- Also called:
- computer crime
- Key People:
- Bruce Sterling
- Related Topics:
- piracy
- online predator
- cyberattack
- ransomware
- business e-mail compromise
- On the Web:
- European Parliament - Understanding cybercrime (PDF) (Apr. 14, 2025)
News •
While breaching privacy to detect cybercrime works well when the crimes involve the theft and misuse of information, ranging from credit card numbers and personal data to file sharing of various commodities—music, video, or child pornography—what of crimes that attempt to wreak havoc on the very workings of the machines that make up the network? The story of hacking actually goes back to the 1950s, when a group of phreaks (short for “phone freaks”) began to hijack portions of the world’s telephone networks, making unauthorized long-distance calls and setting up special “party lines” for fellow phreaks. With the proliferation of computer bulletin board systems (BBSs) in the late 1970s, the informal phreaking culture began to coalesce into quasi-organized groups of individuals who graduated from the telephone network to “hacking” corporate and government computer network systems.
Although the term hacker predates computers and was used as early as the mid-1950s in connection with electronic hobbyists, the first recorded instance of its use in connection with computer programmers who were adept at writing, or “hacking,” computer code seems to have been in a 1963 article in a student newspaper at the Massachusetts Institute of Technology (MIT). After the first computer systems were linked to multiple users through telephone lines in the early 1960s, hacker came to refer to individuals who gained unauthorized access to computer networks, whether from another computer network or, as personal computers became available, from their own computer systems. Although it is outside the scope of this article to discuss hacker culture, most hackers have not been criminals in the sense of being vandals or of seeking illicit financial rewards. Instead, most have been young people driven by intellectual curiosity; many of these people have gone on to become computer security architects. However, as some hackers sought notoriety among their peers, their exploits led to clear-cut crimes. In particular, hackers began breaking into computer systems and then bragging to one another about their exploits, sharing pilfered documents as trophies to prove their boasts. These exploits grew as hackers not only broke into but sometimes took control of government and corporate computer networks.
One such criminal was Kevin Mitnick, the first hacker to make the “most wanted list” of the U.S. Federal Bureau of Investigation (FBI). He allegedly broke into the North American Aerospace Defense Command (NORAD) computer in 1981, when he was 17 years old, a feat that brought to the fore the gravity of the threat posed by such security breaches. Concern with hacking contributed first to an overhaul of federal sentencing in the United States, with the 1984 Comprehensive Crime Control Act and then with the Computer Fraud and Abuse Act of 1986.
The scale of hacking crimes is among the most difficult to assess because the victims often prefer not to report the crimes—sometimes out of embarrassment or fear of further security breaches. Officials estimate, however, that hacking costs the world economy billions of dollars annually. Hacking is not always an outside job—a related criminal endeavour involves individuals within corporations or government bureaucracies deliberately altering database records for either profit or political objectives. The greatest losses stem from the theft of proprietary information, sometimes followed up by the extortion of money from the original owner for the data’s return. In this sense, hacking is old-fashioned industrial espionage by other means.
One of the largest known case of computer hacking was discovered in late March 2009. It involved government and private computers in at least 103 countries. The worldwide spy network known as GhostNet was discovered by researchers at the University of Toronto, who had been asked by representatives of the Dalai Lama to investigate the exiled Tibetan leader’s computers for possible malware. In addition to finding out that the Dalai Lama’s computers were compromised, the researchers discovered that GhostNet had infiltrated more than a thousand computers around the world. The highest concentration of compromised systems were within embassies and foreign affairs bureaus of or located in South Asian and Southeast Asian countries. Reportedly, the computers were infected by users who opened e-mail attachments or clicked on Web page links. Once infected with the GhostNet malware, the computers began “phishing” for files throughout the local network—even turning on cameras and video-recording devices for remote monitoring. Three control servers that ran the malware were located in Hainan, Guangdong, and Sichuan provinces in China, and a fourth server was located in California.
