Recently I posed the thorny question of who should be classified a “patriot hacker”, especially when thinking about the mid-1990s.
I realized with the latest news stories, now might be a good time to poke this bear a little more.
We have to begin by admitting the term hacker sadly has come to mean computer crime. I hate that as much as anyone, but it’s a reality of the times. When someone uses even authorized access to misuse or abuse data protection (e.g. Snowden), then some or even most camps throw around the word hacker.
In that sense, I’m putting the phrase “patriot hackers” in quotes because I’m unconvinced people hitting the news today really are either, let alone both. But for the sake of argument please hear this out. I hope you appreciate where I’m going.
Also, when I talked about the term patriot in the other blog post about hacker history, I used a dubious definition from an old Yale rag: “defending one’s own country”.
This is even worse than the hacker definition one above. Yet it’s obviously taken seriously by Yale and I’ve seen it cited downstream by people trying to influence or set government policy on hacking. Thus I’m using it because it’s been used by others.
Now I’ll give two examples from current news to show how the phrase “patriot hacker” can play out in the present, as well as compare it with the past.
First, Jamie Lee Henry and Anna Gabrielian were just charged with conspiracy to disclose American health information to Russia. Check out some of the buried ledes in their wacky story:
Gabrielian told the FBI agent “she was motivated by patriotism toward Russia to provide any assistance she could to Russia, even if it meant being fired or going to jail,” the indictment says. […] Gabrielian told the agent that “though [U.S. Army Major] Henry was a ‘coward’ and concerned about violating HIPAA by providing records” to the agent, “Gabrielian had no such concerns and violated HIPAA ‘all the time.’
Ouch. “Violated HIPAA all the time”.
We’re hearing from the FBI that an American couple, one in active duty with secret security clearance, were motivated to steal and forward medical records… allegedly due to their patriotism toward Russia.
That’s not their own country, right?
And I can’t leave out this detail.
Gabrielian texted the undercover agent using coded language on August 25, according to the indictment, saying, “Jamie might have samples of his poetry laying around. He says he will look for them and decide if he has the bandwidth for another project over the weekend. I think it would be good for him to at least show you examples of his past work.”
Poetry. Why does it always have to be poetry?
Second, a former NSA staffer said he had an itch to treat Russia as his “own” country while trying to break American laws and stir up trouble
In his communications with the FBI’s undercover employee, Dalke allegedly reached out to what he thought was a Russian agent, saying he, “recently learned that my heritage ties back to your country, which is part of why I have come to you.” He goes on to explain his reasoning for wanting to share documents from the NSA and at least two other American federal agencies, saying he, “questioned our role in damage to the world in the past and by mixture of curiosity for secrets and a desire to cause change.”
Dalke clumsily admitted he wanted money in exchange for his Russian patriotism, but don’t let that distract from a core premise for all three people. They intentionally bypassed controls (computer crime — hacking) to serve a particular country that they only had a distant/romanticized affinity towards.
Again, to be fair to myself because I hate these definitions, these people seem about as patriotic as they are capable of hacking anything (not much, yet clearly enough to be willfully breaking laws). These stories are about “patriot hackers” being arrested because our definitions of those terms make it so.
And with that being the case, we should think back to the news of Hagbard’s death in 1989.
His role allegedly was to take the information stolen in Germany by three others and give it to the KGB on floppy discs. After he and the others were caught (Cuckoo’s Egg), Hagbard mysteriously died in a fire. It was called a suicide yet who really believes that?
History could be written about Hagbard had a drug habit (or any other habit really), that he was in need of money, or that he was curious about secrets and desiring to cause change. And that’s where many people leave things when talking about the 1989 hackers, omitting their sense of duty or affinity.
However, beneath the more superficial layers of human interest (e.g. highest bidder wins) is a more troubling connection to identity and power. A young German walked with floppy disks in hand to the KGB because, why?
We may never know whether Hagbard held affinity towards Russians when he went out of his way to meet with them, I mean more or less than Snowden does today.
Edward Snowden has been granted Russian citizenship. The news was confirmed in a decree by Russian President Vladimir Putin posted Monday to the Kremlin’s website.
Right under that decree it must also have some kind of poetry like “you too can call Russia your own if you question America’s role in the world and think you can hack to extend the tyranny of Putin”.
In conclusion, patriotic hacking as a phrase could be a LOT older than many people in U.S. government advisory roles are allowing themselves to think about. Patriotism is certainly more than a narrow sense of own country, which opens the discussion to many more hacking incidents.
After all, if we use this blog post as a lens to reconsider Robert Lee Johnson’s attacks in 1961, patriotic hacking may be as old as hacking itself.