The Seduction of Hacking


Traditional criminology treats crime as a simple instrumental process, in which the criminal commits a crime with the objective of obtaining some type of personal benefit. From this perspective, social imbalance and the marginalization of certain groups caused these people to respond by committing crimes with the intention of getting what society had denied them.

Thus, a person without a sufficient income was "doomed" to steal in order to survive.

A leading author who supports this point of view is Merton, who pointed out that back in the day, Americans were constantly bombarded with goals of monetary success but that, paradoxically, the opportunities to achieve those goals weren't evenly distributed.

Thus, deviant behaviors were considered adaptive behaviors in view of the tension that existed between the desired goals and the legitimate or scarce means available for achieving them.

This approach has been widely dismissed as a theoretical model of crime, since as we all know, not only the disadvantaged or the marginalized commit crimes.

However, the instrumental view of crime has been maintained, presenting an explanation of crime in which the offender weighs out the costs and benefits of their criminal activity and always tries to obtain the greatest extrinsic benefit possible.

That is, the person who steals or commits fraud is someone who is simply looking for easy money. Pure rationalism that doesn't, however, explain other aspects of crime, some of which are very well reflected in a famous phrase by one of the leading authors of Cultural Criminology:


"It's not the taste for pizza that leads to the crime; the crime makes the pizza tasty.” (Katz, 1988:52).



In this sentence, Jack Katz introduces a very interesting element, the excitement caused by the crime itself beyond the benefit that is obtained through it.

Crime in this case is not an instrument, but an end in itself. This, according to the author, explains how, for some people, stealing something of little value constitutes an adrenaline-filled experience that is "addicting" and conditions these people to continue stealing.

hacking-seduction-01
As they commit more robberies, they develop a great skill (they manage to exploit advantageous situations to the fullest to commit a robbery) and this makes them feel (im)morally superior and capable of "transcending the controls of the system".

They achieve this "transcendence" from doing something that's prohibited, something that others can't or don't dare to do, they feel special on the other side of the law and they give their self-esteem the boost that they hadn't been able to achieve while being mere "legal citizens".

This "seduction by evil" is a variable that is usually very clearly identified in the hacker world, and that complements other related aspects that have been discussed in another post.

Grabosky (2000) describes the seduction of hacking from the perspective in which the hacker's actions are seen as an act of power that is gratifying in itself, which is embellished by the adventure that is "exploring the unknown", entering an impregnable system, programming an undetectable ransomware…

Foster (2004) presents a profile of the cybercriminal as a male in his 20s who lacks social skills and is fascinated by technology, with poor performance in other areas (e.g. education) and who sees the computer as a means for becoming important or powerful.


These people are highly motivated to successfully overcome computer-related challenges, always ready to work their hardest to outdo themselves in this field.



Just like Katz's comment on stolen pizza, hackers see their activity as an exciting act in itself, which then turns it into a new form of entertainment that couldn't have existed prior to the development of the appropriate technology.

There is also a narcissistic component that is related to all this, which surrounds this excitement and fascination caused by hacking and that makes many hackers see "fame" as yet another positive consequence of acting on the other side of the law.

In short, we can say that hackers seek pleasure, self-fulfillment and knowledge. Therefore, while it's true that they also obtain an economic benefit from their activity, this factor can sometimes take a backseat.


Some authors even speak of a certain kind of “voyeurism” in which the hacker gets excited about accessing confidential or restricted information, violating people's privacy and taking what doesn't belong to them.



This reinforces Katz's idea of transcendence, of being someone special compared to the rest of the "mortals" who let their actions be guided by rules and regulations.

hacking-seduction-02

In a complicated and competitive world, the person feels insignificant, more often than not frustrated and a misfit due to insecurities and a lack of social skills. However, when in their "hacker" role, the subject creates their own world, a universe they control, where their only limitations are the techniques they master, in which they are center of the universe and, in some way, the only God who exists.

This context of emotions is truly exciting and addictive for the hacker, in such a way that once they've tasted the "forbidden fruit", it will be very difficult for them to return to the routineness and ordinariness of the "normal" world.

This is also related to the classic Theory of Self-Control by Michael Gottfredson and Travis Hirschi in 1990, according to which criminals committed criminal acts due to their low self-control, they are people who want immediate satisfaction, who lack patience and are adventurous and active with limited cognitive abilities.

They can't put off gratification, causing them to try to get what they want quickly and without any regard for the rules. This impulsiveness leads them to carry out defiant and risky behaviors, being unable to assess the consequences and alternatives to said behaviors.

People with low self-control let themselves be quickly carried away by the temptations of their environment and get wrapped up in a cycle of behavior that is troublesome and risky, which connects with everything we've mentioned when it comes to the excitement and addictiveness of crime.

This theory has a very interesting evolutionary perspective, since it associates this lack of self-control with a very specific stage of development, adolescence, in which certain brain structures that will allow the person to self-control their behavior have yet to develop.

Therefore, the stage of adolescence that is related to this time of rebellion, risky behavior and vandalism in some cases, would be related to the inability of these young people to control their actions as a consequence of having yet to develop certain brain circuits and structures.

hacking-seduction-03

If we go back to the hacking world, we can also observe that adolescence is precisely when this fascination with computing and hacking usually first arises and evolves.

Thus, a perfect storm is created in which the excitement of crime is also a consequence and an end in itself. There is a predisposition to act in risky environments due to this lack of control, but in turn, carrying out these rule-breaking acts generates an "extra" sense of excitement that in some way conditions the recidivism of these acts and leads to a complicated and vicious cycle.

Therefore, behind so much rationality, behind an impersonal technology full of "0s" and "1s" is a complicated emotional framework in the life of the hacker, the one who controls the world through their keyboard.

To paraphrase Katz, controlling a system isn't what produces the hack, it's the possibility of achieving it that leads to hacking.

 

Posted by Tim Ayling

Tim Ayling is currently the Vice-President EMEA at buguroo. With over 20 years' experience in the cybersecurity and anti-fraud industry, Ayling began his career in technical support, and moved on to System Engineering. He began his leadership career when he established Entrust Inc. in Australia in 2003 and was made Vice-President Asia Pacific in 2006. Ayling has held numerous leadership roles in large cybersecurity vendors, including serving as the Global Head of Fraud Prevention Solutions at Kaspersky Labs, as EMEA Director of Fraud & Risk Intelligence at RSA Security, as well as spending time in the cyber-security practice of KPMG.

Did you like it? Share in your social communities

 

What did you think about this topic?

Leave your comments

 

Need to reduce fraud in your online banking?

Discover our holistic vision applied to online detection

Request demo