Public accounts of intrusions conducted or supported by state actors highlight the importance that military organizations are placing on cyber warfare. Those without access to privileged information have been debating when “real-world” warfare will find its way to the Internet, without realizing that such activities have been ongoing for at least several years.
Intrusions initiated by nation states against companies and governments of other countries are motivated by political and economic reasons, much like the traditional form of warfare. My hypothesis is that a country looking to safeguard its own cyber interests has to engage in a systemic campaign to compromise IT assets of its adversaries. The logical goal of such offensive operations is the state of mutually-assured destruction that deters each party in the conflict from taking advantage of the IT assets it compromised.
Here’s why I believe this might be the case:
The idea of mutually-assured destruction in cyberspace isn’t novel. It was brought up at an RSA Conference panel in February 2012. According to the Threatpost’s article discussing that panel:
"Deterrence will play an important role in avoiding conflict, as it did in the Cold War with Russia. The Chinese military appreciates that both it and the U.S. have cyber offensive capabilities and defensive vulnerabilities - ‘big stones, and plate glass windows,’ said Lewis. ‘We’re back to mutually assured destruction.’"
A June 2012 article in the New York Times discusses several cyber warfare initiatives that appear to have been conducted by the U.S. and highlights some of the challenges of achieving cyber warfare dominance and reaching the state of mutually-assured destruction.
Nations with the interest, expertise and budget to conduct offensive cyber activities are probably busy hacking each other to avoid being outpaced in this process by their adversaries. They are doing this to achieve the state of mutually-assured destruction as a way of deterring each other from launching a full-scale cyber war. Just a theory.
Be doubly vigilant after a physical break-in. Don’t just look for what’s missing, but what might have been left behind.
I’d like to better understand what drives people to engage in malicious hacking activities on the Internet. It’s a complex topic, of course, which incorporates the dimensions of money, fame politics and other facets of human life and psyche. One way to gain insight into the psychology of hacking might be to learn about another illegal fringe activity: shoplifting.
Commonality of Shoplifting
Shoplifting is more common than most people realize. According to When Consumer Behavior Goes Bad: An Investigation of Adolescent Shoplifting by Cox, Cox and Moschis, “as many as 60 percent of consumers have shoplifted at some time in their lives.” In fact,
"Although a few shoplifters are professional thieves, the vast majority appear to be amateurs in that their activity is sporadic, they typically have no known history of criminal activity, and they steal for their own consumption rather than for resale."
The situation seems to resemble the malicious hacking scene. Though I don’t have the data to prove it, my sense is that a fair number of people have dabbled in some form of hacking activities that would be construed as unethical or malicious.
Shoplifting as a Cinematic Crime
Some people who engage in shoplifting view it as a “cinematic crime,” as discussed in The Steal: A Cultural History of Shoplifting by Shteir. There seems to be a certain amount of mystique and coolness about shoplifting for some people. Some might even view it as a victimless crime. Some use it as a way to judge others: “I don’t trust anybody who hasn’t shoplifted,” said one former shoplifter according to Shteir.
Some shoplifters report feeling excited from the adrenalin rush when they were preparing for or in the process of stealing merchandise, talking about the crime as a love affair. Shteir explains:
"Shoplifters enjoy stealing. The objects mean something to them, but taking them feels dirty. Shoplifting is a spasm or a seizure. The lesson they learn from the crime—yes, I can!—they might apply to other areas of life. Shoplifting gives them courage to take chances."
The book also brings up examples of shoplifters like the feeling of superiority over the store clerk after a successful run. Even when they know they are doing something wrong—or perhaps because of it—they enjoy belonging to a seemingly exclusive club of shoplifters.
All these aspects: The feeling of excitement, superiority and belonging seem relevant to the emotions associated with malicious hacking activities as well.
Shoplifting Inclinations and Psychological Disorders
Studies suggest that some people who engage in compulsive shoplifting behavior might be diagnosed with psychological disorders. I don’t know enough about such conditions to say much about them, beyond quoting from Shoplifting: A Review of the Literature by Krasnovsky and Lane:
"Whether seen as simply a crime or a multifaceted disorder, shoplifting is an increasingly frequent problem in our society. For many offenders, it seems that shoplifting is just one among a group of antisocial acttivities engaged in, due to anger, excitement, or profit."
Similarly, different people engage in malicious hacking activities on the Internet for various reasons. What drives such individuals, what is their frame of mind and what, if anything, can be done to modify their behavior warrants a closer look. Perhaps understanding the psychology of shoplifting can shed some light on this complex topic. What do you think?
