Hacker Mind Set

The motivations of those carrying out cyber attacks aren’t necessarily different from those of the caricatured stripy-shirted burglar creeping into your home – Marcus Rogers discusses the hacker mind set.

The term hacker has become a common word in our vocabulary. Few people have never heard of the term and almost everyone believes they understand what it means. Yet, despite almost 20 years of research into the motivations, psychological characteristics and mind set of hackers, we really know very little. The research to date indicates that there is no “one size fits” all generic hacker profile. Hackers are as diverse as any other criminal category or deviant grouping. While the underlying common denominator that separates hackers from other categories is the use and/or targeting of technology to commit some deviant or criminal act, that is where the uniqueness ends.

The motivations driving hackers to commit their crimes runs the gambit from greed, revenge, desire for notoriety, to patriotism and psychopathologies. Part of the reason for this wide continuum is the fact that hacking encompasses activities and subcategories that, according to the most recent research, evolves with the technology and society’s comfort with and use of technology. We now have sub-categories of hackers that include political activists (Hacktivists), criminal organisations (e.g., Anonymous), organised crime, and state sponsored/cyber warfare (cyber operations).  People now have the ability to purchase ready-made attack tools that can be customised for the target, and require nothing more than the click of a button to carry it out. Additionally, our society is now a globally connected society with access to information 24/7, and the ability to see what people are doing almost every minute of their lives based on their social media postings.

It is no wonder that researchers have struggled to identify common psychological profiles and motivational patterns in order to help better defend our cyber infrastructures and our own personal data. The creation of customised attack tools complicates studies that attempt to profile hackers based on real time activities, as it is uncertain whether one is measuring an automated tool or a real person.

Given the limitations of the research and the herculean task of trying to deal with all of the potential confounding variables, it would appear that hackers (other than state sponsored) are motivated primarily by greed, revenge or desire for attention. The research also indicates that with ‘lone-actor’ hackers there is usually some kind of critical path and trigger events that push the individual from thinking about attacking systems, to actually carrying out the attack. These trigger events can be unique to each individual but the event will cause a stress reaction that seems to push the individual over the proverbial edge.

The mind set of hackers that come together in groups such as hacktivists and loose criminal organisations, centres more on revenge and/or notoriety. These groups are more methodical in their choice of targets and their targets are typically symbolic in the case of hacktivists, or somewhat strategic in the case of the criminal organisations (e.g., rival groups, soft targets).

The remaining category of state sponsored and/or cyber warfare (AKA cyber operations) is not a unique deviant or criminal organisation. These individuals are part of the larger espionage world or military and are operating under direct (if not indirect) orders from their country. The mind set of these individuals is better understood in terms of military doctrine and patriotism.

While hacking is an artefact of technology and our connected society, much more work is needed to try and not just understand their mind-set (albeit subdivided into the various sub-categories) in order to deal with current threats, but to try a predict what will happen in near term future. The holy grail of research into hacker psychology is the concept of cyber adversarial predictive analysis; what are they going to do six months, one year, or five years down the road. But for now that seems more like science fiction than science reality.


This article appeared in Issue 2 of CREST Security Review. You can read or download the original article here.

About the authors

Marcus K. Rogers is the Director of the Cyber Forensics & Security Program in the College of Technology at Purdue University, where is Professor of Computer and Information Technology. His research focuses on digital forensics and applied psychological analysis.

Tags from the story
, ,