Skip to main content

Breaking Bad in Cyberspace: Understanding why and how Black Hat Hackers Manage their Nerves to Commit their Virtual Crimes

Abstract

What is happening in hacker’s minds when they are committing criminal activities? How black hat hackers manage nerves, which is about managing fear and underlying emotions, and which tactics they employ during their decision-making process before, during and after committing a crime, is the question that could provide some initial insights on hacker’s trajectories, their switch from black hat to white hat and ultimately about their behaviors and motivations. The main difficulty in answering this question resides with the access to hacker’s data. To address this gap, we conducted interviews with 16 black hat hackers. Supported by the general strain theory and routine activity theory, we identified five techniques that they use to manage their nerves: shunting, minimization, plan B, thrill, and lens widening techniques. Each of these techniques help hackers to better manage their nerves and consequently, learn how to better cope with the fear. During their psychological decision-making processes, hackers use these five techniques to create a new mindset, behind which they hide, with the objective of minimizing and mitigating the inherent risks they encounter during their criminal activities. The theoretical importance of nerve is the key to a better understanding of black hat hacker’s illegal acts, their behaviors and ultimately their actions.

This is a preview of subscription content, access via your institution.

Notes

  1. 1.

    Throughout the text, for concision, we use the term, ‘hacker’ to refer to the ‘black hat hacker.’

References

  1. Agnew, R. (1992). Foundation for a general strain theory of crime and delinquency. Criminology, 30(1), 47–88.

    Google Scholar 

  2. Agnew, R. (1999). A general strain theory of community differences in crime rates. Journal of Research in Crime and Deliquency, 36(2), 123–155.

    Google Scholar 

  3. Anderson, E. (2000). Code of the street: Decency, violence, and the moral life of the inner city. New York, NY: WW Norton & Company.

    Google Scholar 

  4. Bandura, A., & Walters, R. H. (1977). Social learning theory. New York, NY: General Learning Press.

    Google Scholar 

  5. Baron, S. W. (2004). General strain, street youth and crime: A test of Agnew's revised theory. Criminology, 42(2), 457–484.

    Google Scholar 

  6. Barriga, A. Q., & Gibbs, J. C. (1996). Measuring cognitive distortion in antisocial youth: Development and preliminary validation of the “how I think” questionnaire. Aggressive Behavior, 22(5), 333–343.

    Google Scholar 

  7. Beccaria, C. (2009). On crimes and punishments and other writings. Toronto Buffalo, London: University of Toronto Press.

    Google Scholar 

  8. Benjamin, V., Li, W., Holt, T., & Chen, H. (2015). Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. Paper presented at the 2015 IEEE international conference on intelligence and security informatics (ISI), Baltimore, MD, USA.

  9. Benjamin, V., Zhang, B., Nunamaker, J. F., Jr., & Chen, H. (2016). Examining hacker participation length in cybercriminal internet-relay-chat communities. Journal of Management Information Systems, 33(2), 482–510.

    Google Scholar 

  10. Benjamin, V., Valacich, J., & Chen, H. (2019). DICE-e: A framework for conducting darknet identification, collection, evaluation with ethics. MIS Quarterly, 43(1), 1–22.

    Google Scholar 

  11. Blackburn, R. (1993). The psychology of criminal conduct: Theory, research and practice. Oxford, England: John Wiley & Sons.

    Google Scholar 

  12. Chandler, A. (1996). The changing definition and image of hackers in popular discourse. International Journal of the Sociology of Law, 24(2), 229–251.

    Google Scholar 

  13. Charmaz, K. (1990). ‘Discovering’chronic illness: Using grounded theory. Social Science & Medicine, 30(11), 1161–1172.

    Google Scholar 

  14. Cherbonneau, M., & Copes, H. (2006). ‘Drive it like you stole it’: Auto theft and the illusion of normalcy. British Journal of Criminology, 46(2), 193–211.

    Google Scholar 

  15. Cisco. (2018). 2018 Annual Cybersecurity Report. Retrieved from https://www.cisco.com/c/en/us/products/security/security-reports.html. Accessed 13 Jan 2018

  16. Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44(4), 588–608.

    Google Scholar 

  17. Corbin, J., & Strauss, A. (2008). Basics of qualitative research: Techniques and procedures for developing grounded theory. In London: Thousand oaks. CA: Sage.

