Understanding intrusion motives and hacker psychology will help the cybersecurity professional develop more effective detection techniques and tools. Psychology in criminal profiling has long been used to better understand and ultimately apprehend criminals (Winerman, 2004). Likewise, the more we understand about the psychology of the various types of hackers, the better equipped we will be to handle hacking intrusions.
Sean Atkinson (2015) outlines six types of black hat—or malicious—hackers, their motives, and typical actions in his paper, Psychology and the Hacker—Psychological Incident Handling. The script kiddie is motivated by curiosity and acts brazenly, making many attempts with no specific target. The malicious insider is motivated by revenge. He steals information and damages internal systems. The activist is motivated the desire to reveal secrets for some preferred cause. The spy, motivated by espionage, and works to gain intelligence for her sponsor. The terrorist is motivated by a desire to destroy and acts to damage or destroy data or systems. Finally, hackers who belong to an organized crime organization are motivated by the acquisition of money. The hackers typically maintain the computer infrastructure.
The psychological principles of social learning and moral disengagement explain the motivations that drive hackers to commit computer crimes. Social learning theory explores how individuals learn behavior from one another, including behaviors that may be opposed to social norms. Moral disengagement is used by individuals to rationalize malicious acts (Fitch, 2003). Examples of both of these concepts are found in hacker communities like Cult of the Dead Cow, L0pht, and 2600.
Atkinson, S. (2015). Psychology and the hacker—psychological incident handling. SANS Institute InfoSec Reading Room. Retrieved from https://www.sans.org/reading-room/whitepapers/incident/psychology-hacker-psychological-incident-handling-36077
Fitch, C. (2003). Crime and punishment: The psychology of hacking in the new millennium. Global Information Assurance Certification Paper. Retrieved from https://www.giac.org/paper/gsec/3560/crime-punishment-psychology-hacking-millennium/105795
Winerman, L. (2004). Criminal profiling: the reality behind the myth. Monitor on Psychology, 35(7), 66. Retrieved from http://www.apa.org/monitor/julaug04/criminal.aspx