Documente Academic
Documente Profesional
Documente Cultură
Per. 1
In the day and age we live in technology has become a crucial part of our everyday lives.
You cant open your eyes without seeing some sort of gadget or computer. This opens up a new
world for crime and corruption. Hacking can encompass any form of accessing or using
technology without the owners permission, Or any form of using something for a task it wasnt
designed for. Hacking is in fact so prevalent yet we dont even realize its there. Millions of data
instances are stolen every year. Companies and individuals are brought to their knees by the
effects of cybercrime. Laws are often vague and unclear. There are many different types of
hackers and even more victims associated with hacking. Any device you can think of is
The public stigma really misguides what a hacker is. Most people see a creepy, glasses
clad, nerd who sits in his basement and wreaks havoc. In reality, while this vision remains true
for some, hackers come in all shapes and sizes. There are three main categories: White hat,
Black hat, and Grey hat. White hat hackers are the good guys. This would include security
analysts and penetration testers. They have created a career of hacking. Companies pay good
money for a well qualified cyber security analyst. On the opposite side of the scale there are
Black hat hackers. These are the bad dudes. People who game the system; Their only goal is
making money and destroying things. They work by destroying databases and crashing servers.
If done right a proper hack can raise hundreds of thousands of dollars often times even millions.
The line gets really fuzzy in the middle; This is where grey hatters lye. These individuals often
have a good career but partake in extracurricular forms of deception. They take a little bit extra
on the side. This is still just as illegal as what the black hatters do, but they like to think theyre
good because they do it for a living. The grey hat category also includes those who fight for a
cause. They damage and destroy for a certain viewpoint whether good or bad. This gets
complicated quickly. While still illegal, the morals and ethics involved in such instances are
extremely blurry. People have been many a time put in prison for actions that seem quite right to
the public but are still highly illegal in a legality situation. Such an example would be famous
Brayden Hicks
Per. 1
hacker/ hacktivist Bryan Seely. At one point he was running a $10 million dollar a year hacking
organization. Through simple manipulation of advertising he could turn any small business into
a corporate leader. His actions get really difficult to decipher as we move into his whistleblowing.
Feeling bad for his actions, he decided to let people know about how easy it was. He reached
out to google and all the other major advertisers. They all ignored him.
Finally Bryan did something he couldnt undo. To prove a point he modified the FBI field
office and Secret service office google pages. He redirected all phone calls through two
separate accounts and had them forwarded back to the office through a simple wiretap server.
The first call came in and wallah, Seely had just recorded a government conversation. A Serious
federal offense. I couldve done this for every congressman, the White House, mayors, lawyers,
banks, foreign embassies, you name it, said Seely (qtd in Atkins 3). All his closest friends
recommended he turn himself in. As he marched into the secret service office and told his story,
no one believed him. For me to pull this off and them to roll their eyes, I just had to say, Screw
you. Pick up your phone and call your D.C. office right now, said Seely (qtd in Atkins 3). The
call went through and seely played a recording for the office secretary. Within twenty minutes he
was locked in an interrogation room. He was ordered to cease and desist. His story shows an
The victims of cybercrime vary drastically. Many people believe that only large
businesses are affected by cybercrime. This is an inaccurate myth. Thousands of individuals are
seen through car theft. A recent article by David Crookes gives details on what can be done to a
Two men from Texas are being tried for such actions. They are believed to be involved in
the theft of over thirty Chrysler and Dodge cars. They managed this by hacking into the cars,
unlocking them, and starting them. They were able to do this in just under 10 minutes. This is a
frightening prospect. Their trial is set to be held in just a couple months (crooks).
1
Brayden Hicks
Per. 1
Large businesses are also vulnerable to cyber attacks. Instances of data breach can
have devastating effects on large businesses and their customers. A recent example of a large
data dump is the Ashley Madison attack. Millions of user data was compromised and leaked.
Hackers broke into databases and leaked stolen files through several outlets. People
everywhere gained access to dirty secrets entrusted to Ashley Madison by its customers. Target
retailers were also attacked just a year or two ago. Thousands of credit card numbers and
emails were pilfered. The ever reach of cybercrime has dramatic consequences for all who
Laws and statutes surrounding cybercrime often dont do much to help. Its very difficult
on most occasions to catch the bandits. Criminals are becoming increasingly talented at
Using the Computer Fraud and Abuse Act to Secure Public Data Exclusivity the author goes
over one of the main litigation tools used to prosecute cybercrime. He discusses the computer
fraud and abuse act or the CFAA for short. His discussion goes deeper into one of the several
ways in which an individual can violate a law. Mr. Nicholas A Wolfe wrote:
The Computer Fraud and Abuse Act (CFAA) was drafted to draw the line between
hacks and hacking. Drafted in 1986 and amended with a frequency similar to iOS
updates, there are nine ways to violate the CFAA.2 This article covers just one.
