Hacker culture has played a fundamental role in driving technological advancement on the Internet throughout computer development history. The term “hacker” generally refers to computer enthusiasts and programmers with deep technical knowledge and insatiable curiosity who exploit system vulnerabilities for their purposes (Thomas, 2002). Interestingly, hacking can be traced back to 1878 when telephone operators manipulated phone line vulnerabilities before the emergence of the Internet (Jacob,2022). Despite being perceived as a disruptive subculture outside mainstream society, there exists a group within hacker culture known as White Hat hackers who legally protect their employers’ information by identifying and fixing system vulnerabilities (Jacob,2022). Thus, in this seemingly tranquil realm of cyberspace, an ongoing battle for data protection unfolds between malicious hackers profiting from data destruction and information leaks, and White Hat defenders safeguarding private data by addressing system weaknesses. This perpetual clash encompasses technology, knowledge, and innovation that continually shape today’s Internet.
Latitude Financial Services, an Australian financial services provider, fell victim to a hacking attack in mid-March 2023, which targeted its information management centre(Ogg,2023). This breach resulted in the compromise of private data belonging to approximately 14 million Australian and New Zealand customers (Ogg,2023). Among the data exposed were 7.9 million driver’s license numbers, 53,000 passport numbers, and various items of personal information, with some records dating back up to 18 years. Despite Latitude Financial Services’ prompt response and resolution of the situation, it remains accountable for one of the most significant data breaches witnessed in recent years by an Australian company. The hacker responsible for the attack issued a threat to Latitude and demanded a ransom. If the ransom is not paid, the stolen data will either be made public or sold to other malicious actors. As of June 30, 2023, Latitude Group has incurred losses amounting to $98.2 million after tax, primarily due to the breach of customer information and a substantial decline in operational activity(Meacham,2023).. Furthermore, Latitude now faces legal action following revelations that it retained customer data beyond the stipulated duration, in violation of New Zealand’s privacy laws(Meacham,2023).
The repercussions of Latitude Financial’s refusal to pay the hacker’s extortion demand have also negatively impacted its customers and the general public (Wood,2023). On one hand, the company maintains its belief that paying the ransom would only incentivize further malicious acts by hackers and fail to safeguard customer information. On the other hand, the failure to recover the leaked information promptly could lead to severe consequences, including economic losses, reputational damage, loss of critical information, and legal proceedings. Latitude Financial Services continues to work towards recovering from the data breach and minimizing its losses. Such attacks on corporate entities, government organizations, and individuals continue to persist. These incidents serve as a stark reminder of the significance of digital information on the internet and the disruptive influence of hackers.
The hacker culture has even permeated global movies and dramas, illustrating its widespread recognition. For instance, in the 1993 American film “Jurassic Park,” the character Dennis Nedry, a computer programmer, devises a plan to steal dinosaur DNA and auction it off. Similarly, in the South Korean movie “Unlocked,” released this year, the protagonist Lee Na-Mi falls victim to malicious surveillance and exposure of information that jeopardizes both her property and personal safety.
With the continuous evolution of digital technology and the internet, our lives have been greatly enhanced. However, this digital realm also stores our property, knowledge, privacy, and data in digital form. If we liken the internet to a connected digital fortress, then our digital information becomes a treasure trove, attracting the attention of saboteurs seeking to breach the fortress and pilfer it. Consequently, safeguarding our digital information from leaks and theft becomes an increasingly vital endeavour.
The hacking motive
Hacker appears as a mystery man, both in the movies and in popular stereotypes. Their motivations for data destruction can be divided into three main categories:
The main motivation for most hackers to steal data is financial gain, such as through ransomware attacks. Ransomware locks up computer data and demands a Bitcoin ransom for its restoration or threatens to leak/delete the victim’s data. Statistics predict that ransomware attackers will earn nearly $900 million from victims in 2023, showing an increasing trend in recent years(Toulas,2023).
A portion of hacktivism is motivated by ideology and belief in hacking, to purely disrupt acts or expose wrongdoing. However, because of the uncontrolled nature of the action, it is often associated with “radicalism”.
