Breaking Bad in Cyberspace: Understanding why and how Black Hat Hackers Manage their Nerves to Commit their Virtual Crimes<\/p>\n
Mario Silic1 & Paul Benjamin Lowry2<\/p>\n
# Springer Science+Business Media, LLC, part of Springer Nature 2019<\/p>\n
Abstract What is happening in hacker\u2019s minds when they are committing criminal activities? How black hat hackers manage nerves, which is about managing fear and underlying emotions, and which tactics they employ during their decision-making process before, during and after committing a crime, is the question that could provide some initial insights on hacker\u2019s trajectories, their switch from black hat to white hat and ultimately about their behaviors and motivations. The main difficulty in answering this question resides with the access to hacker\u2019s data. To address this gap, we conducted interviews with 16 black hat hackers. Supported by the general strain theory and routine activity theory, we identified five techniques that they use to manage their nerves: shunting, minimization, plan B, thrill, and lens widening techniques. Each of these techniques help hackers to better manage their nerves and consequently, learn how to better cope with the fear. During their psychological decision-making processes, hackers use these five techniques to create a new mindset, behind which they hide, with the objective of minimizing and mitigating the inherent risks they encounter during their criminal activities. The theoretical importance of nerve is the key to a better understanding of black hat hacker\u2019s illegal acts, their behaviors and ultimately their actions.<\/p>\n
Keywords Black hat hacker . Security . Criminology nerve management . General strain theory . Routine activity theory (RAT)<\/p>\n
1 Introduction<\/p>\n
In 2016, black hat hackers, that we define as individuals with extensive computer knowledge employed to get personal gains or for other malicious reasons by conducting illegal activities (Chandler 1996; Smith and Rupp 2002), were be- hind major cyber security incidents (Cisco 2018; EY 2018). This caused an average 20% loss of a company\u2019s customer base with a trend of the hacking becoming more business and corporate oriented with unprecedented levels of sophistication and impact (Cisco 2018). The resulting revenue loss opportu- nities push companies to increase their security investments, since it is unlikely that the magnitude and the impact of cybercriminal attacks will decrease, given the current rate of<\/p>\n
increase in internet traffic. Sony, Ashley Madison, JP Morgan are examples of recent security incidents which reveal the pervasiveness of this issue. To combat this trend, it is essential to get a better understanding of cybercrime\u2019s costs, benefits, and attractiveness (Kshetri 2006). However, little is known about the people behind these illegal cybercrime activities, for three key reasons: (1) given its criminal nature, it is diffi- cult to obtain reliable data (Benjamin et al. 2019; Mahmood et al. 2010); (2) the fact that existing studies are anecdotal and rely on descriptive accounts and reporting (Crossler et al. 2013); and (3) the lack of a solid theoretical foundation to support the empirical evidence (Crossler et al. 2013; Mahmood et al. 2010). A key weakness in the IS security literature is that it focuses too much on policy compliance and non-malicious behaviors; by contrast, there is a clear need for more research on the \u201cblack hat\u201d dimension of cyber se- curity (Benjamin et al. 2019; Mahmood et al. 2010), with a focus on the malicious and deviant (i.e., criminal) behavior that threaten organizations (Crossler et al. 2013; Lowry et al. 2017; Willison and Lowry 2018; Willison et al. 2018).<\/p>\n
Different theories, ranging from the differential association theory (Blackburn 1993), theory of operant conditioning (Skinner 1972), social learning theory (Bandura and Walters 1977; Lowry et al. 2016), to deterrence theory (Gibbs 1975;<\/p>\n
* Mario Silic mario.silic@unisg.ch<\/p>\n
Paul Benjamin Lowry Paul.Lowry.PhD@gmail.com<\/p>\n
1 University of St. Gallen, Mueller-Friedberg-Str. 8, 9000 St. Gallen, Switzerland<\/p>\n
2 Pamplin College of Business, Virginia Tech, Blacksburg, VA, USA<\/p>\n
Information Systems Frontiers https:\/\/doi.org\/10.1007\/s10796-019-09949-3<\/p>\n
http:\/\/crossmark.crossref.org\/dialog\/?doi=10.1007\/s10796-019-09949-3&domain=pdf
\nmailto:mario.silic@unisg.ch
