While widely used, the term hacker is not always applied as it should be. In the hacking community in particular, there can be stark divisions between hackers -- people immensely skilled at navigating computer systems and diagnosing security flaws -- and crackers -- those who use their hacking knowledge for malicious gain. This same dichotomy is sometimes represented by the terms white hat and black hat. A white hat hacker, for example, may be someone hired by a company to break into its computer network in order to find vulnerabilities. A black hat hacker is someone on the outside who would break into a system in order to cause damage or for financial gain.
Although these various definitions exist, the term hacker is now largely a stand-in for anyone who breaks into computer networks, and it often carries a negative connotation. Some have broken the law in their careers, but many have also gone on to have productive (and legal) roles in the computer industry. Those that have broken the law have complex legal cases, and their motives are not necessarily malicious. In this article, we'll look at 10 famous hackers of all stripes.
10. Kevin Mitnick
Not all hackers break the law and even fewer become the targets of FBI manhunts. But Kevin Mitnick was jailed twice -- first in 1988, and then, after a plea bargain, from 1995 until 2000. For three years, he wasn't allowed to the use the Internet. He managed to send and receive e-mail by having his girlfriend do all the clicking and typing; Mitnick just watched the screen [source: Thompson].
Mitnick often trumpeted himself more as a "social engineer" than a hacker. He said he preferred to use "persuasion, influence and manipulation" in order to solicit information from influential people -- e.g. someone with access to a tech firm's computer network, which didn't require writing new software or otherwise breaking codes to get into a network [source: Thompson].
Mitnick has been the subject of several books, including "Takedown," which was made into a movie, and he even appeared in an episode of the TV show "Alias." Since regaining his computer privileges, he has started his own security-consulting firm, in addition to making rounds on the public speaking circuit.
9. Kevin Poulsen
Like Kevin Mitnick, Kevin Poulsen was hunted by the FBI and was the subject of a book "The Watchman: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen" chronicling his hacking exploits. And like Mitnick, Poulsen eventually went straight, giving up hacking.
But before Poulsen rediscovered the right side of the law, he accrued a litany of hacking exploits, some of them illegal. While still a child, he learned how to whistle into a payphone in order to get free calls (he channeled the sound through his braces). He hacked a radio station's phone lines in order to win a call-in contest whose prize was a Porsche. He eventually earned the distinction of being the first hacker charged with espionage after he allegedly stole classified information from the Air Force [source: Markoff]. Other charges against him include hacking into Pacific Bell. Eventually he was sentenced to 51 months for his crimes.
Since giving up hacking, Poulsen has become a journalist, working as a senior editor at Wired magazine, where he often writes about hackers.
8. Adrian Lamo
Earlier on in his hacking career, Adrian Lamo was something of a good Samaritan, known by the moniker "the homeless hacker" because he sometimes took up residence in abandoned buildings. As a hacker, Lamo broke into the networks of a number of major companies -- Excite@Home, MCI WorldCom, Yahoo, Microsoft and Google -- but he often contacted the companies and told them about the security holes. In some cases, he also helped them fix these holes without accepting any compensation [source: TheWeek].
He finally got into trouble when he hacked into The New York Times -- from a computer at a Kinko's -- in 2003. He found a trove of information there, including personal details on thousands of people who had written for the paper, including celebrities and ex-presidents. To avoid jail time, he negotiated a plea bargain that included six months of house arrest [source: TheWeek].
In recent years, Lamo has been in the news for reporting Bradley Manning to police. Manning, a U.S. Army private first class, allegedly funneled thousands of classified documents to the whistleblower organization WikiLeaks and then contacted Lamo, who said that Manning boasted about his actions. Lamo's role in the affair, in which he presented himself as a journalist, has attracted some controversy [source: Greenwald].
7. Gary McKinnon
Like Adrian Lamo, Gary McKinnon has been diagnosed with Asperger's syndrome. This Scottish hacker's supporters have protested plans for the U.K. government to extradite him to the United States to face trial for allegedly hacking into U.S. government computers. Those working on McKinnon's behalf worry that he is "too psychologically fragile" and may commit suicide [source: Kennedy]. His case has contributed to a serious debate about the U.K.'s extradition policies.
McKinnon is under suspicion for hacking into U.S. government computer networks in late 2001 and early 2002, in what's been called a historic breach of security [source: Bingham]. A British court judgment accuses McKinnon of infiltrating 97 computers, installing hacking software, deleting important files and stealing information [source: England and Wales High Court]. He confessed that he left a threatening note on one Army computer, in which he identified himself by the name "SOLO."