• Political program
The 2017 malware NotPetya was a malicious cyberattack believed to be state-sponsored (Wolff,2021). The software was initially targeted at Ukraine but spread to several countries around the world during this period, causing more than $10 billion in damage worldwide (Wolff,2021). As a result, this cyber attack became the most destructive cyber attack in history. Hacker attacks are unpredictable and can have irreversible consequences
The Defenders of Data
Although there is a long way to go in this data defence battle, there are still people who use their professional knowledge and skills to protect the data fortress. These are the types of people we call “white hat hackers” or “ethical hackers” who stand on the opposite side of the “black hat.” White hat hackers will work with organizations, businesses, or governments to find vulnerabilities through legal means to prevent malicious attacks by hackers and protect network data. Some well-known white hat hackers were also fearsome “black hats” before working with platforms. For example, Kevin David Mitnick, once named “the world’s most wanted hacker”, was jailed at the age of 16 for breaking into the computer network of DEC, a digital equipment company, by using his phone number to copy the company’s software. After his release, he hacked into several large companies to steal confidential documents, such as Nokia, MOTOROLA, and Fujitsu, and according to the FBI, he caused up to 400 million dollars in losses. In 2000, Mitnick quit his job as a computer security consultant helping governments and companies fight hacker attacks. It also trained government and corporate personnel in computer security awareness to prevent data breaches. The Bug bounty program, co-sponsored by tech giants such as Google, Facebook and Microsoft, rewards ethical hackers who find and report vulnerabilities. These programs encourage hackers to use their skills for good, helping to identify and correct weaknesses in digital systems.
“Catch Me If You Can”
The battle between hackers and white hat hackers is a perpetual cat-and-mouse game. Once the vulnerabilities are discovered and patched, hackers adjust and refine their tactics, looking for new entry points for data destruction. This constant testing drives innovation on both sides, pushing the boundaries of cybersecurity and digital defence. Phishing attacks, for example, continue to evolve, and hackers are increasingly convincing in crafting sleuthing emails and messages designed to evade white hat hackers. A phishing attack is a kind of social engineering attack in which the attacker will steal important information by pretending to gain the trust of the target group and then inducing the target group to click on a malicious URL or email attachment (Ozkaya, 2018). The first phishing scam attack appeared in 1990. At first, the phishing attack method was easily detected by humans, but with the development of computer and regulatory methods, the phishing attack method has improved (Alkhalil et al., 2021). The most costly phishing attack to date occurred in 2021, when fuel supplier Colonial Pipeline lost more than $3.4 billion due to a software attack that crippled the company, causing higher fuel prices to hit Volkswagen (Easterly, 2023). Data guardians are also adjusting their methods and raising awareness of cyber security.
In the tug of digital fortress siege, hackers and data maintainers play a key role in shaping the digital world. This ongoing battle is a constant reminder of the need for vigilance and innovation to keep our digital information secure. As we face the challenge of hacking on the Internet, it is important not only to acknowledge and appreciate the white hat hackers who protect our data but also to strengthen knowledge and cybersecurity awareness. Because all of us have a responsibility to be data advocates and commit to protecting our digital fortress.
Easterly，J.(2023). The Attack on Colonial Pipeline: What We’ve Learned & What We’ve Done Over the Past Two Years. America’s cyber defense agency. https://www.cisa.gov/news-events/news/attack-colonial-pipeline-what-weve-learned-what-weve-done-over-past-two-years
Jacob,F.(2022). A Brief History of Hacking.Cobalt. https://www.cobalt.io/blog/history-of-hacking
Meacham, S. (2023). Latitude criticised for length of time they held onto data. 9 News. https://www.9news.com.au/finance/latitude-cyber-attack-update-new-zealand-privacy-commissioner-data-retention/3774a077-ecea-4e63-8438-b86fe79c5a77
Ozkaya, E. (2018). Learn social engineering : Learn the art of human hacking with an internationally renowned expert. Packt Publishing, Limited.
Alkhalil, Z., Hewage, C., Nawaf, L., & Khan, I. (2021). Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, 563060.
Ogg, M.(2023). Cyber attacks wipe $76m from Latitude results.Business News Australia. https://www.businessnewsaustralia.com/articles/cyber-attacks-wipe–76m-from-latitude-results.html
Toulas,B.(2023). Ransomware payments on record-breaking trajectory for 2023. BleepingComputer. https://www.bleepingcomputer.com/news/security/ransomware-payments-on-record-breaking-trajectory-for-2023/
Thomas, D. (2002). Hacker culture. University of Minnesota Press.
Wolff, J. (2021). How the NotPetya attack is reshaping cyber insurance. Brookings. https://www.brookings.edu/articles/how-the-notpetya-attack-is-reshaping-cyber-insurance/