20. Hackers - heroes or criminals?

Confederation of European Computer User Associations

Confédération Européenne des Associations d'Utilisateurs des Technologies de I'Information

Back to Index

Hackers - heroes or criminals?

CECUA Secretary General - Stuart Goold

CECUA Euro-News flash

Are we losing our sense of moral values in the Global Information Society and does the market really know best? Or should governments step in and ensure that all users on the Internet conform to the same standards as the rest of our societies?

It is very fashionable to blame Microsoft for everything these days, in particular when their programs or operating systems have had their security systems breached. But is this really fair? Are the hackers doing the industry "a favour" by revealing weaknesses in the programs that render them vulnerable to attack? Or are they simply criminals or terrorists who are causing severe disruption and economic damage to industry and citizens?

Let us take an ordinary example in another field. I have ordinary glass in the windows of my home. One of the local lads throws a brick through my window and breaks it. His defence is that he claims that he is doing me a favour by revealing that I have a security weakness, and that I should do something about it by fitting armoured glass. Do you accept his argument and upgrade the windows at your own expense? No, of course you don't. You call the police, and with a bit of luck he is caught and punished in the courts.

Why should it be any different with a computer system? Why shouldn't the ordinary citizen be able to go about his lawful business without fear of losing his data or being disrupted by another person's actions? You can be certain that if you report it to the police they do not have the time or the skills to be able to catch the hacker who can cause so much damage. I know, because I have been hacked and I have called the police because the service provider would give me no help whatever. They simply said go and get a better firewall, and refused to give any information about the hacker because "it would infringe the data protection regulations"!

I feel very angry because there seems to be a refusal to treat hackers of systems the same as other criminals even though they are causing 10s or even 100s of millions of euros worth damage by losing business and time taken to restore normal service. In practice they are being treated more leniently than the local hooligan who only causes 10s or 100s of euros worth of damage.

It is time that the Global Information Society is brought into line with the rest of society and not be allowed to remain the lawless wild west of the world.

I believe that there is something wrong here. What are your views on this? Should we be campaigning for a safer Internet? Should we put pressure on politicians and law enforcement agencies to do their job by protecting us from these criminals (or even saboteurs or terrorists)? Tell us what you think.

Stuart Goold
CECUA Secretary General
stuart.goold@cecua.org