The morals associated with hacking & breaches

Hacking, by definition is as follows. Thanks to Wikipedia

In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment

HackingTeam had some questionable ethics in relation to business practises and had been long been pursued by those who sought to confirm this, One such being Christopher Soghoian who has relentlessly used his ability to raise the profile for the benefit of those being exploited by such as Hacking Team, VUPEN & Gamma.

The Gamma breach could be argued to be the start of the identifying characteristics of known 'corporate enemies' particularly those who provide EaaS or Exploitation as a Service. 

The interesting aspect of the Gamma breach was the breach was not met with a fanfare of expectation, much like Lizard Squad or Anonymous & LulzSec indirectly looked to gain notoriety with their actions, the only thing that brokered opinions on Gamma was their business dealings.

Soghoian commented in his PHD document on the approach that has become routine practise.

Assisting Big Brother has become a routine part of business, albeit one that some service providers would probably rather do without

Whilst the argument for Government surveillance is a long, and now more popular discussion amongst those who where none the wiser prior to the hacks, the leaks and breaches, it does indicate that its in the public interests to at least have a mandate on these discussions.

HackingTeam had been on the radar of privacy advocates for sometime, and had been highlighted as dealings with oppressive regimes numerous times. The claim was vindicated by news once HT had been breached and the data appeared online with numerous conversations with those regimes had been confirmed.

The connection between breaches and hacks is a distinction that probably needs to be made clearer. If, given the motivation of a hacker can be left to the conclusion of the victim. It's always going to be malicious. If in the case of a company that chooses to sell 0day exploits in order to perform genocide, then its a hack, the opposite can be said if a company chooses to portray a political leader in a comical light, therefore offending a nation. It's a breach.

Enemies are listed here very helpfully in order to form an opinion.

  • Gamma International - Hacked
  • HackingTeam - Hacked
  • BlueCoat 
  • Trovicor
  • AmeSys

 Questionable business practises lead to breaches, questionable moral practises lead to hacks.