If you found this post interesting, you might also enjoy Similarities Between Riots and Modern Internet Hacktivism.
To what extent can understanding the dynamics of a mob in a riot shed light on the nature of modern Internet hacktivism? While riots differ in many ways from online activities of decentralized groups such as LulzSec and Anonymous, some similarities warrant consideration.
When learning about riots and mobs, I came across two excellent references. One was an essay titled The Psychology of the Wilmington Riot, which summarized key points from Arnold P. Goldstein’s book The Psychology of Group Aggression. Another insightful resource was David D. Haddock and Daniel D. Polsby’s paper Understanding Riots.
De-individuation of The Mob’s Participants
The mob, as defined in J.P. Chaplin’s book Dictionary of Psychology, is a “crowd acting under strong emotional conditions that often lead to violence or illegal acts.” Participating in illegal acts as part of a mob offers a degree of impunity, because the authorities are unlikely to have the capacity to identify and arrest a significant portion of the crowd.
The feeling of impunity is encompassed by de-individuation, which Goldstein defines as “the process of losing one’s sense of individuality or separateness from others and becoming submerged in a group.” Such groupthink leads to uninhibited behavior and also allows the mob to behave as a unified organism, even when it does not have formal leaders that coordinate the crowd’s actions.
The Importance of Instigating Events
In the book The Origins of Genocide and Collective Violence Ervin Staub points out that the majority of riots can be traced to apparent precipitating events that acted as the trigger for the crowd. For instance, shocking events allow crowds to assemble without a single entity recruiting them.
Such instigating incidents act as signals to the mob, telling its participants “what other people will probably do,” according to Haddock and Polsby. As the result,
"Each member of the crowd will know more about the intentions of fellow crowd members than people usually know about the intentions of strangers."
Moreover, for the crowd to become riotous,
"There has to be a critical mass of people in the crowd who are making accurate judgments, not about their own desires and intentions, but about the riotous desires and intentions of other members of the crowd."
The mob’s challenge is to act in unison without overt leadership. This involves identifying a common signal that makes each rioter confident that if he starts rioting, he will not be acting alone. Instigating events help in assembling the crowd and also in providing the context for interpreting other signals that guide the mob’s actions.
The Role of an “Entrepreneur” in Starting a Chain Reaction
How does the assembled mob, while still in the state of anticipation and potential uncertainty, know when to begin rioting? Haddock and Polsby point out the importance of having one member of the crowd take the first riotous action. The initial perpetrator, “serves as a catalyst—a sort of entrepreneur to get things going.” This person places himself at risk; if the mob doesn’t follow his actions, the authorities are likely to capture and punish him. Haddock and Polsby stipulate that:
"The entrepreneur will throw the first stone when he calculates that the risk that he will be apprehended for doing so has diminished to an acceptable level."
The “entrepreneur” pays attention to other signals to determine when to take action with the expectation that the mob will follow suit.
Stopping a Riot
The riot’s participants benefit from safety in numbers. Haddock and Polsby point out that rioting continues until the “authorities muster enough force to make the rioters believe that they once again face a realistic prospect of arrest.” According to Goldstein, the authorities can accomplish this through “distractions, re-individuation, dispersion, isolation” of the mob’s participants.
Authorities can eventually overwhelm rioters in numbers and force. However, assembling the sufficiently large team usually takes days. The budgetary facts of life “guarantee that modern urban police forces will always be staffed well below peak load demand levels,” note Haddock and Polsby. They suggest that a more effective approach might be to focus on the “entrepreneur’s” trigger activities that, if suppressed quickly, might prevent the chain reaction of a riot from starting at all.
Relevance to Internet Hacktivism
As we look to better understand activities and motivations of decentralized hacking groups, such as LulzSec and Anonymous, we might notice some similarities between the dynamics of their online hacking activities and those of riots:
To understand riots, consider the criticality of de-individuation of the mob’s participants, the importance of instigating events and the role of the “entrepreneur” in starting the chain reaction of a riot. There are parallels to the dynamics of modern Internet hacktivism. Further exploring how rioting mobs operate and what can be done to disperse a riot may have relevance to curtailing Internet hacktivism activities on a large scale, rather than solely dealing with incidents and their perpetrators on individual basis.
If you found this post interesting, you might also enjoy Psychological Similarities Between Shoplifting and Malicious Hacking.
Photo credit: looking4poetry
Hacking logs can be a stress-relieving experience for many, strengthening both the body and spirit. Here is my 10-step guide to log hacking:
For additional log hacking advice, see:
Just kidding. What do I know about log hacking?