wreak havoc, and then disappear into the howling chaos of the Internet. The authorities responsible for tracking down this individual – or, potentially, group of individuals – will find themselves in a great deal of difficulty.
The actions and activities of groups like Anonymous have brought the attention of the world on the concept of hacking, and the scale of their activities – including not being limited to activities in one country alone – represents perhaps one of the best examples of global hacking to date. Global hacking takes the activity of hacking to a greater scale than just hacking a single person’s email; global hacking events produce a ripple of consequences that are hard to anticipate or address. While steps can be taken to tighten network security and protect valuable and sensitive data, it appears that the hackers will adapt and survive. Better ways to combat and prevent global hacking remain to be seen (or developed). As usual, the law lags behind in categorizing and addressing the kinds of crimes committed by global hacking groups and addressing the unique features of global hacking events. The challenges to addressing the global hacking phenomenon are not clear, since the phenomenon itself is still emerging and evolving.
- Bowles, M. (2012). The business of hacking and birth of an industry. Bell Labs Technical Journal, 17(3), 5-16.
- Watson, K. D. (2012). Tor network: A global inquiry into the legal status of anonymity
networks. The Washington University Global Studies Law Review, 11, 715-737.