Secondly, hacking can cause both enormous and serious damage. For example, a computer system that has been hacked might not only get important data destroyed, but also loss of economic resources. It can even damage the world economy. According to VG, a new computer virus was found in January 2004. This computer virus was called ‘Mydoom’, also known as ‘Novarg’. This virus has spread rapidly via the Internet all around the world’s computers, disguised as a normal email with an error message which tells you that a message from one of your contacts does not show as usual (vg.no B, 2004). Besides, it is more unacceptable and gloomy when a hacker breaks into big and government computer systems to companies and organizations and provides with extremely important information. This is maybe why hacking is seen as an unethical, wrong and criminal action in many countries, for instance in the United States and some countries in Europe and Scandinavia. People who get caught for hacking can risk imprisonment for life with large penalties and also be defined as terrorists (vg.no, 2001).
Finally, computer hackers exploit human weakness. According to the book “The Art of Deception”, the American super hacker, Kevin D. Mitnick, stated, “Somebody who uses deception, influence, and persuasion against business, usually targeting their information, belongs to the other sub-specialty, the social engineer.” (Mitnick, p. xii). In other words, hackers are more depending on social skills than technological insights. “The Art of Deception” is about that hackers do not need to use for hours on breaking the password protection to get into the computer systems. The only thing they need to do is, for example, to pass oneself off as a co-worker for a company and fool a valid username and password easily (Mitnick, 2002). This is definitely a weakness of humans, because we are trained to be helpful. Just because of our helpfulness, the computer hackers use their social charm on exploiting us. “The Art of Deception” gives many examples on hacking techniques, but all of them are fictitious stories by Mitnick. This book is meant to be a facility for security experts for defending themselves against hackers. Below, there is a scenario from “The Art of Deception”, which shows one relevant example of how hackers exploit people:
“Janie Acton had been manning a cubicle as a customer service rep for Hometown Electric Power, in Washington, D.C., for just over three years. She was considered to be one of the better clerks, smart and conscientious.
************************************
It was Thanksgiving week when this one particular call came in. the caller said, “This is Eduardo in the Billing Department. I’ve got a lady on hold, she’s a secretary in the executive offices that works for one of the vice presidents, and she’s asking for some information and I can’t use my computer. I got an email from this girl in Human Resources that said ‘ILOVEYOU,’ and when I opened the attachment, I couldn’t use my machine any more. A virus. I got caught by a stupid virus. Anyways, could you look up some customer information for me?”
“Sure,” Janie answered. “It crashed your computer? That’s terrible.”
“Yeah.”
“How can I help?” Janie asked.
Here the attacker called on information from his advance research to make himself sound authentic. He had learned that the information he wanted was restored in something called the Customer Billing Information System, and he had found out how employees referred to the system. He asked, “Can you bring up an account on CBIS?”
“Yes, what’s the account number?”
“I don’t have the number; I need you to bring it up by name.”
“Okay, what’s the name?”
“It’s Heather Marning.” He spelled the name, and Janie typed it in.
“Okay, I have it up.”
“Great. Is the account current?”
“Uh huh, it’s current.”
“What’s the account number?” he asked.
“Do you have a pencil?”
“Ready to write.”
“Account number BAZ6573NR27Q.”
He read the number back and then said, “And what’s the service address?”
She gave him the address.
“And what’s the phone?”
“Janie obligingly read off that information, too.
The caller thanked her, said good-bye, and hung up. Janie went on to the next call, never thinking further about it.” (Mitnick, pp. 36 & 37).
This scenario gives us a description of how Janie gets fooled by a professional hacker. Even though she is one of the better clerks and that she is smart, she still could not prevent this action to happen. However, it is not Janie’s fault, because the hacker has prepared for this action in advance, he has already planned everything. For Janie, this is only a normal conversation in one of her work days. She was just trying to do her best on helping the customers, and she never thought about that this customer might be a hacker. In everyday life, anyone can find oneself in situations like Janie’s. Usually, people do not take notice of that something might be wrong, because of their readiness to help. They would never think that they will be exploited in this way.
Although most people in the world think that hacking is wrong, there still are situations where hacking is acceptable. For instance, what about when a 15 year old boy, Reid Ellison (USA), who hacked into the computer network at school and changed his mark because the teachers did not believe him when he told them about this break-in and the whole process in his project? The teachers wanted him to prove this break-in, so they wanted him to hack into the computer network at school. Therefore, Reid did not have any harmful intention, and he did not do any damage either (itavisen.no, 2002). Even though Reid has committed a computer crime, it would be very unjust to arrest this boy.