McKinnon has admitted to the hacks and said he thought he could find evidence that United States was covering up the existence of UFOs. His case remains ongoing.
6. Robert Tappan Morris
Robert Tappan Morris is now a tenured professor at MIT Computer Science and Artificial Intelligence Laboratory, but he has a colorful history as one of the computer world's most renowned hackers. In 1988, while still an undergraduate at Cornell, Morris released into the wild what may have been the first computer "worm," a virus that went on to infect 6,000 Unix-based computers. Many of these machines suffered serious damage.
Although Morris claimed that he was only trying to measure the "size" of the then-embryonic Internet, the government eventually decided to prosecute him. He became the first person convicted under the 1986 Federal Computer Fraud and Abuse Act [source: Markoff]. Because of the novelty of the case and Morris' claim that he didn't intend to cause any damage, a debate ensued about whether he deserved prison time. Eventually a judge sentenced Morris to three years probation and ordered him to pay a fine and perform 400 hours of community service.
5. John Draper
While many hackers go mainstream and open consulting firms or become university professors, some never quite get there, and wind up in prison or somewhere else on society's margins. John Draper is one such person. After serving as a radar technician in the Air Force in the mid-1960s, Draper began tinkering with the phone system, learning its intricacies, its internal codes (including, allegedly, a code that allowed him to get President Nixon on the phone) and how to hack the system for free calls.
For his exploits, he became known as a "phone freak," adopting the name after finding a toy whistle in a cereal box and learning that the whistle could be used to imitate telephone tones. Later, Draper linked up with Steve Wozniak, co-founder of Apple, and also wrote one of the first word processing programs eventually picked up by Apple and IBM. But his eccentric behavior, poor business sense and bad luck hampered his ability to make money and to stay in a job for long. In the late 1970s, he served two stints in prison for phone fraud.
Over the years, some of Draper's more successful Silicon Valley friends, like Wozniak, have tried to help him, but his record and behavior make him difficult to employ. A 2007 newspaper article described Draper as living in a decrepit, one-room apartment, having almost no teeth, and getting by either on the kindness of friends or occasional programming gigs [source: Rhoads].
4. The Masters of Deception
The Masters of Deception (MOD) was a group of hackers based in New York who, in the late 1980s, went on a hacking spree, taking particular advantage of the country's phone system in order to hack into various corporate and government networks.
Although members of the MOD were top-notch hackers, their big mistake likely came when they engaged in a rivalry with the Legion of Doom (LOD). The battle between the two came to be known as the Great Hacker War, although the conflict allegedly started when one LOD member used a disparaging racial epithet in reference to an MOD member. What followed was a back-and-forth battle between the hacking groups, which also involved LOD members providing security advice to corporations that MOD had targeted.
Eventually, five members of MOD pled guilty to various crimes, and four spent brief periods in jail. The groups' members dispersed, and many found work for technology and security firms. Their story has been chronicled in many articles and books, including one whose title says it all: "Masters of Deception: The Gang That Ruled Cyberspace."
3. Matthew Bevan and Richard Pryce
Some hackers steal information or money, or damage or hijack systems, but few hackers can claim to have nearly started a war. But in 1996, Matthew Bevan and Richard Pryce were accused of just that by the U.S. government. Bevan and Pryce, who are both British, were arrested separately, several months apart, for trying to break into U.S. military systems.
Bevan was a 21-year-old IT worker at the time and went by the hacker alias "Kuji," while Pryce was only 17 and known as "Datastream Cowboy" [source: Knight]. According to a U.S. government report, the two allegedly worked together for several months, first establishing an electronic beachhead on a computer system located at Griffiss Air Force Base, in New York. They then installed password-collecting programs and began hacking their way into other government systems. After discovering the intrusions, U.S. officials became especially alarmed when they found that the duo may have infiltrated a North Korean system during an especially tenuous time of negotiations with that country over its nuclear-weapons program. Because the intrusion came via a hijacked U.S. government computer, it could've been construed as an act of war. Ultimately it was discovered that the hack in question had targeted a South Korean government agency [source: U.S. Department of Agriculture].
2. Jonathan James
By age 16, Jonathan James had already achieved renowned hacker status by becoming the first juvenile hacker to be sentenced to juvenile detention for 6 months in 2000 [source: Stout]. Going by the alias "cOmrade," James was charged with hacking into computer systems belonging to NASA and the Department of Defense. His hacks were harmless, but he stole information and the security breaches required extensive downtime in order to secure the systems, which cost tens of thousands of dollars.
