Hacking isn’t just fun and games anymore
In the early years of computing, hackers were folk heroes in the IT world. Tales of sneaking into supposedly secure systems and playing pranks were lore around the geek campfire.
The thing is, though, such antics were usually harmless, involving things like generating printouts of profanity or sending fake messages to users or administrators.
Sure, sometimes things got a little out of hand, like when Matthew Broderick hacked into NORAD and got the computer to play a game of thermonuclear warfare in the real world, but that was just a movie. In fact, Broderick's character had no malicious intent.
For years, this was the stereotype of the hacker, a genuinely good person, meaning no harm, simply testing his or her prowess. The hacker was David to the Goliath of the large, sophisticated system. Due to the cost and relative size of such systems, Goliath was almost always a military or government entity.
Nowadays, however, computer systems are virtually ubiquitous. Owners of such systems are not necessarily Goliath's.
Hackers have evolved as well. Today, hackers can be classified into three groups:
» The White Hat hacker is much like our heroic hacker of old. Typically, the White Hat attempts to break into systems to identify their weaknesses so that the system administrators can patch the holes.
» The more notorious hacker is known as the Black Hat. Black Hats usually try to break into systems for malicious and criminal purposes, usually financial gain. Black Hats are also the purveyor of damaging viruses.
» The Gray Hat is basically a hybrid of the two. This can be a White Hat hacker who is occasionally drawn into the dark side, usually for personal gain. Sometimes, it can simply be a White Hat hacker who commits crimes in the course of their endeavors.
Of course, it is the Black Hat tactics that cause the most concern. Today, the main risk to Black Hat hacking is financial.
But what does the future bring? After all, as technologies evolve, systems will only become more pervasive.
Consider this from the healthcare sector: A growing trend in the United States is to implant devices in patients that send information to their doctors' computers through a wireless connection. Imagine the consequences if a Black Hat were to hack into the device, via the wireless connection.
We're also seeing many more computer systems employed to control buildings and residences. That is, systems that control the lights, cooling, security, and other devices within a building. A Black Hat hacker could cause serious damage with unfettered access to such a system.
Surely such examples are extreme and probably not likely in the near future. But folks considering implementing a new system need to be more diligent than ever in examining heretofore unheard of risks.
John Agsalud is president of ISDI Technologies Inc., an information-technology consultancy. He can be reached at firstname.lastname@example.org.