Computer viruses
The deliberate release of damaging computer viruses is yet another type of cybercrime. In fact, this was the crime of choice of the first person to be convicted in the United States under the Computer Fraud and Abuse Act of 1986. On November 2, 1988, a computer science student at Cornell University named Robert Morris released a software “worm” onto the Internet from MIT (as a guest on the campus, he hoped to remain anonymous). The worm was an experimental self-propagating and replicating computer program that took advantage of flaws in certain e-mail protocols. Due to a mistake in its programming, rather than just sending copies of itself to other computers, this software kept replicating itself on each infected system, filling all the available computer memory. Before a fix was found, the worm had brought some 6,000 computers (one-tenth of the Internet) to a halt. Although Morris’s worm cost time and millions of dollars to fix, the event had few commercial consequences, for the Internet had not yet become a fixture of economic affairs. That Morris’s father was the head of computer security for the U.S. National Security Agency led the press to treat the event more as a high-tech Oedipal drama than as a foreshadowing of things to come. Since then, ever more harmful viruses have been cooked up by anarchists and misfits from locations as diverse as the United States, Bulgaria, Pakistan, and the Philippines.
Denial of service attacks
Compare the Morris worm with the events of the week of February 7, 2000, when “mafiaboy,” a 15-year-old Canadian hacker, orchestrated a series of denial of service attacks (DoS) against several e-commerce sites, including Amazon.com and eBay.com. These attacks used computers at multiple locations to overwhelm the vendors’ computers and shut down their World Wide Web (WWW) sites to legitimate commercial traffic. The attacks crippled Internet commerce, with the FBI estimating that the affected sites suffered $1.7 billion in damages. In 1988 the Internet played a role only in the lives of researchers and academics; by 2000 it had become essential to the workings of the U.S. government and economy. Cybercrime had moved from being an issue of individual wrongdoing to being a matter of national security.
Distributed DoS attacks are a special kind of hacking. A criminal salts an array of computers with computer programs that can be triggered by an external computer user. These programs are known as Trojan horses since they enter the unknowing users’ computers as something benign, such as a photo or document attached to an e-mail. At a predesignated time, this Trojan horse program begins to send messages to a predetermined site. If enough computers have been compromised, it is likely that the selected site can be tied up so effectively that little if any legitimate traffic can reach it. One important insight offered by these events has been that much software is insecure, making it easy for even an unskilled hacker to compromise a vast number of machines. Although software companies regularly offer patches to fix software vulnerabilities, not all users implement the updates, and their computers remain vulnerable to criminals wanting to launch DoS attacks. In 2003 the Internet service provider PSINet Europe connected an unprotected server to the Internet. Within 24 hours the server had been attacked 467 times, and after three weeks more than 600 attacks had been recorded. Only vigorous security regimes can protect against such an environment. Despite the claims about the pacific nature of the Internet, it is best to think of it as a modern example of the Wild West of American lore—with the sheriff far away.
Spam, steganography, and e-mail hacking
E-mail has spawned one of the most significant forms of cybercrime—spam, or unsolicited advertisements for products and services, which experts estimate to comprise roughly 50 percent of the e-mail circulating on the Internet. Spam is a crime against all users of the Internet since it wastes both the storage and network capacities of ISPs, as well as often simply being offensive. Yet, despite various attempts to legislate it out of existence, it remains unclear how spam can be eliminated without violating the freedom of speech in a liberal democratic polity. Unlike junk mail, which has a postage cost associated with it, spam is nearly free for perpetrators—it typically costs the same to send 10 messages as it does to send 10 million.
One of the most significant problems in shutting down spammers involves their use of other individuals’ personal computers. Typically, numerous machines connected to the Internet are first infected with a virus or Trojan horse that gives the spammer secret control. Such machines are known as zombie computers, and networks of them, often involving thousands of infected computers, can be activated to flood the Internet with spam or to institute DoS attacks. While the former may be almost benign, including solicitations to purchase legitimate goods, DoS attacks have been deployed in efforts to blackmail Web sites by threatening to shut them down. Cyberexperts estimate that the United States accounts for about one-fourth of the 4–8 million zombie computers in the world and is the origin of nearly one-third of all spam.