James' father supported his son, saying that he hadn't caused any damage and had exposed security flaws [source: Stout]. Unfortunately, after leaving the juvenile institution, James' troubles continued when he tested positive for drugs. And when his mother died when he was 18, that left him alone with her house and little motivation to work, a recipe for hacking.
In 2008, government agents raided his house as part of an investigation into what was then called the largest identity theft case in U.S. history [source: Poulsen]. James and others were suspected of hacking into the systems of many large businesses and stealing information as part of an identity and credit-card theft ring that had netted millions of dollars. Two weeks after the raid, James committed suicide. He left a suicide note explaining that, while he considered himself innocent, he believed that because of his past notoriety, federal authorities would pin the blame on him rather than other guilty parties.
1. Albert "segvec" Gonzalez
In 2009, Albert Gonzalez pleaded guilty to hacking into numerous companies' computer systems in connection with the so-called TJX identity theft ring -- the same series of crimes that led to the raid on Jonathan James' house. The group that Gonzalez was a part of stole 36 million credit card numbers from TJX, which owns TJ Maxx and other large stores, although 70 percent or so of these cards were expired [source: Zetter]. Still, the costs to the companies responding to the attacks were immense; TJX alone spent more than $170 million [source: Zetter].
What's particularly strange about Gonzalez's case is that for years he worked as an informant for the secret service, providing information on other credit card thieves. However, by continuing and even expanding his criminal behavior, he left himself open to prosecution and was eventually sentenced to 20 years in prison [source: Zetter]. Several other men also were sentenced to prison time for their participation in the ring, although Gonzalez's sentence remains the longest ever handed down to a hacker in the United States.
Lots More Information
- Googleplex Pictures
- What is the state of U.S. cyber security?
- Ultimate Hacker Quiz
- Internet Communication Puzzles
- TV and Radio Puzzles
More Great Links
- Biedersdorfer, J.D. "The Watchmen: The Twisted Life and Crimes of Serial Hacker Kevin Poulsen." The New York Times. March 30, 1997. (Oct. 24, 2010.) http://www.nytimes.com/books/97/03/30/bib/970330.rv113428.html
- Bingham, John. "Nick Clegg raises doubts over powers to halt hacker's extradition." The Telegraph. May 26, 2010. (Oct. 24, 2010). http://www.telegraph.co.uk/news/newstopics/politics/7766339/Gary-McKinnon-Nick-Clegg-raises-doubts-over-powers-to-halt-hackers-extradition.html
- Carpenter, Teresa. "Hijacking on the Infobahn." New York Times. Jan. 22, 1995. (Oct. 24, 2010.) http://www.nytimes.com/1995/01/22/books/hijacking-on-the-infobahn.html
- Cato, Jason. "Hacker's hacker from San Francisco pleads guilty in $86 million fraud." Pittsburgh Tribune-Review. June 30, 2009 (Oct. 24, 2010.) http://www.pittsburghlive.com/x/pittsburghtrib/news/pittsburgh/s_631630.html
- DEFCON. "Official DEF CON FAQ." 2009. (Oct. 24, 2010.) https://www.defcon.org/html/links/dc-faq/dc-faq.html
- England and Wales High Court. "McKinnon v. USA." March 4, 2007. (Oct. 24, 2010.) http://www.bailii.org/ew/cases/EWHC/Admin/2007/762.html
- Greenwald, Glenn. "The strange and consequential case of Bradley Manning, Arian Lamo and WikiLeaks." Salon. June 18, 2010. (Oct. 24, 2010.) http://www.salon.com/news/opinion/glenn_greenwald/2010/06/18/wikileaks/index.html
- IT Security. "Top 10 Most Famous Hackers of All Time." (Oct. 24, 2010.) http://www.itsecurity.com/features/top-10-famous-hackers-042407/
