What is happening in hacker’s minds when they are committing criminal activities? How black hat hackers manage nerves, which is about managing fear and underlying emotions, and which tactics they employ during their decision-making process before, during and after committing a crime, is the question that could provide some initial insights on hacker’s trajectories, their switch from black hat to white hat and ultimately about their behaviors and motivations. The main difficulty in answering this question resides with the access to hacker’s data. To address this gap, we conducted interviews with 16 black hat hackers. Supported by the general strain theory and routine activity theory, we identified five techniques that they use to manage their nerves: shunting, minimization, plan B, thrill, and lens widening techniques. Each of these techniques help hackers to better manage their nerves and consequently, learn how to better cope with the fear. During their psychological decision-making processes, hackers use these five techniques to create a new mindset, behind which they hide, with the objective of minimizing and mitigating the inherent risks they encounter during their criminal activities. The theoretical importance of nerve is the key to a better understanding of black hat hacker’s illegal acts, their behaviors and ultimately their actions.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Price includes VAT (USA)
Tax calculation will be finalised during checkout.
Throughout the text, for concision, we use the term, ‘hacker’ to refer to the ‘black hat hacker.’
Agnew, R. (1992). Foundation for a general strain theory of crime and delinquency. Criminology, 30(1), 47–88.
Agnew, R. (1999). A general strain theory of community differences in crime rates. Journal of Research in Crime and Deliquency, 36(2), 123–155.
Anderson, E. (2000). Code of the street: Decency, violence, and the moral life of the inner city. New York, NY: WW Norton & Company.
Bandura, A., & Walters, R. H. (1977). Social learning theory. New York, NY: General Learning Press.
Baron, S. W. (2004). General strain, street youth and crime: A test of Agnew's revised theory. Criminology, 42(2), 457–484.
Barriga, A. Q., & Gibbs, J. C. (1996). Measuring cognitive distortion in antisocial youth: Development and preliminary validation of the “how I think” questionnaire. Aggressive Behavior, 22(5), 333–343.
Beccaria, C. (2009). On crimes and punishments and other writings. Toronto Buffalo, London: University of Toronto Press.
Benjamin, V., Li, W., Holt, T., & Chen, H. (2015). Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. Paper presented at the 2015 IEEE international conference on intelligence and security informatics (ISI), Baltimore, MD, USA.
Benjamin, V., Zhang, B., Nunamaker, J. F., Jr., & Chen, H. (2016). Examining hacker participation length in cybercriminal internet-relay-chat communities. Journal of Management Information Systems, 33(2), 482–510.
Benjamin, V., Valacich, J., & Chen, H. (2019). DICE-e: A framework for conducting darknet identification, collection, evaluation with ethics. MIS Quarterly, 43(1), 1–22.
Blackburn, R. (1993). The psychology of criminal conduct: Theory, research and practice. Oxford, England: John Wiley & Sons.
Chandler, A. (1996). The changing definition and image of hackers in popular discourse. International Journal of the Sociology of Law, 24(2), 229–251.
Charmaz, K. (1990). ‘Discovering’chronic illness: Using grounded theory. Social Science & Medicine, 30(11), 1161–1172.
Cherbonneau, M., & Copes, H. (2006). ‘Drive it like you stole it’: Auto theft and the illusion of normalcy. British Journal of Criminology, 46(2), 193–211.
Cisco. (2018). 2018 Annual Cybersecurity Report. Retrieved from https://www.cisco.com/c/en/us/products/security/security-reports.html. Accessed 13 Jan 2018
Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44(4), 588–608.
Corbin, J., & Strauss, A. (2008). Basics of qualitative research: Techniques and procedures for developing grounded theory. In London: Thousand oaks. CA: Sage.
Cornish, D. B., Clarke, R. V., & Wortley, R. (2008). The rational choice perspective (Vol. 21). Cullompton, UK: Willan Publishing.
Crooks, D. L. (2001). The importance of symbolic interaction in grounded theory research on women's health. Health Care for Women International, 22(1–2), 11–27.
Cross, T. (2006). Academic freedom and the hacker ethic. Communications of the ACM, 49(6), 37–40.
Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers & Security, 32, 90–101.
Cusson, M. (1993). Situational deterrence: Fear during the criminal event. Crime Prevention Studies, 1, 55–68.
D’Arcy, J., & Lowry, P. B. (2019). Cognitive-affective drivers of employees’ daily compliance with information security policies: A multilevel, longitudinal study. Information Systems Journal, 29(1), 43–69.
Davis, R. W., & Hutchison, S. C. (1997). Computer crime in Canada: An introduction to technological crime and related legal issues. Canada: Carswell Legal Publications.
Deci, E. L., & Ryan, R. M. (2010). Self determination theory Corsini Encyclopedia of Psychology. Online: Wiley Online Library.
