DnA 9-15: Evil Hackers in the Media
or We're being screwed on Live Television
written by Arclight
8/20/94
With all of the hype over the "Information Superhighway" and coverage of things such as the "New" Internet, the media is beginning to focus more and more on hackers as a threat to this "new era of connectivity." With biased, exaggerated, and often false portrayals of those in the hacker community, the television and printed media have painted an ugly picture of the hacker element.
In the past two months, I have collected not less than five sensational computer-crime stories aired by local television stations in the L.A. area. Topics ranged from Cellphone hacking, to ATM fraud, with little more being stated about the perpetrators than the fact that they were "members of an elite hacker group" or some other such nonsense. What they are failing to mention is the fact that the people who are stealing 10,000 minutes of cellphone time, or 50 ATM cards is not a hacker; he is a criminal. Most of the people using and selling stolen Cellphone service are drug dealers, pimps, and others who have a need for this clandestine communications and can afford it. People have been stealing money from banks and committing fraud since the beginning of banks and monetary instruments. The only thing that is different, is that the computers have replaced paper-based approaches to managing records, and consequently many fraud attempts now involve computers.
The term "computer crime" is used to describe what should be termed "computer assisted theft." Computer hackers are different from computer theives, whose motive is to use whatever tools are available to steal as much as possible from whoever is vulnerable. Computer hackers do not break into other people's sensitive computer systems and steal their valuable data. The term "hacker" only describes a person who is intrigued by technology and wishes to explore it to its full potential. It does not by nature imply the penetration of computer systems and telephone networks.
Hackers may do things that fall into a "gray area" of legality and are thus left to use their own judgement in deciding what the correct thing to do is. Hackers are people who see beyond the "dumb user" level of a technology, and want to know what is behind it, what makes it work. For this reason, they are often left vulnerable by people who do not understand them or the technology, and assume that the only motive of the hacker is profit.
The media, whose function is to sell advertising and attract an audience for it, sees the hacker community as a vast and untapped resource for sensational stories. A newspaper's primary function is not to relay the absolute truth from an impartial viewpoint, but to make money. Since the media is waking up to the presence of information technology, it is only natural that they are beginning to focus on the "Outlaws" on the electronic frontier. <Overused Cliche noted>
Since the media and the general public have a limited understanding of what computer networks, information assets, and computer crime are, it is thus not surprising to see them screw up in a big way with mis-directed senationalism. A news item originating from "Someone logged in with a default account and modified the logs so they wouldn't know" can be turned into "Evil malicious hackers break into sensitive database and modify records" with only a slight stretch of imagination. And since computer crime is coming out into the open, companies are no longer afraid to report a hack or attempted hack to the media.
At one time, most large computer users would avoid prosecuting those who used were caught in their system without authorization, since it meant telling the world that their computer system is not secure. With increased senational coverage of hacker cases, it seems to have become an accepted rule that there is nothing that hackers cannot do. With that attitude present, it then becomes acceptable for a company to report hacking attempts and make prosecutions under the banner of "Sending a strong message to these electronic outlaws that their actions will not be tolerated."
As an example of a typical exaggerated hacker story, I provide a newspaper article from a national wire service. It will be analyzed shortly.
***
HEADLINE: COMPUTER HACKER, 16, TAPS INTO NUMEROUS FILES AT UC
BYLINE: FROM WIRE REPORTS
DATELINE: CINCINNATI
A 16-year-old computer hacker illegally tapped into the University of Cincinnati's computer system and accessed numerous files, campus police said.
<A 16 year old? He must have some evil agenda and plans for that STOLEN INFORMATION!>
Through a computer and telephone modem at his home, the teen-ager gained access to the university's Aerospace Engineering computer system, obtained passwords to other files and snooped into electronic mail systems, according to Juvenile Court records.
< How can someone explore any computer system without accessing file? And how can you use an account without having access to their E-Mail? This does not mean that you READ it.>
In a search last week of the youth's home in suburban Symmes Township, police seized computers, hard drives, a joystick, notes, a printer, modems, a keyboard and printouts.
<A Joystick? I wonder what that had to do with accessing computer systems. This shows the ignorance of law enforcement and the media in dealing with computer stories.>
Campus technician Rob Ogden discovered an unauthorised user on Feb. 18, campus police said. University spokesman Jim Dexter said an investigation was under way to find out what the youth may have accessed, altered or retrieved from the university's computer system. ***
<Keyword: *MAY* have altered. This story has a few holes in it. Would you consider this type of exploration to be a criminally punishable offense? And where else in the media do you see a 16-Year-Old boy, accused of a misdemeanor, treated with such seriousness. One would think he also killed someone in the computer department, burned down the university, and turned off the life support system of a terminally ill patient that was being treated at the Med school. Sheesh!>
It is this type of journalism that plays upon the public's fear of technology and those who understand it's intimacies. A simple exploration of a university's computer system, something that likely occurs daily in the thousands of universities across the US, is turned into a serious breach of Security, Safety, Happiness, God, Country, Family Values, and Moral Infrastructure.
It is our job to educate the media. They have a tremendous influence on the attitude of the public, government, and those who contro the technology we wish to explore. Remember: It is was the Blue Boxers that helped us get ESS.
One final point: If you are approached by the media for an interview, be VERY, VERY, VERY wary. They may be bound by law to turn over any evidence they have of you doing something illegal, and they could care less what happens to you once they get their story. Case in point: American Journal, three weeks ago, aired a story about "Raven and Plastik, ATM hackers." These are kids they met at the New York 2600 meeting, who agreed to show them how ATM fraud worked. They went to jail for "Conspiracy to commit electronic fraud." Even if you never commit a crime, you are guilty of CONSPIRACY if you
- Tell someone else about what you want to do and
- Do ANYTHING that could be considered a step toward committing that crime, i.e. buying a computer is a step toward code hacking.
If you are interested in doing a media interview, tell them how you feel, not what you think they want to hear. Don't tell them that Evil Malicious hackers can steal anyone's bank account in 10 seconds, but tell them what you think the definition of a hacker is. If you fight the hype with the truth, then maybe someday we can be out in the open again.
-Arclight
an120731@anon.penet.fi