Campus: CSU, Sacramento -- May 09, 2001
Hanging with Hackers Puts Tech Crime in Focus
at CSU, Sacramento
What makes a hacker tick? While other law enforcement professionals
theorize about these sneaky techno-pros who can't resist poking around
in other people's computers, Kall Loper went to the source - the hackers
"Up until now there's been a lot of hand-wringing among criminal
justice experts about 'how little we know.' And they don't know,"
says Loper, a California State University, Sacramento criminal justice
professor. "Previous research focused on college students, assuming
the motivations of students mirrored the motivations of hackers. No
one had talked to hackers."
So Loper did just that, hanging out with hackers through e-mail lists
and attending hacker gatherings.
Loper's interest in computer crime grew out of a college job as a computer
system administrator. "I enjoyed it and thought it was a shame
I couldn't do both corrections and technology," he says. Then he
hit on the idea to study hacker behavior, which became the basis for
That computer expertise is one reason Loper thinks he's gotten farther
into the workings of the hacker mind than his contemporaries. "Having
the technical background helps," he says. "There is a technological
limit you can get to with hackers. They get a sense of how much a person
knows, and once they get a sense that a person is over their head, hackers
just stop responding.
"I take a different approach than others in criminal justice. I
can 'talk the talk' while still being a social scientist. I actually
share their appreciation of hacking and the joy of discovery, too."
Since moving to Sacramento in the fall Loper has met with members of
both the law enforcement and hacker communities. "One night I went
right from meeting with local high-tech crime specialists to having
pizza with hackers," he says.
When he meets with the hackers he makes no secret of what he's up to
and even hands out his business card. "I feel privileged to be
accepted. I belong in the group," Loper says. "But I'm not
shy about telling them who I am and what I do. I give out my business
card. I have to - for research ethics."
It's something he learned in a previous job at a correctional facility.
"I picked it up in my prison work. When they knew where I stood,
they had no problem with me," he says.
And what has Loper discovered? For one thing there isn't a typical hacker.
"If you are going to examine hackers you can't expect to identify
them by color, age or background," he says. That's why he analyzes
them by observing their online interactions.
"Their behavior is very easily predictable," he says. "There
are things they talk about over and over. Certain hackers would start
fighting among themselves and then cooler heads would prevail."
Loper distinguishes hacking from computer crime with a subset in-between
that he calls criminal hacking, which would include network intrusion.
"If they fall into the hacker mold, they probably won't cause trouble.
If not, they are probably a computer criminal. Hackers typically don't
commit crime," he says.
Hackers also have a social network. Computer criminals don't hang out
like hackers. And, Loper says, there's more to learn about hackers.
The literature is much better on computer criminals, he notes.
Loper's interactions with hackers have been a boon to his research.
A hacker even helped him create the program to analyze the data for
his dissertation. But it's a two-way street. The first hackers he met
wanted information from him. Worried friends of notorious hacker Kevin
Mitnick, who was in jail at the time, tapped into Loper's corrections
expertise to find out about the prison and what Mitnick might be going