NEW YORK (MainStreet) – When all is said and done, 2011 may go down as the year of the hacker. But not all of these hackers have the same motivation.
In recent weeks one group in particular, LulzSec, has been causing mayhem across the Internet, but its attacks have been motivated more by a penchant for mischief than a desire to steal your money or identity.
The group targeted PBS after it viewed an episode of Frontline on WikiLeaks as biased, and carried out a bit of “hacktivism” by posting a fake news story on the PBS website suggesting that rapper Tupac Shakur was still alive. This was followed by an attack on Sony, in which LulzSec stole the personal data of thousands of customers while the gaming company was still reeling from the PlayStation Network breach. But rather than sell the data or use it for phishing attacks, LulzSec simply posted the data online for all to download and use as they see fit. It also breached the security of Nintendo, but did not leak any customer data – citing its love for the Nintendo 64 console, it simply informed the company of its security holes and urged it to improve its security.
Such varied actions have led many to describe the group as “grey hat” hackers. In a nutshell, hackers are given one of three color-coded names: black hat, grey hat and white hat. A black hat hacker performs malicious hacks, usually with the goal of causing destruction or stealing money. By contrast, a white hat hacker employs such techniques with the goal of bringing awareness to security holes, and many cybersecurity firms are considered white hats. Grey hats fall in the middle: They don’t have malicious intent, but aren’t afraid to hack companies and publicly shame them for their poor security.
“The gray hats... are generally a nuisance, but do provide a useful function: scare a company into beefing up their security once and for all,” says Stu Sjouweman of network security firm KnowBe4.
LulzSec’s attacks on Sony and Nintendo arguably straddle the line between grey and black hat hacking, but it’s clear that the group isn’t in it for the money: When cybersecurity firm Blackberg Security offered $10,000 to anyone who could hack its website and change the homepage image, LulzSec met the challenge and declared, “KEEP YOUR MONEY WE DO IT FOR THE LULZ.”