    Google Scholar 

  18. Cornish, D. B., Clarke, R. V., & Wortley, R. (2008). The rational choice perspective (Vol. 21). Cullompton, UK: Willan Publishing.

    Google Scholar 

  19. Crooks, D. L. (2001). The importance of symbolic interaction in grounded theory research on women's health. Health Care for Women International, 22(1–2), 11–27.

    Google Scholar 

  20. Cross, T. (2006). Academic freedom and the hacker ethic. Communications of the ACM, 49(6), 37–40.

    Google Scholar 

  21. Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers & Security, 32, 90–101.

    Google Scholar 

  22. Cusson, M. (1993). Situational deterrence: Fear during the criminal event. Crime Prevention Studies, 1, 55–68.

    Google Scholar 

  23. D’Arcy, J., & Lowry, P. B. (2019). Cognitive-affective drivers of employees’ daily compliance with information security policies: A multilevel, longitudinal study. Information Systems Journal, 29(1), 43–69.

    Google Scholar 

  24. Davis, R. W., & Hutchison, S. C. (1997). Computer crime in Canada: An introduction to technological crime and related legal issues. Canada: Carswell Legal Publications.

    Google Scholar 

  25. Deci, E. L., & Ryan, R. M. (2010). Self determination theory Corsini Encyclopedia of Psychology. Online: Wiley Online Library.

    Google Scholar 

  26. EY. (2018). 21st EY Global Information Security Survey. Retrieved from https://www.ey.com/Publication/vwLUAssets/ey-global-information-security-survey-2018-19/$FILE/ey-global-information-security-survey-2018-19.pdf

  27. Ferraro, K. F., & Grange, R. L. (1987). The measurement of fear of crime. Sociological Inquiry, 57(1), 70–97.

    Google Scholar 

  28. Gibbs, J. P. (1975). Crime, punishment, and deterrence. New York, NY: Elsevier New York.

    Google Scholar 

  29. Gottfredson, M. R., & Hirschi, T. (1990). A General Theory of Crime: Stanford University press.

  30. Groff, E. R. (2008). Adding the temporal and spatial aspects of routine activities: A further test of routine activity theory. Security Journal, 21(1–2), 95–116.

    Google Scholar 

  31. Hochstetler, A. (2001). Opportunities and decisions: Interactional dynamics in robbery and burglary groups. Criminology, 39(3), 737–764.

    Google Scholar 

  32. Hochstetler, A. (2002). Sprees and runs: Opportunity construction and criminal episodes. Deviant Behavior, 23(1), 45–73.

    Google Scholar 

  33. Holt, T. J. (2009). The attack dynamics of political and religiously motivated hackers. NewYork: Paper presented at the Cyber Infrastructure Protection.

    Google Scholar 

  34. Holt, T. J., & Bossler, A. M. (2014). An assessment of the current state of cybercrime scholarship. Deviant Behavior, 35(1), 20–40.

    Google Scholar 

  35. Holt, T. J., Strumsky, D., Smirnova, O., & Kilger, M. (2012). Examining the social networks of malware writers and hackers. International Journal of Cyber Criminology, 6(1), 891–903.

    Google Scholar 

  36. Hu, Q., Zhang, C., & Xu, Z. (2011). How can you tell a hacker from a geek? Ask whether he spends more time on computer games than sports. Blacksburg, Virginia: Paper presented at the DeWald Information Security Research Workshop.

    Google Scholar 

  37. Jacobs, B. A., & Cherbonneau, M. (2017). Nerve management and crime accomplishment. Journal of Research in Crime and Delinquency, 54(5), 617–638.

    Google Scholar 

  38. Kallman, E. A., & Grillo, J. P. (1998). Ethical decision making and information technology: An introduction with cases. Collingdale: DIANE Publishing Company.

    Google Scholar 

  39. Katz, J. (1988). Seductions of crime: Moral and sensual attractions in doing evil. New York, NY: Basic Books.

    Google Scholar 

  40. Kshetri, N. (2006). The simple economics of cybercrimes. IEEE Security and Privacy, 4(1), 33–39.

    Google Scholar 

  41. Leeson, P. T., & Coyne, C. J. (2005). The economics of computer hacking. JL Econ. & Pol'y, 1, 511.

    Google Scholar 

  42. Levy, S. (2001). Hackers: Heroes of the computer revolution (Vol. 4). New York, NY: Penguin Books New York.

    Google Scholar 

  43. Lichstein, H. (1963). Telephone Hackers Active. The Tech, 43(20), 20.

    Google Scholar 

  44. Lowry, P. B., Zhang, J., Wang, C., & Siponen, M. (2016). Why do adults engage in cyberbullying on social media? An integration of online disinhibition and deindividuation effects with the social structure and social learning (SSSL) model. Information Systems Research, 27(4), 962–986.

