Analysis: How the ‘hacker’ has been criminalised in the wake of high profile cyber attacks.
What do you envisage when the word ‘hacker’ is mentioned? A lone shadowy individual living in the darknet, preying on the weak networks and passwords of businesses and consumers for financial gain? Or perhaps it is an educated programmer cracking exploits for good, making businesses ever more secure for their employees and consumers?
Unfortunately the dominant use of ‘hacker’ is that of the former, a negative word invoking connotations of crime and illegality. The mass media has criminalised the word with reports on high profile cyber attacks on TalkTalk, Vtech, and Sony having faceless hackers as the criminal protagonists of each attack.
The reports of cyber attacks by the mass media has left the public blind to all other uses of the word, something which Trey Ford, Global Security Strategist at Rapid7, finds disappointing. For Ford, a hacker is someone who likes to tinker and is a part of a passionate community fuelled by a love of science and maths.
Asked if he identifies as a hacker, Ford told CBR: "Hacker based on whose lexicon? Hacker in its pure form is a tinkerer, someone who likes to play and the answer is of course, yes. It’s sad that the word hacker has been criminalised and the general media sees it as such, it’s very disappointing."
For Ford, a hacker is ‘someone who has found ways to ask systems to do something they weren’t intended to do’, with the rise of the term ‘ethical hacker’ contributing to the further depreciation of ‘hacker’.
"When I hear hacker these are people who had a specific passion and they tinkered and toyed and did their thing. So when I hear ethical hacker it makes me smile as I feel like for the time being that we have lost control over what we identified with as a term." Ford told CBR.
Ethical hacker arose from a certification from the EC-Council, a member-supported professional organisation. It is a qualification based on assessing computer security using penetration testing techniques – but for Ford, the certification just clouds the already opaque lexicon that is ‘hacker’.
"Ethical hacker makes me laugh because that highlights what I was talking about in terms of lexiscon and definition. Ethical hacker was a certification released by CEH, which I think was ridiculous, and there are criminals and then there is everyone else who are hackers – which is the electronic version of a tinkerer."
For Ford, the hacker community is about sharing knowledge and sharing a passion for maths and science. However, with the public interest in the likes of Annonymous and high profile cyber attacks ever more prevalent, it seems that hackers like Ford are swimming against the tide when it comes to more positive connotations of ‘hacker’.
However, with cyber security becoming ever more prevalent, Ford may have to settle when it comes to being an ‘ethical’ hacker. As the battle lines are drawn between the good guys and bad guys in cyber space, it is important to challenge perceptions of what a hacker really is – as Ford proves, many a hacker strives to secure that which is not secure.