Secondly, there has been developed a kind of computer hacking which is called ‘Ethical Hacking’. According to The New Hacker’s Dictionary on the Internet, hacker ethics can be defined as “the belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality” (Raymond, n.d.). In other words, hackers with good intensions are doing ethical hacking, for example helping the authorities or organizations to chase away other hackers. This is exactly what Kevin D. Mitnick, the super hacker, is doing today. He is the most successful and the most disreputable hacker in the United States. Mitnick had been arrested before because of a number of hacking burglaries, which cost him five years in prison. After he was released from prison four years ago, he neither could touch a computer for three years, nor work as a councillor for any computer companies. He could not touch a modem, mobile phones or access the Internet either. He could not even travel outside California without special permission. These limitations are now annulled. Nowadays, he is one of the most popular lecturers within computer and network security. He has given the old saying “It takes a thief to catch a thief” a new dimension. He also works as a security adviser where he prevents the break-in on computers (digi.no, 2004).
Finally, it is legal for people to use hacker software for breaking the copy protection on a copyright CD/DVD in some countries (vg.no C, 2004). For instance, to remove the copy protection will let the users have the opportunity to make back ups of their movies and music which they have bought. A 20 year old Norwegian boy, Jon Lech Johansen, also known as DVD-Jon, is doing this kind of hacking. He is charged with making the hacker software DeCSS that cracks the code on DVD movies. This software removes the built-in copy protection CSS (Content Scrambling System) on DVD movies and makes a copy of this film on the computer hard drive (vg.no A, 2003). He is now acquitted from this indictment, because the Norwegian law gives you the right to make private MP3-copies of your music. According to the Norwegian Copyright Act, people can make back up of their own property (vg.no B, 2003).
In conclusion, it is clear that stealing is wrong, and breaking into a house is not right either. People should also respect others’ privacy. Hence, many people will find hacking an unethical, wrong and criminal action. Computer hacking is a very serious crime and a break on ethical action, too. A person who gets caught for hacking can risk long term of imprisonment or even imprisonment for life in many countries. Moreover, not only does computer hacking break the right to private property and personal life, but it also causes enormous damage. On the other hand, everything has an exception, because there actually are some situations where hacking is quite contrary to this and that the hacker does not necessarily be judged for prison. In my opinion, I think that as long as the break-in on a computer does not cause any problems or damage to the system itself or to the company and has positive intentions – for example to prevent other uncomfortable and harmful situations happening, then computer hacking should be seen as an acceptable and legal action.
References
Cheswick, William R. et al. (2003): Firewalls and Internet Security: Repelling the Wily Hacker. 2nd Edition. Addison-Wesley. Canada
digi.no (2004): ”Hacker-konge holder sikkerhetskurs i Norge.” Available:
[downloaded 18.08.04, 01:44]
interhack.net (2000): “What Is A Hacker?” Available:
[downloaded 27.08.04, 20:59]
itavsisen.no (2002): “15-åring Hacket Skolen.” Available:
[downloaded 27.07.04, 21:10]
Mitnick, D. Kevin & William L., Simon (2002): The Art of Deception: Controlling the Human Element of Security. Wiley Publishing, Inc., Indianapolis, Indiana. Canada
Raymond, Eric S. (n.d.): “The New Hacker’s Dictionary” Available:
[downloaded 06.08.04, 01:00]
Stone, David M. (1999): “Computer Hacking.” Available:
[downloaded 28.07.04, 23:38]
vg.no (2001): ”Vil Dømme Hackere Som Terrorister.” Available:
[downloaded 28.07.04, 23:55]
vg.no A (2003): “Krever 90 dagers fengsel for DVD-Jon.” Available:
[downloaded 26.08.04, 21:22]
vg.no B (2003): “DVD-Jon vant igjen.” Available:
[downloaded 26.08.04, 21:45]
vg.no A (2004): “Hacket nettbank.” Available:
[downloaded 06.08.04, 11:40]
vg.no B (2004): ”Hissig dataorm sprer seg.” Available:
[downloaded 06.08.04, 12:05]
vg.no C (2004): “MP3-kopier er lov!” Available:
[downloaded 26.08.04, 22:13]