Research spotlight – Hackers gonna hack: Investigating the effect of group processes and social identities within online hacking communities

Abstract

Hacking is an ethically and legally ambiguous area, often associated with cybercrime and cyberattacks. This investigation examines the human side of hacking and the merits of understanding this community. This includes group processes regarding: the identification and adoption of a social identity within hacking, and the variations this may cause in behaviour; trust within in the social identity group; the impact of breaches of trust within the community. It is believed that this research could lead to constructive developments for cybersecurity practices and individuals involved with hacking communities by identifying significant or influencing elements of the social identity and group process within these communities. For cybersecurity, the positive influence on individual security approaches after the hacker social identity adoption, and the subsequent in-group or out-group behaviours, could be adapted to improve security in the work place context. For individuals involved in the communities, an increase in the awareness of the potential influences from their adopted social identities and from other members could help those otherwise vulnerable to manipulation, such as new or younger members. Further discussion on such information, as well as historical examples, will lead to informed behaviour by these communities. Whilst this may not cause the group behaviour to change, it would ensure there would be understanding and acceptance of consequences to unethical or illegal actions, which is hoped to discourage cybercriminal behaviour. The research employed a mixed methods approach, with online questionnaires and individual participant interviews. This approach primarily utilised the netnographic approach (Kozinets, 2015), with the results providing more qualitative information than originally anticipated. Informal data collection for this research included observation of relevant websites and forum discussions as well as observation at hacking related conferences; the subsequent surveys and interviews were conducted with volunteers from these communities. Formal data collection was initiated through a pilot study, carried out in early 2016, with 44 participants. This was followed by the first study survey in early 2017, completed by 155 participants. The second study was individual interviews, conducted with 14 participants throughout 2017. These interviews were analysed in the context of Social Identity Theory (Tajfel, 1974). The third and final study was another survey, conducted early 2018 with 197 participants. Thematic analysis was conducted on all data. There was limited evidence of manipulation of group process or trust observed in forums or reported by participants. The adoption of a specific social identity does have strong and influential behavioural norms; however, the adoption of a specific social identity category does not prevent individuals from identifying and confirming to multiple categories which may use or accept different behaviours. The majority of particiapnts in these studies appeared to position themselves as positive deviants, acknowledging past or minor “black-hat” behaviour. This work contributes to the development and improvement of methodologies in online environments: this research was exploratory in accessing a hard to reach demographic that is often untrusting of outsiders. Adaptions to ethical procedures ensured complete anonymity for the participants, improving the participant recruitment rate. Key findings from this research demonstrate that hacking communities can be very positive and supportive for their members, functioning primarily as meritocracies. This is regarded by the communities as an important positive trait, in conjunction with online anonymity. The conclusions of this research consistently support the findings of previous studies.