- Kennedy, Maev. "Extradition treaties to be reviewed." Guardian. Sept. 8, 2010. (Oct. 24, 2010.) http://www.guardian.co.uk/law/2010/sep/08/extradition-treaties-to-be-reviewed
- Knight, Will. "Hackers Rule OK." ZDNet UK. Dec. 27, 1999. (Oct. 24, 2010.) http://www.zdnet.co.uk/news/regulation/1999/12/27/hackers-rule-ok-2076011/
- Markoff, John. "Hacker Indicted on Spy Charges." New York Times. Dec. 8, 1992. (Oct. 24, 2010.) http://select.nytimes.com/gst/abstract.html?res=F10613F8355F0C7B8CDDAB0994DA494D81
- Markoff, John. "Computer Intruder Is Put on Probation and Fined $10,000." New York Times. May 5, 1990. (Oct. 24, 2010.) http://query.nytimes.com/gst/fullpage.html?res=9C0CE1D71038F936A35756C0A966958260
- Martin, Douglas. "Joybubbles, 58, Peter Pan of Phone Hackers, Dies." New York Times. Aug. 20, 2007. (Oct. 24, 2010.) http://www.nytimes.com/2007/08/20/us/20engressia.html
- Meriwether, Dan. "An excerpt from Takedown." 1995. (Oct. 24, 2010.) http://www.takedown.com/bio/mitnick.html
- MIT. "Robert Morris." (Oct. 24, 2010.) http://pdos.csail.mit.edu/~rtm/
- Perrin, Chad. "Hacker vs. cracker." TechRepublic. April 17, 2009. (Oct. 24, 2010.) http://blogs.techrepublic.com.com/security/?p=1400
- Poulsen, Kevin. "Adrian Lamo charged with computer crimes." SecurityFocus. Sept. 5, 2003. (Oct. 24, 2010.) http://www.securityfocus.com/news/6888
- Poulsen, Kevin. "Ex-Hacker Adrian Lamo Institutionalized for Asperger's." Wired. May 10, 2010. (Oct. 24, 2010.) http://www.wired.com/threatlevel/2010/05/lamo/
- Poulsen, Kevin. "Former Teen Hacker's Suicide Linked to TJX Probe." Wired. July 9, 2009. (Oct. 24, 2010.) http://www.wired.com/threatlevel/2009/07/hacker/
- Poulsen, Kevin. "Hacking Godfather 'Maksik' Sentenced to 30 Years By Turkish Court." Wired. Jan. 8, 2009. (10/24/2010). http://www.wired.com/threatlevel/2009/01/hacking-godfath/
- Reuters. "2d Briton Is Charged in Computer Spying." New York Times. June 24, 1996. (Oct. 24, 2010.) http://query.nytimes.com/gst/fullpage.html?res=9C03E2D61539F937A15755C0A960958260
- Rhoads, Chris. "The Twilight Years of Cap'n Crunch." WSJ. Jan. 13, 2007. (Oct. 24, 2010.) http://online.wsj.com/public/article/SB116863379291775523-_EQCu93LyjSommsN6J7qiCozuu8_20070122.html?mod=blogs
- SecuritySearch. "What is white hat?" TechTarget. Sept. 2, 2009. (Oct. 24, 2010.) http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci550882,00.html
- Slatalla, Michelle and Quittner, Joshua. "Gang War in Cyberspace." Wired. 1995. (Oct. 24, 2010.) http://www.wired.com/wired/archive/2.12/hacker_pr.html
- Stout, David. "Youth Sentenced in Government Hacking Case." Sept. 23, 2000. (Oct. 24, 2010.) http://www.nytimes.com/2000/09/23/us/youth-sentenced-in-government-hacking-case.html
- The Telegraph. "Top 10 most famous hackers." Nov. 27, 2009. (Oct. 24, 2010.) http://www.telegraph.co.uk/technology/6670127/Top-10-most-famous-hackers.html
- Thompson, Clive. "The Way We Live Now: Questions for Kevin Mitnick." New York Times. Jan. 12, 2003. (Oct. 24, 2010.) http://query.nytimes.com/gst/fullpage.html?res=9A0DE3DA133EF931A25752C0A9659C8B63&scp=2&sq=kevin%20mitnick&st=cse
- The Week. "Wikileaks: Who is hacker 'hero' Adrian Lamo?" June 16, 2010. (Oct. 24, 2010.) http://theweek.com/article/index/204061/wikileaks-who-is-hacker-hero-adrian-lamo
- U.S. Department of Agriculture. "Hacking U.S. Government Computers from Overseas." (Oct. 24, 2010.) http://www.dm.usda.gov/pdsd/Security%20Guide/Spystory/Hacking.htm
- Zetter, Kim. "TJX Hacker 'Will Never Commit Any Crime Again.'" Wired. Dec. 18, 2009. (Oct. 24, 2010.) http://www.wired.com/threatlevel/2009/12/gonzalez-remorseful/
- Zetter, Kim. "TJX Hacker Gets 20 Years in Prison." Wired. March 25, 2010. (Oct. 24, 2010.) http://www.wired.com/threatlevel/2010/03/tjx-sentencing/