\nWillison et al. 2018), have all been relatively effective in explaining deviant behaviors and criminal continuation. However, because hacking is an unconventional criminal ac- tivity (Davis and Hutchison 1997), there is no single theory that well explains hacker1 behavior. Interestingly, the role of emotion, stemming from the general strain theory (Agnew 1992), was found to be one of the central factors in driving deviant behavior that is fostered by anger and frustration. Although this theory was widely applied in traditional street crimes (Baron 2004), it is not clear what role emotion may play in the hacking context. In particular, we are interested in how black hat hackers process their fear and subsequently manage their nerves when committing a virtual crime. Clarifying this theoretical issue would be of high importance in better understanding the hacking criminal behavior. Notably, we would extend existing theoretical understandings of hacker-offending decision-making processes.<\/p>\n
That is, we are particularly interested in understanding how black hat hackers manage fear and their nerves. Nerve man- agement is about the ability to manage fear and underlying emotions. Nerve management is essential, since it drives the decision-making process during the criminal act (Cornish et al. 2008). Unlike other criminal activities (e.g., car thieves), where offenders develop various tactics (e.g., self-medication, shunting, fatalism) for committing crime (Jacobs and Cherbonneau 2017), black hat hackers, likely employ differ- ent tactics to create and manage their nerves because they are in a highly unique criminal context that is virtual and percep- tually hidden in a computer system,.<\/p>\n
The importance of better understanding these tactics is es- sential in better understanding black hat hacking, and ulti- mately how to thwart it. Indeed, in the hacking decision- making processes, calm nerves should facilitate better control of the crime situation, minimizing risks and possible sanction threats. It is particularly compelling to consider how black hat hackers manage their nerve, given that face the possibility of severe sanctions if they are caught (e.g., arrest, prosecution, loss of employment, and fines). According to Holt and Bossler (2014, p. 33): \u201cThe increasingly rapid adoption of technology at all ages in industrialized nations requires research identify- ing how the use of computers and the Internet affect adoles- cent development through adulthood and involvement in both on- and off-line offending\u201d (p. 33). We argue that better un- derstanding how emotional dimension, and more precisely a hacker\u2019s nerves, is managed could provide new insights into hacker trajectories and their psychological functioning. It is evident that nerve management could be an important unex- plored dimension that could provide theoretical explanations of hacker\u2019s emotional states they have to cope with when confronted to crime situations.<\/p>\n
In this context, our study relies on the qualitative approach based on grounded theory (Corbin and Strauss 2008), which is particularly useful in dynamic environments (Strauss and Corbin 1994), such as the hacking context (Turgeman- Goldschmidt 2005). Indeed, according to Turgeman- Goldschmidt (2005, p. 10) \u201cthe best way to reach the true meaning of the criminal behavior of hackers requires using qualitative research methods in general and the grounded the- ory in particular because computer crime has yet to be exten- sively explored from the offenders\u2019 points of view (i.e., their perceptions, attitudes, behaviors, etc.)\u201d (p. 10). By applying the grounded theory approach we can discover relevant cate- gories and relationships among them (Strauss and Corbin 1994) to reveal the justification for the black hat hacker\u2019s motivations and psychological states that drive and shape their nerve management. We argue that the theoretical importance of nerve management is the key to a better understanding of the black hat hacker\u2019s illegal acts, behaviors and actions. It is crucial to understand how black hat hackers manage their nerves and which factors influence their decision-making pro- cess before and after committing a crime. The answer to this question could provide some initial insights on hacker\u2019s tra- jectories, their switch from black hat to white hat and their behaviors and motivations.<\/p>\n
In the following sections, we present the theoretical foun- dations for this study, followed by the research methodology. We then discuss our findings and conclude the study.<\/p>\n
2 Theoretical Background<\/p>\n