E-mail also serves as an instrument for both traditional criminals and terrorists. While libertarians laud the use of cryptography to ensure privacy in communications, criminals and terrorists may also use cryptographic means to conceal their plans. Law-enforcement officials report that some terrorist groups embed instructions and information in images via a process known as steganography, a sophisticated method of hiding information in plain sight. Even recognizing that something is concealed in this fashion often requires considerable amounts of computing power; actually decoding the information is nearly impossible if one does not have the key to separate the hidden data.
In a type of scam called business e-mail compromise (BEC), an e-mail sent to a business appears to be from an executive at another company with which the business is working. In the e-mail, the “executive” asks for money to be transferred into a certain account. The FBI has estimated that BEC scams have cost American businesses about $750 million.
Sometimes e-mail that an organization would wish to keep secret is obtained and released. In 2014 hackers calling themselves “Guardians of Peace” released e-mail from executives at the motion picture company Sony Pictures Entertainment, as well as other confidential company information. The hackers demanded that Sony Pictures not release The Interview, a comedy about a CIA plot to assassinate North Korean leader Kim Jong-Un, and threatened to attack theatres that showed the movie. After American movie theatre chains canceled screenings, Sony released the movie online and in limited theatrical release. E-mail hacking has even affected politics. In 2016, e-mail at the Democratic National Committee (DNC) was obtained by hackers believed to be in Russia. Just before the Democratic National Convention, the media organization WikiLeaks released the e-mail, which showed a marked preference of DNC officials for the presidential campaign of Hillary Clinton over that of her challenger Bernie Sanders. DNC chairperson Debbie Wasserman Schultz resigned, and some American commentators speculated that the release of the e-mail showed the preference of the Russian government for Republican nominee Donald Trump.
Sabotage
Another type of hacking involves the hijacking of a government or corporation Web site. Sometimes these crimes have been committed in protest over the incarceration of other hackers; in 1996 the Web site of the U.S. Central Intelligence Agency (CIA) was altered by Swedish hackers to gain international support for their protest of the Swedish government’s prosecution of local hackers, and in 1998 the New York Times’s Web site was hacked by supporters of the incarcerated hacker Kevin Mitnick. Still other hackers have used their skills to engage in political protests: in 1998 a group calling itself the Legion of the Underground declared “cyberwar” on China and Iraq in protest of alleged human rights abuses and a program to build weapons of mass destruction, respectively. In 2007, Estonian government Web sites, as well as those for banks and the media, were attacked. Russian hackers were suspected because Estonia was then in a dispute with Russia over the removal of a Soviet war memorial in Tallinn.
Sometimes a user’s or organization’s computer system is attacked and encrypted until a ransom is paid. The software used in such attacks has been dubbed ransomware. The ransom usually demanded is payment in a form of virtual currency, such as Bitcoin. When data are of vital importance to an organization, sometimes the ransom is paid. In 2016 several American hospitals were hit with ransomware attacks, and one hospital paid over $17,000 for its systems to be released.
Defacing Web sites is a minor matter, though, when compared with the specter of cyberterrorists using the Internet to attack the infrastructure of a nation, by rerouting airline traffic, contaminating the water supply, or disabling nuclear plant safeguards. One consequence of the September 11 attacks on New York City was the destruction of a major telephone and Internet switching centre. Lower Manhattan was effectively cut off from the rest of the world, save for radios and cellular telephones. Since that day, there has been no other attempt to destroy the infrastructure that produces what has been called that “consensual hallucination,” cyberspace. Large-scale cyberwar (or “information warfare”) has yet to take place, whether initiated by rogue states or terrorist organizations, although both writers and policy makers have imagined it in all too great detail.
In late March 2007 the Idaho National Laboratory released a video demonstrating what catastrophic damage could result from utility systems being compromised by hackers. Several utilities responded by giving the U.S. government permission to run an audit on their systems. In March 2009 the results began to leak out with a report in The Wall Street Journal. In particular, the report indicated that hackers had installed software in some computers that would have enabled them to disrupt electrical services. Homeland Security spokeswoman Amy Kudwa affirmed that no disruptions had occurred, though further audits of electric, water, sewage, and other utilities would continue.
Michael Aaron Dennis The Editors of Encyclopaedia Britannica