EY. (2018). 21st EY Global Information Security Survey. Retrieved from https://www.ey.com/Publication/vwLUAssets/ey-global-information-security-survey-2018-19/$FILE/ey-global-information-security-survey-2018-19.pdf
Ferraro, K. F., & Grange, R. L. (1987). The measurement of fear of crime. Sociological Inquiry, 57(1), 70–97.
Gibbs, J. P. (1975). Crime, punishment, and deterrence. New York, NY: Elsevier New York.
Gottfredson, M. R., & Hirschi, T. (1990). A General Theory of Crime: Stanford University press.
Groff, E. R. (2008). Adding the temporal and spatial aspects of routine activities: A further test of routine activity theory. Security Journal, 21(1–2), 95–116.
Hochstetler, A. (2001). Opportunities and decisions: Interactional dynamics in robbery and burglary groups. Criminology, 39(3), 737–764.
Hochstetler, A. (2002). Sprees and runs: Opportunity construction and criminal episodes. Deviant Behavior, 23(1), 45–73.
Holt, T. J. (2009). The attack dynamics of political and religiously motivated hackers. NewYork: Paper presented at the Cyber Infrastructure Protection.
Holt, T. J., & Bossler, A. M. (2014). An assessment of the current state of cybercrime scholarship. Deviant Behavior, 35(1), 20–40.
Holt, T. J., Strumsky, D., Smirnova, O., & Kilger, M. (2012). Examining the social networks of malware writers and hackers. International Journal of Cyber Criminology, 6(1), 891–903.
Hu, Q., Zhang, C., & Xu, Z. (2011). How can you tell a hacker from a geek? Ask whether he spends more time on computer games than sports. Blacksburg, Virginia: Paper presented at the DeWald Information Security Research Workshop.
Jacobs, B. A., & Cherbonneau, M. (2017). Nerve management and crime accomplishment. Journal of Research in Crime and Delinquency, 54(5), 617–638.
Kallman, E. A., & Grillo, J. P. (1998). Ethical decision making and information technology: An introduction with cases. Collingdale: DIANE Publishing Company.
Katz, J. (1988). Seductions of crime: Moral and sensual attractions in doing evil. New York, NY: Basic Books.
Kshetri, N. (2006). The simple economics of cybercrimes. IEEE Security and Privacy, 4(1), 33–39.
Leeson, P. T., & Coyne, C. J. (2005). The economics of computer hacking. JL Econ. & Pol'y, 1, 511.
Levy, S. (2001). Hackers: Heroes of the computer revolution (Vol. 4). New York, NY: Penguin Books New York.
Lichstein, H. (1963). Telephone Hackers Active. The Tech, 43(20), 20.
Lowry, P. B., Zhang, J., Wang, C., & Siponen, M. (2016). Why do adults engage in cyberbullying on social media? An integration of online disinhibition and deindividuation effects with the social structure and social learning (SSSL) model. Information Systems Research, 27(4), 962–986.
Lowry, P. B., Dinev, T., & Willison, R. (2017). Why security and privacy research lies at the Centre of the information systems (IS) artefact: Proposing a bold research agenda. European Journal of Information Systems, 26(6), 546–563.
Mahmood, M. A., Siponen, M., Straub, D., Rao, H. R., & Raghu, T. (2010). Moving toward black hat research in information systems security: An editorial introduction to the special issue. MIS Quarterly, 34(3), 431–433.
Parks, R., Xu, H., Chu, C.-H., & Lowry, P. B. (2017). Examining the intended and unintended consequences of organisational privacy safeguards enactment in healthcare. European Journal of Information Systems, 26(1), 37–65.
Patchin, J. W., & Hinduja, S. (2011). Traditional and nontraditional bullying among youth: A test of general strain theory. Youth & Society, 43(2), 727–751.
Phukan, S. (2002). IT ethics in the internet age: New dimensions. Paper presented at the proceedings of informing. Cork, Ireland: Science & IT Education Conference.
Probasco, J. R., & Davis, W. L. (1995). A human capital perspective on criminal careers. Journal of Applied Business Research, 11(3), 58.
Reyns, B. W. (2013). Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, 50(2), 216–238.
Rogers, M. K. (2006). A two-dimensional circumplex approach to the development of a hacker taxonomy. Digital Investigation, 3(2), 97–102.
Schell, B. H., & Dodge, J. L. (2002). The hacking of America: Who's doing it, why, and how. Westport, CT, USA: Greenwood Publishing Group Inc..
Schell, B. H., & Holt, T. J. (2009). A profile of the demographics, psychological predispositions, and social/behavioral patterns of computer hacker insiders and outsiders Online consumer protection: Theories of human relativism (pp. 190–213). Online: IGI Global.
Shin, J., & Milkman, K. L. (2016). How backup plans can harm goal pursuit: The unexpected downside of being prepared for failure. Organizational Behavior and Human Decision Processes, 135, 1–9.
Skinner, B. F. (1972). Beyond freedom and dignity. New York: Bantam Books.
Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understanding the potential risks associated with hackers/crackers. Information Management & Computer Security, 10(4), 178–183.