Our research applies grounded theory approach which should provide us relevant explanations, interpretations and implica- tions. To apply and interpret our grounded theory develop- ment, we are supported by the theoretical foundations of gen- eral strain theory (Agnew 1992) and routine activity theory (RAT) (Cohen and Felson 1979).<\/p>\n
2.1 Development of Crime<\/p>\n
Based on its origins in the 1960\u2019s, the word \u201chack\u201d meant improving programming flaws of mainframe computers by a group of MIT students. Fixing bugs and improving program- ming mistakes by doing small \u201chacks\u201d was performed by an individual (i.e., hacker). This person was considered to have a higher level of computer knowledge and was able to alter programs or systems (Yar 2005). In 1963, one of the first incidents of malicious hacking was reported (telephone hackers) by MIT\u2019s student newspaper (Lichstein 1963). Hackers are now generally divided into two main groups: white hat and black hat hackers. These two groups have dif- ferent motivations, objectives and rules. While white hat hackers are usually considered positively. They seek to<\/p>\n
1 Throughout the text, for concision, we use the term, \u2018hacker\u2019 to refer to the \u2018black hat hacker.\u2019<\/p>\n
Inf Syst Front<\/p>\n
acquire new knowledge and to provide information about vul- nerabilities, weaknesses and threats that they have identified in computer systems. By contrast, the black hat hackers at- tempt to achieve financial gain from their knowledge by blackmailing, sabotaging or engaging in other criminal activ- ities (Schell and Dodge 2002). Previous studies that focused on the motivation behind hacking activities provided different explanations for their acts, such as justice (Rogers 2006), en- joyment and curiosity (Turgeman-Goldschmidt 2005), moral- ity and connectedness (Teske 1997), among others. Regardless of the specific motivation to commit an illegal action, every hacker usually balances benefits and costs, be- fore deciding whether or not to commit the crime (Probasco and Davis 1995). These intangible psychological costs relate to the amount of mental energy required to commit the crime. Fear of apprehension of punishment remains an important decision-making criteria before the crime is committed (Kshetri 2006).<\/p>\n
Most individuals who commit crimes and act unethically believe that there is nothing wrong in what they are doing (Kallman and Grillo 1998). They do not perceive their actions as being really illegal, unethical or inappropriate. It is clear that for most black hat hackers, committing a cyber-crime does not increase their guilt level, as is the case for more conventional crimes (Phukan 2002). This is because it is not always easy to identify the victim, as well as different socio-cultural back- grounds where the cost of their acts is weighed against the context in which they operate (Deci and Ryan 2010).<\/p>\n
To date, little empirical evidence has been provided to fur- ther explain the black hat hacker\u2019s motivations (Crossler et al. 2013; Holt and Bossler 2014; Holt et al. 2012; Mahmood et al. 2010; Schell and Holt 2009). This has contributed to the dif- ficulty in getting the data (Benjamin et al. 2019). The majority of previous studies primarily focused on discussing hackers motivation, rather than providing empirical evidence (e.g., Cross 2006; Schell and Dodge 2002). Other studies that tried to understand the complex hacker\u2019s phenomenon, mostly fo- cused on the student population (e.g., Hu et al. 2011; Rogers 2006). However, we believe students are a par- ticularly poor sample frame from which to represent the complex psychological motivations behind black hat hackers\u2019 highly criminal. Moreover, the other flaw in these studies is they did not analyze the actual context in which hackers operate, such as hackers forums or Internet Relay Chats (e.g., Benjamin et al. 2015; Benjamin et al. 2019; Benjamin et al. 2016). Importantly, the few studies that used known hackers as informants (e.g., Holt 2009; Hu et al. 2011; Schell and Holt 2009; Young et al. 2007), revealed that hackers perceive a low level of potential sanction. They also believe that they will not be caught easily. This signals that the likelihood of punishment is low (Young et al. 2007). These findings indicate that hackers are able to manage their nerves in the face of great potential risks they engage in.<\/p>\n