    Google Scholar 

  45. Lowry, P. B., Dinev, T., & Willison, R. (2017). Why security and privacy research lies at the Centre of the information systems (IS) artefact: Proposing a bold research agenda. European Journal of Information Systems, 26(6), 546–563.

    Google Scholar 

  46. Mahmood, M. A., Siponen, M., Straub, D., Rao, H. R., & Raghu, T. (2010). Moving toward black hat research in information systems security: An editorial introduction to the special issue. MIS Quarterly, 34(3), 431–433.

    Google Scholar 

  47. Parks, R., Xu, H., Chu, C.-H., & Lowry, P. B. (2017). Examining the intended and unintended consequences of organisational privacy safeguards enactment in healthcare. European Journal of Information Systems, 26(1), 37–65.

    Google Scholar 

  48. Patchin, J. W., & Hinduja, S. (2011). Traditional and nontraditional bullying among youth: A test of general strain theory. Youth & Society, 43(2), 727–751.

    Google Scholar 

  49. Phukan, S. (2002). IT ethics in the internet age: New dimensions. Paper presented at the proceedings of informing. Cork, Ireland: Science & IT Education Conference.

    Google Scholar 

  50. Probasco, J. R., & Davis, W. L. (1995). A human capital perspective on criminal careers. Journal of Applied Business Research, 11(3), 58.

    Google Scholar 

  51. Reyns, B. W. (2013). Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, 50(2), 216–238.

    Google Scholar 

  52. Rogers, M. K. (2006). A two-dimensional circumplex approach to the development of a hacker taxonomy. Digital Investigation, 3(2), 97–102.

    Google Scholar 

  53. Schell, B. H., & Dodge, J. L. (2002). The hacking of America: Who's doing it, why, and how. Westport, CT, USA: Greenwood Publishing Group Inc..

    Google Scholar 

  54. Schell, B. H., & Holt, T. J. (2009). A profile of the demographics, psychological predispositions, and social/behavioral patterns of computer hacker insiders and outsiders Online consumer protection: Theories of human relativism (pp. 190–213). Online: IGI Global.

    Google Scholar 

  55. Shin, J., & Milkman, K. L. (2016). How backup plans can harm goal pursuit: The unexpected downside of being prepared for failure. Organizational Behavior and Human Decision Processes, 135, 1–9.

    Google Scholar 

  56. Skinner, B. F. (1972). Beyond freedom and dignity. New York: Bantam Books.

    Google Scholar 

  57. Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security, 10(4), 178–183.

    Google Scholar 

  58. Strauss, A., & Corbin, J. (1994). Grounded theory methodology. Handbook of Qualitative Research, 17, 273–285.

    Google Scholar 

  59. Sykes, G. M., & Matza, D. (1957). Techniques of neutralization: A theory of delinquency. American Sociological Review, 22(6), 664–670.

    Google Scholar 

  60. Teske, N. (1997). Beyond altruism: Identity-construction as moral motive in political explanation. Political Psychology, 18(1), 71–91.

    Google Scholar 

  61. The-Honeynet-Project. (2004). Know your enemy: Learning about security threats. Boston, Massachusetts: Addison-Wesley Professional.

    Google Scholar 

  62. Topalli, V., & Wright, R. (2013). Affect and the dynamic foreground of predatory street crime Affect and cognition in criminal decision making (Vol. 42). New York, NY.

  63. Turgeman-Goldschmidt, O. (2005). Hackers' accounts: Hacking as a social entertainment. Social Science Computer Review, 23(1), 8–23.

    Google Scholar 

  64. Turgeman-Goldschmidt, O. (2008). Meanings that hackers assign to their being a hacker. International Journal of Cyber Criminology, 2(2), 382.

    Google Scholar 

  65. Urquhart, C., Lehmann, H., & Myers, M. D. (2010). Putting the ‘theory’back into grounded theory: Guidelines for grounded theory studies in information systems. Information Systems Journal, 20(4), 357–381.

