image: Hacker

By Mike Brunker
MSNBC

July 23 —  Emmanuel Goldstein, editor of 2600 — The Hackers’ Quarterly, says hacking is about “learning, sharing information, being the first person to discover something.” To Marcus Ranum, CEO of a network security firm, breaking into someone else’s computer means “sheer mental and emotional anguish” for the victim. Strangely, depending on the circumstances and the individuals involved, they are both right.

‘I believe the crime of simply hacking a system should be illegal in the same way it would not be legal to wander through my house. It’s kind of the same issue.’ 
HACKER 'LUCIFER'		        HACKERS ARE the knights-errant of the Internet Underground, wandering the byways of cyberspace in search of adventure, mischief and — in some cases — somebody else’s treasure. But their reasons for embarking on an avocation that carries plenty of baggage with it are as diverse as the Internet itself.
       What is clear is that there are many more hackers than there used to be. The Computer Security Institute, in a recent survey of computer crime, found a 16 percent increase in security breaches of corporate computer systems over the previous year, more than half of which were accomplished via the Internet. The FBI now has roughly 500 computer crime investigations open at any given time. And the experts agree, these statistics reflect only the thinnest slice of the hacking phenomena.

INSIDERS MOST LIKELY CULPRITS
       Most security breaches are still committed by insiders — dishonest or disgruntled employees in most cases — but outside intrusion is on the rise. 
       The statistics are capable of striking fear into the hearts of those intent on building the Internet into a mighty machine of commerce, but they hold promise for at least one sector: Dataquest estimates the market for computer security will grow into a $13 billion business by 2002, up from $6.3 billion in 1997.
       The computer- and network-security experts find themselves confronted by a highly resourceful enemy that can assume many guises.
 
       Goldstein, whose real name is Eric Corley, is a leading spokesman for the “Jacques Cousteau School of Hacking,” representing those hackers who revel in the cerebral, exploratory aspects of the craft.
  "What hacking is about is learning, sharing information, being the first person to discover something, being the first person to try defeating a system in a different way,” he said. “The thing with hackers is we don’t keep secrets, we share information.

THE CASE FOR HACKING
 “If hacking did not exist, people would not discover the mistakes, the basic ways that a system can be compromised until it was too late, until someone with an agenda had actually gotten in there and done something bad for a purpose. Hackers get in there and they tell everybody what they did.” 
       These hackers believe authorities and the media have unfairly stigmatized them by failing to make the distinction between hackers, who are essentially trespassers, and computer criminals. The latter, known as “crackers,” to the nondestructive hackers, break into systems to steal or wreak havoc. 
       “I believe the crime of simply hacking a system should be illegal in the same way it would not be legal to wander through my house. It’s kind of the same issue,” said a hacker known as Lucifer. “I do think the punishment typically outweighs the crime. Typically, a breaking-and-entering conviction [in the real world] will get you a suspended sentence, while burglary is treated much more seriously. I think the same should apply.”
       Unfortunately, problems can arise when hackers’ explorations have unintended consequences, as was the case last year when a juvenile hacker who broke into a Bell Atlantic network inadvertently shut down communications between the control tower and aircraft at the Worcester, Mass., airport. Fortunately there were no crashes.

SUFFERING IGNORED, CRITICS SAY
       The high-minded hacker ethic also ignores the considerable human suffering that even the most benign break-in can create, says Ranum, CEO of Network Flight Recorder, which creates security tools for network managers.
  “This isn't fun stuff, he said. “There is real damage. … You get some system or network manager who works up on Wall Street and his systems have been broken into … by one of these barely post-pubescent hackers and they’re scared for their jobs, they’re afraid they’re going to lose their careers, they’re worried about their mortgages. I’ve seen grown men reduced to tears by this kind of thing. It’s just not right.”

 bbb
        The natural tension that exists between the hackers and those charged with either preventing them from breaking in or catching them once they do is understandable. But it tends to obscure the fact that the hackers who are most feared are not the ones who call attention to their exploits or bait the security experts.
 “I worry about the ones that you never see and you never hear, because they’re not driven by ego,” said Michael Higgins, vice president for operations and technology with Global Integrity Corp., an international security firm. “ … In my line of business. they’re usually driven by the almighty dollar, which means that they’re somehow causing fraud or they’re causing extortion events and they’re making money.”