An assessment of cybercrime research by Holt and Bossler (2014, p. 33), has showed three kind findings that we build on: (1) that there is a considerable increase in scientific contribu- tion on various forms of cybercrime; (2) that traditional crim- inological theories generally hold in the online context; but, also (3) that there are still important new avenues for research to explore, and especially to further examine \u201cbreadth of existing and recent criminological theory to expand our knowledge of cybercrimes.\u201d Notably, existing knowledge on hacker\u2019s motivations, ranging from political or religious rea- sons (Holt 2009) to money, entertainment, ego, cause, en- trance to a social group, and status (The-Honeynet-Project 2004), is relatively well researched. However, little to no re- search on hacker\u2019s demographics, psychological predisposi- tions, and social\/behavioral patterns exists (Schell and Holt 2009). We position our research within the psychological boundaries in which emotional states and fear management are taking roots. This positioning is guided by the theoretical input that we detail in the following section.<\/p>\n
There are several theories, originating from the criminolo- gy field, that fit well into the hacking context, such as self- control theory (Gottfredson and Hirschi 1990), RAT (Cohen and Felson 1979), situational action theory (Wikstr\u00f6m 2004, 2006), or even theories borrowed from economics (Kshetri 2006; Leeson and Coyne 2005). However, due to the different context in which they operate, compared to other crime con- texts where physical violence is usually present, we argue that there is a need to apply different theoretical insights to support the underlying premises. Hackers do not always operate rationally\u2014especially in terms of operating through costs, benefits, and sanctions\u2014as economic theories would suggest (Yar 2005). Something else is driving them and allows them to suspend threat of sanctions that most people would perceive. A lack of empirical studies to validate the applicability of certain theories in the hacking milieu and with known hackers, suggests that different theoretical premises should be incorpo- rated into the theoretical foundation, when studying hacker\u2019s behaviors. We address this mystery.<\/p>\n
To guide the interpretation of our grounded theory re- search, we rely on the general strain theory (Agnew 1992) and RAT (Cohen and Felson 1979). General strain theory argues that negative emotions can lead to anger and frustra- tion, where individuals experiencing strains or stressors en- gage in crime to escape from those stressors. These negative emotions are particularly important in the hacking context as they could be a source of inspiration for illegal behavior. Several specific strains are advanced in the theory such as the failure to achieve positively valued goals (e.g., money) or the presentation of negatively valued stimuli (e.g., political motives such as injustice related to different causes) (Patchin and Hinduja 2011). The first strain is about unmet expecta- tions of individuals that leads to disappointment. The second strain is a response to the negatively valued stimuli in which<\/p>\n
Inf Syst Front<\/p>\n
individuals look for avoidance, leading to negative and illegal activities such as hacking. Finally, these negative emotions call for a way to relieve one\u2019s internal pressure. According to Patchin and Hinduja (2011) when people cannot achieve their goals then strain will be experienced, which can then cause them to turn to crime. Typically, this path to the criminal behavior can be seen among black hat hackers where failure to achieve positively valued goals, such as financial remunera- tion, leads to the criminal behavior.<\/p>\n
RAT suggests that crime commitment is the result of an opportunity, highlighting \u201cthe convergence of motivated of- fender, suitable target, and the lack of a capable guardian at a particular place and time as the core elements necessary for a crime to occur\u201d (Groff 2008, p.99). Motivated offenders are individuals or groups that have the ability and motivation to commit a crime for various reasons. Guardianship refers to the ability to intervene into a crime (i.e., the hacking activity) and consequently, prevent it. Importantly, in our virtual cybercrime context, the concept of physical proximity is re- moved (Yar 2005). Consequently, the applicability of RAT to cybercrime is even more relevant because victims are placed in the \u201cvirtual proximity\u201d to motivated offenders. That is, opportunity for black