Subsection 1030(a)(2)(C) provides that anyone who (1) intentionally accesses without
or in excess of authorization (2) information (3) that causes a plaintiff at least $5,000
loss in a 1-year period is engaged in hacking under the CFAA.3 Access without or in
excess of authorization is generally interpreted with reference to circumvention of some
access
control. Concerning the $5,000 loss requirement, the plaintiff is generally required to
submit a supporting declaration.4 3 At its core, the CFAA is intended to deter the
exploitation of computer system vulnerabilities that cause damage to the computer
system. Ironically, in so doing, the CFAA has exposed two of its own vulnerabilities in
the face of a dynamic technological Landscape: (1) Literal application of access
control to encompass any access control, including mere token controls;5 (2) Cursory
review of loss declarations to include any first party expense, whether incurred
reasonably or unreasonably.6 4 The consequences of these vulnerabilities are
widespread. For example, if you are reading this article in a Chrome browser and were
to open a new tab and navigate to the Seattle Times website, read your maximum
article limit, and then press Ctrl + U to view the source code and read one additional
article in HTML form, the 3Taps court would likely interpret your actions as hacking
under the CFAA.7 5 These two vulnerabilities enable unchecked application of a
2
Brayden Hicks
Per. 1
win a case. This means that breaking the law could easily be achieved by accident or mistake
Some states are passing new laws to clarify this. Florida passed a new law just this year
called the Computer Abuse and Data Recovery Act. This allows companies and the government
to go after cyber criminals. It allows them to prosecute for data breach and other attacks. The
law allows companies and entities to get monetary payment to repair and rebuild (Kain 65).
The word hacking is most often times associated with computers only. In reality pretty
much anything can be hacked. If its powered by electricity and it does anything more than make
your coffee it can be hacked. Your coffee maker may even be vulnerable as well. In a Ted talk
Avi Rubin gives several very shocking examples. The worst of which is a implanted medical
pacemaker. Through wireless networks an attacker can do pretty much anything to the patient.
They can change rhythm, access patient details, and surprisingly even deliver a lethal shock
(Rubin).
Another creative and scary instance of technological manipulation discussed in his talk
was the monitoring of keystrokes using an old iphone set on a desk beside a keyboard. The
university study he referenced showed that it was possible to record keystrokes on a keyboard
with around 80% accuracy by using the accelerometer on an old iphone. Whats the
significance?,most people would ask. Most of the sensors on modern day cell phones are
locked down heavily and require more skill to break into. The accelerometer is an exception. It is
not well known as a intrusive sensor and as such is kept relatively unsecure. The researchers
were able to use minimal vibrations recorded by the iphones accelerometer and cross
reference them with what was being typed. They created an algorithm that with almost 80%
3
Brayden Hicks
Per. 1
accuracy recorded keystrokes. The computer would even substitute a list of words for unknown
fields. From their a human would only have to substitute the word that made sense into the
keyed phrase (Rubin) Such instances are only minimal examples of what is possible.
Cybercriminals are very good at what they do. On the extreme end of cybercrime there are
advanced physical means by which systems can be hacked using physical hardware clues. In
an article written by Daniel Genkin and several others, physical key extraction techniques are
other external factors a hacker can gain information about a system including cryptographic
keys. Determined assailants can reverse engineer chips and signals to produce passwords and
other means of entry(Genkin 70). These techniques are extremely advanced and are often
employed at a very secret and expensive level. Such individuals are very dangerous.
The journal entry written by Kevin L. Miller explores this topic. In the world we live in everything
cybersecurity includes expectations of security with businesses and individuals in daily dealings.
For example when you purchase something online or sign up for a service, you expect the
vendor to keep your information safe. This is where legality can get fuzzy. Reasonable
cybersecurity can be very different depending on the perspective of the viewer (Miller 22).
Scientists are researching ways to prevent hacking. Mike Duff wrote an article
about car hacking and the related fears. He fears that ransomware will someday be a means for
hackers to lock cars for ransom. His team of researchers have set up an advanced simulator to
test certain attacks. His work is an effort to make cars safer and less vulnerable to hackers (Duff
20).
It is very essential more research be put into securing our society. Knowing what can
be hacked and how to stop it is essential for a secure future. Cybersecurity will make or break
the future. Laws need to be revised for clarity and punishments for breaking such laws need to
4
Brayden Hicks
Per. 1
be enforced. These threats will not go away but will only get stronger and more prevalent.
Works cited
Atkins, Drew. "Hacker In A White Hat." Seattle Business 26.9 (2015): 16. MasterFILE Complete.
Crookes, David. "Car Hacking." Web User 405 (2016): 36. MasterFILE Complete. Web. 22 Sept.
2016.
DUFF, MIKE. "New Tech To Combat Hacking." Autocar (2016): 20. MasterFILE Complete. Web.
26 Sept. 2016.
GENKIN, DANIEL, et al. "Physical Key Extraction Attacks On Pcs." Communications Of The
ACM 59.6 (2016): 70-79. Business Source Premier. Web. 22 Sept. 2016.
Kain, Robert C. "The New Computer Abuse And Data Recovery Act: A Business Tool Against
Computer Hacking." Florida Bar Journal 90.1 (2016): 65-68. Academic Search Premier.
5
Brayden Hicks
Per. 1
Miller, Kevin L. "What We Talk About When We Talk About "Reasonable Cybersecurity": A
Proactive And Adaptive Approach." Florida Bar Journal 90.8 (2016): 22-31. Legal
Wolfe, Nicholas A. "Hacking The Anti-Hacking Statute: Using The Computer Fraud And Abuse
Act To Secure Public Data Exclusivity." Journal Of International Human Rights 13.3