Reinterpreting the Role of the Hacker in the Cyber-Security Paradigm

Hackers are currently viewed as cyber-criminals despite the fact that hacker goals, activities and modes of operation differ dramatically from cyber-criminals. This misclassification of hacker activities may be due, in part, to the fact that there is not an evidence based definition of the activities of groups that violate cyber-security laws. The qualitative research method was selected because this is a secondary qualitative analysis of existing data which was culled from current reports on recent cyber-security violations that have been reported to the Cyber-Security section of the Homeland Security website along with reports from Internet Crime Complaint Center (IC3). Sufficient cases to establish an academically rigorous definition of hackers and cyber-criminals were selected. These cases were sampled using multiple-case replication design. The findings of this study indicate that there are four distinct groups of cyber-security violators. Those four groups are cyber-terrorists, cyber-spies, cyber-thieves and hackers. Eight cases of cyber security violations were selected for study representing attacks on organizations and individuals in each of the four categories of cyber criminals. Key findings of the research indicate that cyber-spies use stealthy modes of entry and stealthy activities after entry whereas cyber thieves use stealthy modes of entry and open activities after entry and cyber terrorists use open methods of entry and open activities after entry to further their cause. The hacker commonly acts as an activist and uses a mixture of entry methods and activities after entry. There are no known activities in cyber-space that can be directly correlated to the real world activities of known terrorists. Cyber-terrorist attacks do not result in death and destruction directly such as the bombings and so on that most terrorists engage in. This research indicates that it is possible to define the groups of cyber criminals based on their methods of entry and activities after entry. It appears that this is an untapped area of research so recommendations include further research into this method of defining cyber-criminals vs. hackers. An unexpected theme uncovered indicates that hacktivists and cyber-terrorists may have more points of congruence which should be examined at a later date.