The anatomy of hacker groups: who breaks into electronic systems and why? by Dominique René

Most people think hackers are criminals who steal other people’s money or personal data. However, as is the case with any other stereotype, this perspective is only partially true.

In the context of electronic systems, hackers are first and foremost individuals with outstanding skills who understand the ins and outs of online services we use every single day. Furthermore, not all of them employ their expertise to wreak havoc. Many of them help strengthen other users’ security by participating in bug bounty programs or remediating the consequences of earlier breaches.

Besides, some hacker groups have codes of ethics and their members firmly believe that governments have no right to interfere with people’s private lives and that the Internet should be an entirely free ecosystem without limitations and bans. To a certain extent, this ideology is underlying the Bitcoin community, which is known for its spirit of protest.

Structure of the hacker underground

The hacker community includes two distinct branches, plus those who prefer neutrality and don’t want to be associated with either group.

• Black hat hackers
• White hat hackers
• Gray hat hackers

The first category on the list comprises individuals who fit the mold of a typical character in a Hollywood hacker movie. They use their skills to compromise various computer systems. They also create malicious software for shady purposes that mostly boil down to financial gain.

However, the range of these guys’ motivations is much broader than it may appear at first sight. They can be involved in cyber espionage for governments or specific businesses, or demonstrate their protest against these entities while causing collateral damage to regular people. They can as well perpetrate cybercrimes to satisfy their ego, just because they can do things most people are clueless about.

Their goal isn’t necessarily to steal data and hold it for ransom or sell it to interested parties. In many cases, the stolen information is simply erased, and it may be problematic to determine what exactly these people are driven by.

The representatives of the second class above, also known as ethical hackers, mostly use their skills and expertise to find vulnerabilities in electronic systems and patch them as part of bug bounties or fully-fledged commercial contracts. The distinguishing trait of these hackers is that they breach systems with the permission of the owners, which legitimizes the whole process.

There are also freelancers who perform penetration testing of electronic systems without being authorized to. Their motivation is benign, though. They do it for self-development or in order to get a bounty hunting reward in case they identify bugs. Gray hat hackers usually don’t exploit the vulnerabilities they manage to find, but they may make the bug details publicly available.

It’s noteworthy that hackers who don’t engage directly in felonies and cyberterrorism commit themselves to very strict ethical principles. These guidelines of the hacker culture originated in the Massachusetts Institute of Technology (MIT) and were put together in the “Hackers: Heroes of the Computer Revolution” book by Steven Levy. Here are a few of them:

• Share knowledge – all information should be freely accessible;
• Distrust influencers who have certain authority, endorse decentralization and free access to computer technologies;
• Make the world better by protecting democracy and fundamental human rights;
• Judge other members of the community only by their achievements rather than their religion, race, political biases, or awards.

Cypherpunks in the United States followed similar principles when struggling to abolish restrictions on the export of crypto technologies, which had been used exclusively for military purposes for a long time and were classified to comply with various bureaucratic regulations.

Some hackers have strong political beliefs in terms of protecting freedom of speech, freedom of information in particular and other human rights in general. They leverage their knowledge and skills to promote these values. However, the society and even other members of the hacker community sometimes criticize them for being too radical. This rebellious philosophy is dubbed “hacktivism”, and its methods may be reminiscent of cyberterrorism although the goals are completely different.

This ideological branch has a direct rival – patriotic hacking. Its aficionados think there are certain enemies of the state, such as terrorists, overly annoying critics, or even other countries. They aim to harm these perceived foes or block their attacks. One way or another, their activities are considered illegal unless they are true patriots working for appropriate government agencies.

Edward Snowden, the notorious former NSA and CIA employee, exemplifies this controversial trend. He had been faithful to the American government for quite some time, helping create digital systems for mass surveillance around the world, until his conscience pushed him to follow one of the fundamental hacking principles (freedom of information) and spread the word about what he knew.

Known hacker groups

Hacktivists

Anonymous might not be the largest hacktivist group in the world, but it’s definitely the most famous one. Most TV fans and Internet users know what the Guy Fawkes mask looks like from the “V for Vendetta” movie. It’s unclear, though, whether this popular thriller film is the only thing that inspired Anonymous to choose the mask as one of their symbols.

“We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us” – this is what the group’s motto says.

It’s worth mentioning that Anonymous hasn’t only targeted government websites around the world, but it has also zeroed in on corporations, individuals, and even the Church of Scientology. The group is also known to have ganged up against all those involved in the WikiLeaks financial blockade after the whistleblowing information about the U.S. government was disclosed on the site. Mastercard, PayPal, Visa, Amazon, some politicians, lawyers, and Swedish authorities underwent the hacktivists’ rage back then. This initiative got the name “Operation Payback”.

Anonymous has also orchestrated attacks against the Egyptian government, Interpol, the Vatican, the European Parliament, and “Islamic State”. Additionally, the group has taken significant efforts to protect The Pirate Bay and Kim Dotcom’s MegaUpload service, thereby kicking against anti-piracy campaigns.

LulzSec was another well-known hacktivist group. Unlike Anonymous, this organization arguably consisted of only six people, and it had a leader who betrayed the other members and helped the authorities track them down. The group originally performed cyber-attacks for fun but ended up repurposing their activities for politically motivated shenanigans. Its high-profile victims included the U.S. Senate, the CIA, Sony Corporation, LinkedIn social network, and quite a few more. The organization also participated in Operation AntiSec, along with Anonymous and other hackers.

There are many more groups associated with hacktivism, including RedHack, Cult of the Dead Cow, Chaos Computer Club, etc.

Cybercriminals

Most Internet users are familiar with one more type of hackers, the ones who seek personal gain. One of the infamous groups from this category is called Lazarus. According to some analysts, it is affiliated with the special forces of North Korea. It reportedly fired its first cyber raid against the government of South Korea back in 2007, followed by attacks against this country’s financial institutions and media companies in 2011, the Sony Pictures breach in 2014, and a number of incursions targeting cryptocurrency exchange services. The U.S. authorities hold Lazarus accountable for the massive WannaCry ransomware outbreak of 2017.

Some researchers believe that North Korea used the cryptocurrency assets obtained in the course of the above heists and the ransomware epidemic in order to circumvent international sanctions, although the mechanics of this process appear to be quite vague.

Another odious cybercriminal group is the “Islamic State Hacking Division”, also known as “United Cyber Caliphate”. It has perpetrated a series of major attacks to the advantage of the above-mentioned terrorist group, including onslaughts against Australian businesses in 2016; the U.S. military database hack resulting in personal information on more than 1,000 personnel being posted online; a compromise of email accounts belonging to British government officials; and the French media company TV5Monde hack.

Fancy Bear is one more ill-famed group that most likely has Russian origin. This organization is allegedly liable for interference in elections in France, Germany, and the United States, as well as for numerous attacks against journalists around the world.

We are Legion

There are lots of hacker groups and independent specialists out there with enough expertise to break into electronic systems. However, not all of them aim to harm regular users. Many of these people stand up for human rights, freedom of speech, and Internet freedom, although their methods might not be innocuous at all.

About the author: 

Dominique René is a young writer inspired by the present-day groundbreaking technological progress. Dominique’s overwhelming enthusiasm for tech matters stems from her current research in college and innate aspiration to expand her academic outlook. She’s committed to staying on top of innovative trends in computer security, online privacy, threat intelligence, cryptocurrencies, and cloud solutions.