Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: computer hacker psychology

  1. #11
    It's funny how noone has mentioned AO's frontpage:
    How To Be A Hacker Profiler.

    Cheers.

    <edit>It's on the right menu list.

  2. #12
    I did... I mentioned what a joke it was.

  3. #13
    Computer Forensics
    Join Date
    Jul 2001
    Posts
    672
    leviathan, A criminal profiler is the same regardless of the specialty field. The quick and dirty answer is yes, white collar crime needs some good profilers. We need to be able to predict, based on the psyche of the major archetypes where a computer criminal will strike next. What are their motivations, who are they working for, is it a script kiddie or a pro? Did they leave a calling card? etc...
    Just like other crimes, we need to understand white collar crime. However...we need to be able to catch and prosecute a criminal in order for the psychologists to study them, and that is where the struggle is.
    Antionline in a nutshell
    \"You\'re putting the fate of the world in the hands of a bunch of idiots I wouldn\'t trust with a potato gun\"

    Trust your Technolust

  4. #14
    Senior Member hesperus's Avatar
    Join Date
    Jan 2005
    Posts
    416
    Computer criminals target weaknesses, so maybe you'd be better to focus your efforts on security profiling ?

    "Tell me the things you most want to keep secret," Mr. Seiden challenged a top executive at the bank a few years back. The executive listed two. One involved the true identities of clients negotiating deals so hush-hush that even people inside the bank referred to them by using a code name. The other was the financial details of those mergers and acquisitions.

    A week later, Mr. Seiden again sat in this man's office in Manhattan, in possession of both supposedly guarded secrets. As a bonus, he also had in hand a pilfered batch of keys that would give him entry into this company's offices scattered around the globe, photocopies of the floor plans for each office and a suitcase stuffed with backup tapes that would have allowed him to replicate all the files on the bank's computer system.

    "Basically, that all came from working nights over a single weekend," he said with a canary-eating smile that seemed equal parts mischief and pride.

    Mr. Seiden is what some people inside the security industry call a "sniffer": someone who is paid to twist doorknobs for a living, to see which are safely locked and which are left dangerously unsecured. Clients sometimes hire Mr. Seiden, a former computer programmer, to buttress the security systems that protect their computers and other precious corporate assets. But primarily, large corporations turn to him to test the vulnerability of their networks.
    http://www.nytimes.com/2005/07/31/bu...tml?oref=login
    You have to register to read the rest, but there is not too much more of interest.
    .

  5. #15
    We need to be able to predict, based on the psyche of the major archetypes where a computer criminal will strike next.
    After someone has just set a few bots to mass-exploit a dozen web-servers would it really matter that a bunch of index pages contained a political viewpoint... or while this is going on this person specifcally targeted something else which would draw in ten times more attention or would be enacting some form of revenge.

    What are their motivations, who are they working for, is it a script kiddie or a pro? Did they leave a calling card? etc...
    As I keep mentioning, most people want to seem very prolific at best and I don't care if money is involved or not... its still mostly about keeping an image.

  6. #16
    I think the problem is that, as The Specialist rightly says, the word 'hacker', 'cracker' usw are chucked around too much. It should be clear by now that different people criminally infiltrate computer systems for different reasons. They follow a basic pattern of

    organisation reconnaissance
    host enumeration
    service scanning
    vulnerability exploitation
    establishing and defending their operational bridgehead
    covering up their tracks

    Although it should be said that each phase overlaps or shares elements with the others.

    Because the methodology is essentially the same, you might think it difficult to determine differences between groups/individuals. But in fact their motivations and targets are different as are their levels of ability. Determining those differences requires a mixture of common sense and careful forensics. From this, a profile of the individual or group concerned can be built up.

    The point is that there is no general one size fits all profile.

    One highly oversimplied example:

    1. A web site defacement is carried out on a hard core porn site by a group who identify themselves as 'WWJD'. They replace full frontal nudity pictures with women dressed in long flowery dresses and change all swear words to 'sugar' and replace passages of fantasy sex with biblical expositions and finally change the paypal address to a prolife charitable organisation.

    2. Once the site is defaced, the 'team' post the URL and graphics around the world on various religious newsgroups, proclaiming that they have struck a blow against Satan and also upheld the rights of women who should be Stepford wives not exotic models and that they will strike against the powers of darkness again soon.

    Looking at this fictional attack, we find that the so-called group did not actually deface the website. Instead they put up a spoof site and poisoned the DNS cache. Combined with the fact that the language used on the defaced site and in the email announcement shows indications of college level education, including the use of several academic terms in theology, we start to see that we are dealing with someone who may have been to or still is at a bible seminary and may also have a degree in computers or be self taught to the extent that they are skilful enough to work in the industry and one or more of them probably are doing just that.

    All the pretty girls in frocks are white and in the 16 to 25 age range. This probably indicates white males in the 20 - 35 age group were responsible for the attack. Fundies have desires too.

    These bubbas chose to donate to a charitable organisation in the mid west dedicated to pro life policies. This is probably a reasonable indication of their geographic location. And the newsgroups they posted to were consistently fundamentalist baptist/hard line presbyterian.

    Having gleaned this information from the attack, the policing forces could probably narrow down their search to graduates belonging to hardline baptist/presbyterian churches working in the computer industry in the mid west, male, white in the 20-35 age group, probably with a college level education in computers or a reasonably senior networking job and who have been to bible college.

    It's still a lot of people to trawl through but it's better than nothing.
    No one can foresee the consequences of being clever.

  7. #17
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    leviathan, A criminal profiler is the same regardless of the specialty field
    That makes sense, a criminal is a criminal is a criminal. Just because one may use a computer is irrelevant; that is the MO (modus operandi). The actual tools used are pretty irrelevant to the crime or the criminal, fraud is fraud and theft is theft.

    Technology has changed, and it is only reasonable to expect criminals to adapt to and embrace that technology like other members of society.


    ¤The¤Spe©ialist has several times made the point that the internet is just a medium or environment, nothing more, nothing less. Alongside computers, it has changed the way that we store and transmit information. Otherwise the rules are the same. Sure, the existence of tools has generated the skiddie...............but the herd mentality is the same, and no different from that of the gangs of previous generations.

    The wanton damage/destruction of other's property has been around for a long time, it is called "vandalism"

    Whilst attempting to "profile" computer criminals sounds fine on paper it is an academic exercise of little practical value. Particularly in a society where people are actually considered innocent until they commit a crime and are found guilty of it

    The "future" from a career viewpoint, in this area must lie with criminal computer forensics and criminologists.

    just my £0.02

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •