Week 1 - Introduction and history of hacking Flashcards
(10 cards)
Explain the four domains of mitigation against cybercrime and how each contributes to a comprehensive defence strategy. (8 marks)
Engineering - technical defences like firewalls, encryption, and intrusion detection systems reduce attack success.
Legal - laws such as the Computer Misuse Act (UK) deter cybercrime by criminalising offences and enabling prosecution.
Economic - disrupts criminal incentives (e.g., dismantling monetisation infrastructure like crypto mixers).
Educational - empowers users with knowledge (e.g., training to avoid phishing attacks). These domains work best together; combining preventative, punitive, and behavioural strategies.
Disscuss the historical significance of the Morris Worm (1988) and its impact on cybercrime legislation (6 marks)
- First major internet-based worm, exploiting UNIX flaws
- Caused multiple infections per machine, severely degrading systems.
- Led to the first conviction under the US Computer Fraud and Abuse Act.
- Triggered the formation of CERT, a national response team.
- Demonstrated the internet’s vulnerability and need for cyber legislation.
Compare the definitions of a hacker by Ingolf Becker, Wikipedia, and Hollinger. What does this say about perspectives on hacking? (5 marks)
Becker: Someone who understands systems better than their creators and bends them to their will.
Wikipedia: Exploiter of security weaknesses.
Hollinger: Militant user who sees security as a barrier to rightful access. These show that hacking can be viewed as innovation, deviance, or activism (depending on the perspective).
Outline the motivations and social perception of 1980s hackers based on Hollinger’s research (6 marks)
- Believed in free access to information and systems
- Targeted corporations/governments to challenge information control
- Viewed as folk heroes by peers; akin to modern hacktivists
- Influenced by ideologies like the Free Software Movement
- Actions were often non-malicious; many were young, first-time offenders
Why was the early Internet and computing infrastructure insecure by design, and how did that shape modern cybercrime?
- Built on academic trust, not security
- Protocols assumed honest users, lacking verification
- Shared channels for data and control allowed exploits (e.g., buffer overflow)
- Computers stored data and executable code together
- Lack of built-in security enabled early malware and exploitation models that persist today.
Summarise the core argument of Richard Hollinger’s past paper, Hackers: Electronic Highwaymen? (6 marks)
Hollinger argues that the focus on hackers as the primary computer criminals is socially constructed. While insider threats account for most computer crimes, law enforcement disproportionately targets young hackers due to their symbolic visibility, the influence of media, and societal technophobia. He likens hackers to folk heroes, much like 19th-century train robbers, and questions whether this prosecutorial focus is based on harm or convenience.
Explain why Hollinger considers the term ‘hacker’ to be socially constructed and politically convenient. (5 marks)
- The term shifted from admiration (technical expertise) to criminality due to law enforcement and media portrayal.
- Hackers are often young and visible, making them easy scapegoats.
- Prosecuting hackers is more feasible than uncovering complex insider crimes.
- Corporations, the primary victims, push for prosecution and have resources to pursue it
- This distracts from addressing the more prevalent internal threats
Discuss three reasons why hackers receive disproportionate attention from federal law enforcement compared to insider threats. (7 marks)
- Jurisdiction > hacker activities span states via telecommunications, invoking federal involvement.
- Victim profile > large corporations and government systems draw attention and demand action.
- Public fear > media-fueled technophobia makes hackers seem more dangerous than they often are.
These factors result in heavy-handed responses despite insiders causing more damage statistically.
What is the ‘hacker ethic’ and how does it contrast with legal perspectives on cybercrime? (6 marks)
- The hacker ethic promotes free access to information, opposing centralised control
- Hackers view actions like unauthorised access as non-deviant or socially justifiable.
- Legal systems, however, criminalise any unauthorised access regardless of motive.
- This ideological divide frames hackers as either civil disobedience or criminals, depending on perspective.
Describe how public fear and law enforcment limitations contribute to the moral panic around hackers (6 marks)
1) Technophobia - general fear of technology creates anxiety about unseen digital threats.
2) Media exaggeration - films and news stories dramatize hacker threats (e.g., War Games)
3) Skill gap - law enforcement lacks the expertise to tackle internal crimes effectively, so targets visible external hackers.
Combined these elements, it generate disproportionate fear and policy responses focused on low-impact actors.
