The way in which we think of hackers is usually shaped by the immediate effects we see after a data breach, an act of sabotage, or a massive DDoS attack. All of these things depict hackers as people who are disruptive to the Internet and everything we are trying to create on it. If you think this way, you are right, for the most part. There are, however, hackers out there who actually do good. And I’m not talking about “hacktivists” like Anonymous and other groups that usually destroy things for causes they perceive as positive. I am talking about hackers that have a net positive effect on the Internet’s ecosystem as a whole. Do they exist? And if so, what motivates them?
The oldest definition we have of the word “hacker” comes from the 1960s in the Massachusetts Institute of Technology. It describes a person who is an enthusiast at programming or systems engineering. The negative connotation came with the dawn of the Internet era, when circumventing computer security became something profitable and somewhat easy. Today, this connotation still exists, but we now split hackers into three categories: White hat (doesn’t destroy anything, but rather fixes it), grey hat (does things outside the confines of the law), and black hat (disrupts things for profit or fun). For all intents and purposes, I will be using the modern definition of the word “hacker” and use each category to describe what type of hacker I’m referring to.
Why Would a Hacker Want to Do Good?
In the middle of July in 2015, United Airlines awarded a million flight miles to two hackers who discovered security flaws in its web system and disclosed them privately to the company. There are many companies that provide rewards to people who, instead of destroying their infrastructures, reveal the problems to the company staff so that they may repair it. The profit motive is perhaps the most powerful one white hat hackers have to do some good and inform private sector and public sector entities of their security flaws. This scheme is known as a “bug bounty” scheme, which is practiced by several entities around the world and provides a strong incentive for hackers to inform them of their security flaws which sometimes is more profitable than selling a hacked database or attempting to profit off of it yourself.
Good hackers aren’t always motivated by money, though. There are people who sometimes spot security flaws and provide a tip to the company owning the database without expecting anything in return. This sort of altruistic white hat hacker does what they do because they are enthusiastic about information security and may want to get on people’s good side so that they may eventually use their recommendation as leverage for employment in information security-related fields.
Is The Idea of Hacking Changing?
Until recently, the act of hacking was looked down upon for the destruction it caused. Slowly, many companies are starting to realize that hackers can actually be an asset driven by profit. The market itself is, in its own way, creating its own way of dealing with hackers that does not involve jail sentences or heavy fines in a way in which the hackers, customers, and the corporate world they both participate in all stand to benefit. This doesn’t mean that hackers are suddenly going to be driven to more positive and productive pursuits. Black hat hacking will always exist. However, it appears that we are starting to enter an era in which we can all cooperate towards a common goal, which is the hardening of security in both the corporate and government spaces.
What do you think? Can the battle against hackers be won by hackers themselves with the bug bounty scheme? Tell us in a comment!