Strauss, A., & Corbin, J. (1994). Grounded theory methodology. Handbook of Qualitative Research, 17, 273–285.
Sykes, G. M., & Matza, D. (1957). Techniques of neutralization: A theory of delinquency. American Sociological Review, 22(6), 664–670.
Teske, N. (1997). Beyond altruism: Identity-construction as moral motive in political explanation. Political Psychology, 18(1), 71–91.
The-Honeynet-Project. (2004). Know your enemy: Learning about security threats. Boston, Massachusetts: Addison-Wesley Professional.
Topalli, V., & Wright, R. (2013). Affect and the dynamic foreground of predatory street crime Affect and cognition in criminal decision making (Vol. 42). New York, NY.
Turgeman-Goldschmidt, O. (2005). Hackers' accounts: Hacking as a social entertainment. Social Science Computer Review, 23(1), 8–23.
Turgeman-Goldschmidt, O. (2008). Meanings that hackers assign to their being a hacker. International Journal of Cyber Criminology, 2(2), 382.
Urquhart, C., Lehmann, H., & Myers, M. D. (2010). Putting the ‘theory’back into grounded theory: Guidelines for grounded theory studies in information systems. Information Systems Journal, 20(4), 357–381.
Vaughan-Nichols, S. J. (2018). Your website is under constant attack. Retrieved from https://www.zdnet.com/article/your-website-is-under-constant-attack/. Accessed 13 Jan 2019
Wall, J. D., Lowry, P. B., & Barlow, J. (2016). Organizational violations of externally governed privacy and security rules: Explaining and predicting selective violations under conditions of strain and excess. Journal of the Association for Information Systems, 17(1), 39–76.
Warr, M. (2000). Fear of crime in the United States: Avenues for research and policy. Criminal Justice, 4(4), 451–489.
Wikström, P.-O. H. (2004). Crime as alternative: Towards a cross-level situational action theory of crime causation. Beyond Empiricism: Institutions and Intentions in the Study of Crime, 13, 1–37.
Wikström, P.-O. H. (2006). Individuals, settings, and acts of crime: Situational mechanisms and the explanation of crime. New York: Cambridge University Press.
Willison, R., & Lowry, P. B. (2018). Disentangling the motivations for organizational insider computer abuse through the rational choice and life course perspectives. The DATA BASE for Advances in Information Systems, 49(April), 81–102.
Willison, R., Lowry, P. B., & Paternoster, R. (2018). A tale of two deterrents: Considering the role of absolute and restrictive deterrence in inspiring new directions in behavioral and organizational security. Journal of the Association for Information Systems, 19(12), 1187–1216.
Wilson, J. Q. (2003). Broken windows: The police and neighborhood safety James Q. Wilson and George L. Kelling Criminological Perspectives: Essential Readings (Vol. 400, pp. 29038). London: SAGE.
Yar, M. (2005). Computer hacking: Just another case of juvenile delinquency? The Howard Journal of Crime and Justice, 44(4), 387–399.
Young, R., Zhang, L., & Prybutok, V. R. (2007). Hacking into the minds of hackers. Information Systems Management, 24(4), 281–287.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendix 1: Interview Guideline
The interview will not take more than 1 h. I will be recording the session because I don’t want to miss any of your comments. All comments and responses will be kept strictly confidential which means that your responses will be shared only with research team members and will ensure that any information from the report does not identify you as the respondent. Do you have any questions at this stage?
Can you tell us your name (hacker nickname), gender and age?
Can you briefly describe who you are and when you started to hack?
Can you confirm which type of hacker you are and what does that mean to you?
Can you provide more information your hacking debuts and how did you learn?
What motivates you to hack? What attracted you to black hat hacking?
Is what you do illegal?
What is the scope of your hacking activities? On which online sites (e.g., forums) you are active?
Hacking vs Fear
What is your perception regarding risks behind hacking activities? Please explain.
How do you see the criminal side related to your activities? Please explain.
Do you worry about being apprehended? Please explain.
Do you have any backup plans? Please explain.
Do you have any bad feelings when hacking? Please explain.
How do you manage your fear? Please explain.
Outlook / Interview Closing
What are the challenges in doing the hacking job? Please explain.
How do you see your future in hacking? Please explain.
Would you like to add anything else?
If not, I will analyze all information provided together with other interviews in the following weeks and would be happy to send you a copy to review if you are interested. Thank you very much for your time!
General probes used during the Interview
Would you give me an example?
Can you elaborate on that idea?
Would you explain that further?
I’m not sure I understand what you’re saying.
Is there anything else?
About this article
Cite this article
Silic, M., Lowry, P.B. Breaking Bad in Cyberspace: Understanding why and how Black Hat Hackers Manage their Nerves to Commit their Virtual Crimes. Inf Syst Front 23, 329–341 (2021). https://doi.org/10.1007/s10796-019-09949-3
- Black hat hacker
- Criminology nerve management
- General strain theory
- Routine activity theory (RAT)