Wednesday, October 10, 2012
Benoit Dupont (University of Montreal - School of Criminology) has posted Skills and Trust: A Tour Inside the Hard Drives of Computer Hackers on SSRN. Here is the abstract:
Stories of the exploits of computer hackers who have broken into supposedly secure government and corporate information systems appear almost daily on the front pages of newspapers and technology websites, yet we know very little about the individuals behind these headlines. Most media accounts and academic studies on hackers suffer from a number of biases that this research attempts to overcome. A case study based on the seized communication logs of ten confirmed co-offenders is used to expand our knowledge of the social norms and practices that govern interactions between malicious hackers. After presenting the data and how the material became available to the author, the remaining sections focus on the two variables that define this criminal network’s performance: skills and trust. The skills under consideration are the three different sets of cognitive and practical abilities that malicious hackers need in order to succeed financially. Monetization and social skills, in addition to technical skills, play key roles in profit-oriented malicious hacking and explain why earning a decent living in the computer underground remains a laborious endeavour, even for advanced hackers. Trust, which facilitates the diffusion of technical, monetization, and social skills and fosters collaboration, was found to be much lower in this network than is generally assumed in the literature. The need for monetization and social skills as well as the lack of trust between members may partly explain why hacker networks are so ephemeral and vulnerable to law enforcement disruption.