Hackers. Bust. Prison. Oh, my!

Two female students have been sentenced each a year in prison for breaking into one of their professors’ system, assigning grades to nearly three-hundred students, and using professor’s personal information to send empty CDs and magazine subscriptions to the professor’s home. Interesting!

It reminded of a brief conversation I had with a then-friend and now colleague over breaking into public systems.

Colleague: “Don’t you break into systems?”
Me: “No. The most I do is attempt a thorough network reconaissance, and that’s it.”
Colleague: “Why not?”
Me: “Because I’m afraid.”
Colleague: “Why? Afraid of being caught?”
Me: “Yes!”
Colleague: “Haha. Nothing happens. No-one gets caught. I have been breaking into public systems in the past four years and I have yet to get caught.”
Me: “Lucky you! I don’t quite feel comfortable breaking into a system, knowing full well that I don’t completely and precisely know the ways to remove one’s tracks.”
Colleague: “:-)”

Often, the excitement and thrill gets the better of most wannabe hackers. It is not like they play ignorant to the fact that breaking into systems without consent is illegal and considered a crime. They are well aware of that. It is the frivolous attitude and irresponsibilty that acts as the Achilles heel for them.

Sure, if a system is left open and is as easy to break into as it is to steal a candy from a baby, it is a sure bet that once the system has been broken into, the administrator would either not notice the break-in, or would get alerted to it way too late, and even if so, would not have the required expertise to perform a proper forensics analysis of the incident or would not care enough to give it a second thought about it. In such cases, you get away with it with impuntiy. It is only a matter of time, though.

I agree: If you break into a system, cover your tracks, keep everything hush-hush and get out, there is a great likelihood the break-in will hardly get reported or noticed. But when you are too cocky to consider the consequences of your actions, and too eager to show-off your escapades to your peers, you are treading on thin ice. Wannabe hackers are prone to just those: cockiness and the desire to boast off their accomplishments to peers. And that is exactly why it gets all so dangerous. If you keep everything quiet, no-one will suspect a thing. Not any sooner any way. The moment you either make it blatantly obvious that a system has been shagged by explicitly posting mock comments just about everywhere in the system, or you disrupt normal functionality and operability of the system, you’re stepping on the sleeping lion’s tail. Even then, wannabe hackers get away with it. I attribute it to sheer luck and to the inability of the attacked system’s administartor to track what happened. Nevertheless, I never let a chance pass to advice friends against breaking into systems, or at most, not damaging the systems they break into. You never know when the ball will rebound and hit you in the back.

You can’t deny that almost 80% of network/system administrators are barely security conscious and vigilant. However, remember that, breaking into systems is still a crime punishable by law, and that it merely takes a single mistake, a vigilant system administrator, and a handful of attorneys to have men in suits knock at your door the next morning.

Disclaimer: Just because people consider me a hacker does not make me one. I am not a hacker, and I surely don’t break into systems that I can’t find a way into.


9 thoughts on “Hackers. Bust. Prison. Oh, my!

  1. I heard a sophomore got rusticated from our university last semester for similar act. I wonder who is expert enough to catch such incidents is in our campus.

  2. Ah atlast, I finally get John to have my password resetted back to what it was before getting expired (instead of resetting it to a new one)… though it did require a bit of convincing around, but I dont brag.

  3. Also,

    “I heard a sophomore got rusticated from our university last semester for similar act. I wonder who is expert enough to catch such incidents is in our campus. ”

    May be the sophomore got caught for something else (for instance talking LOUDLY inside a lab…ah, well..), and eventually admitted the actual crime (unknowingly, that is).. ?

    Moral of the story: Dont speak LOUD inside a lab….

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s