    Google Scholar 

  66. Vaughan-Nichols, S. J. (2018). Your website is under constant attack. Retrieved from https://www.zdnet.com/article/your-website-is-under-constant-attack/. Accessed 13 Jan 2019

  67. Wall, J. D., Lowry, P. B., & Barlow, J. (2016). Organizational violations of externally governed privacy and security rules: Explaining and predicting selective violations under conditions of strain and excess. Journal of the Association for Information Systems, 17(1), 39–76.

    Google Scholar 

  68. Warr, M. (2000). Fear of crime in the United States: Avenues for research and policy. Criminal Justice, 4(4), 451–489.

    Google Scholar 

  69. Wikström, P.-O. H. (2004). Crime as alternative: Towards a cross-level situational action theory of crime causation. Beyond Empiricism: Institutions and Intentions in the Study of Crime, 13, 1–37.

    Google Scholar 

  70. Wikström, P.-O. H. (2006). Individuals, settings, and acts of crime: Situational mechanisms and the explanation of crime. New York: Cambridge University Press.

    Google Scholar 

  71. Willison, R., & Lowry, P. B. (2018). Disentangling the motivations for organizational insider computer abuse through the rational choice and life course perspectives. The DATA BASE for Advances in Information Systems, 49(April), 81–102.

    Google Scholar 

  72. Willison, R., Lowry, P. B., & Paternoster, R. (2018). A tale of two deterrents: Considering the role of absolute and restrictive deterrence in inspiring new directions in behavioral and organizational security. Journal of the Association for Information Systems, 19(12), 1187–1216.

    Google Scholar 

  73. Wilson, J. Q. (2003). Broken windows: The police and neighborhood safety James Q. Wilson and George L. Kelling Criminological Perspectives: Essential Readings (Vol. 400, pp. 29038). London: SAGE.

    Google Scholar 

  74. Yar, M. (2005). Computer hacking: Just another case of juvenile delinquency? The Howard Journal of Crime and Justice, 44(4), 387–399.

    Google Scholar 

  75. Young, R., Zhang, L., & Prybutok, V. R. (2007). Hacking into the minds of hackers. Information Systems Management, 24(4), 281–287.

    Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to Mario Silic.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendices

Appendix 1: Interview Guideline

Introduction

The interview will not take more than 1 h. I will be recording the session because I don’t want to miss any of your comments. All comments and responses will be kept strictly confidential which means that your responses will be shared only with research team members and will ensure that any information from the report does not identify you as the respondent. Do you have any questions at this stage?

Introductory questions

  1. 1.

    Can you tell us your name (hacker nickname), gender and age?

  2. 2.

    Can you briefly describe who you are and when you started to hack?

  3. 3.

    Can you confirm which type of hacker you are and what does that mean to you?

About Hacking

  1. 4.

    Can you provide more information your hacking debuts and how did you learn?

  2. 5.

    What motivates you to hack? What attracted you to black hat hacking?

  3. 6.

    Is what you do illegal?

  4. 7.

    What is the scope of your hacking activities? On which online sites (e.g., forums) you are active?

Hacking vs Fear

  1. 8.

    What is your perception regarding risks behind hacking activities? Please explain.

  2. 9.

    How do you see the criminal side related to your activities? Please explain.

  3. 10.

    Do you worry about being apprehended? Please explain.

  4. 11.

    Do you have any backup plans? Please explain.

  5. 12.

    Do you have any bad feelings when hacking? Please explain.

  6. 13.

    How do you manage your fear? Please explain.

Outlook / Interview Closing

  1. 14.

    What are the challenges in doing the hacking job? Please explain.

  2. 15.

    How do you see your future in hacking? Please explain.

Interview closing

  1. a)

    Would you like to add anything else?

  2. b)

    If not, I will analyze all information provided together with other interviews in the following weeks and would be happy to send you a copy to review if you are interested. Thank you very much for your time!

General probes used during the Interview

  • Would you give me an example?

  • Can you elaborate on that idea?

  • Would you explain that further?

  • I’m not sure I understand what you’re saying.

  • Is there anything else?

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Silic, M., Lowry, P.B. Breaking Bad in Cyberspace: Understanding why and how Black Hat Hackers Manage their Nerves to Commit their Virtual Crimes. Inf Syst Front 23, 329–341 (2021). https://doi.org/10.1007/s10796-019-09949-3

Download citation

Keywords

  • Black hat hacker
  • Security
  • Criminology nerve management
  • General strain theory
  • Routine activity theory (RAT)