A on-of-a-kind article
on an interesting topic:Hackernoun
1. a person who uses computers to gain unauthorized access to data.informal:
an enthusiastic and skillful computer programmer or user.
The past two decades have seen a prominent rise in underground hacker culture and many groups have in turn arisen and gained fame and glory for their success in portraying their hacking prowess. The glory years: the late 90s to early 00s
was a period of time in which you could describe the hacking scene as being in a ‘boom’; there were several extremely skilled underground blackhat
groups with a lot of active members, such as zf0 and el8, who pioneered the original antisec movement as well as pr0j3ktm4yh3m.
These movements advocated against the full disclosure of 0-day exploits, and were generally against “whitehat”
hackers (for lack of a better term), who are ethical hackers often employed by companies to test the security of their networks. Whitehats would publish exploits on security websites to help other whitehats in penetration testing. In contrast, blackhat hackers are the total opposite – they usually have less ethical concern in terms of hacking targets, and are for the most part, against the full-disclosure of exploits, as some blackhats work for weeks or even months finding/developing 0-day exploits and disclosing them publicly will undermine their strenuous effort. This has led to a ‘disclosure war’ in which hackers/security researchers have fought, with whitehats being on the receiving end a lot of the time.
This carried on for a couple of years until the mid 2000s. This was a period of time when it became increasingly difficult to find 0-day exploits, relative to the previous years. In the 90s to early 2000s, 0-days were much easier to find due to programmers' ignorance of security. Over time however, the increasing amount of 0-days and popular hacks lead to widespread concern over the security of software. In recent years, this has meant whitehat ‘consulting’ (lol) firms have successfully sprung up and more efficient law enforcement with the help of whitehats has lead to the decline of skilled blackhat hackers. In addition, the blackhat number has decreased further due to the lack of monetary incentive in blackhat hacking; security firms offer large amounts to skilled blackhats.
In the last year or so, the decline of skilled underground blackhats has seen a new turn in the hacking scene: script kiddies
. Script kiddies are, as their name implies, unskilled hackers who use readily available ‘hacking software’ (often made by whitehats) in their hacking shenanigans. The significant growth in script kiddy hackers is exemplified by groups such as Anonymous
; claiming to be blackhat yet using basic DDoS and SQLi on seemingly random sites to achieve their pseudo-anarchic goals. This has effectively ruined the public image of the hacking scene since blackhats are seen as juvenile delinquents with little to no true hacking skill, and has enraged the underground — groups like Anonymous are seen to be cancer in the scene. This fury was shown with groups like HTP and zf0 arguably destroying Anonymous: AnonOps (the most popular Anonymous irc) and VoxAnon being compromised, with AnonOps being rooted several times by a number of different groups.
The tremendous success of security consulting firms in combination with the influx of ‘skids’ has lead to the original hacking scene to die out in a slow and painful manner. This generation of hackers have resorted to childishness and pseudo-hacktivism instead of learning and improving their knowledge. 10 years ago there were vast programming cliques and hacking groups which thrived in the scene, and now there are attention-seeking kids on twitter bragging about the latest SQLi they’ve exploited on a random site. Two decades plus of hacker culture are slowly dying. The whitehats, in essence, have won.