hat behavior is increased because it is easier for motivated offenders to find victims because they do not have to be physically proximate. Typically, the risk is greatly increased in online situations in which individuals demonstrate higher amounts of time spent online, higher use of internet banking or online purchases, and have overall more risky online behavior. Furthermore, RAT provides an expla- nation that in absence of capable guardianship, the costs of committing the crime are relatively low, which then increases the benefits. Capable guardians are usually translated into lack of security measures such as lack of antivirus, low malware protection, or inadequate network security in the organization- al context (Reyns 2013). In all these situations, higher victim- ization can be expected as a consequence of a lack of actions on the victim\u2019s side. Consequently, the costs for hackers to perform illegal activities are relatively low as they have to invest much less of resources to conduct hacking.<\/p>\n
Thus, it is one thing to be angry and have a general moti- vation for criminal hacking\u2014a necessary but insufficient start from general strain theory\u2014but a potential hacker needs a suitable target for which they can believe they can reasonable hack to express their anger\u2014it cannot be just any target. Meanwhile, the \u201ccapable guardian\u201d component of hacking is especially crucial in calculating the risks and uncertainties. As illustration, suppose a hacker is angry by the US government\u2019s policies and activities in the Middle East. Unless the hacker has unusual capabilities, and a network of similarly minded hackers, he\/she probably would not consider hacking the Pentagon\u2019s computers to be a realistic target or one for which he\/she could manage his\/her nerves. This is because the \u201cguardians\u201d (and associated technologies) that protect the<\/p>\n
Pentagon\u2019s computer are among the best in the world. Instead, it would be more realistic to hack a regional newspa- per website that is considered pro-US in its coverage.<\/p>\n
Overall, general strain theory explains that different strains are impacting hacker\u2019s emotional state motivating him\/her to crime, whereas RAT explains the crime context in which the \u201cvirtual proximity\u201d is the main facilitator of the criminal be- havior. Applying these theoretical lenses in our context, black hat hackers, when committing a cybercrime where costs and benefits of their acts are evaluated, manage their nerves dif- ferently than other more standard types of crimes (e.g. drug smuggling). In the next section, we conceptualize nerves and discuss nerve management from a hacker\u2019s perspective.<\/p>\n
2.2 Nerve Management<\/p>\n
In this section, we explain how nerve management works for hacker\u2019s in respect to both general strain theory and RAT. Overall, nerve management can be a useful technique that hackers can use to intervene into their cognitive reasoning to moderate and mitigate the fear that they may experience dur- ing their criminal acts. Nerve management is about managing the uncertainty and providing more clarity to their own decision-making space they create in their psychological and mental states when they engage in criminal activity. However, the technical knowledge (higher or lower) to hack in the sys- tem may not be enough to \u201cmanage the intense emotions brought on by crime, while maintaining some minimal level of composure\u201d (Cherbonneau and Copes 2006, p.206). This is because without proper nerve management, it may not be possible to succeed in accomplishing the crime. Ironically, this may be why many black hat hackers eventually become white hat hackers. In a hacker\u2019s context, the manifestation of nerves occurs when hackers engage in risky illegal behaviors (e.g., illegally obtaining data, penetrating a target system, acquiring unauthorized access, and the like). Such risky and illegal ac- tivities can lead the hacker to be recognized by their peers (Levy 2001). However, many such hackers actually care about potential negative outcomes arising from their acts. For some hackers, it is not acceptable to ask for any ransom or to behave in an unethically acceptable way\u2014leading to what is referred to as \u201cwhite hat\u201d hacker behaviors. It is evident that in all of these situations that emotions play an important role.<\/p>\n
This criminal context in which negative emotions can lead to anger and frustration is well explained by the general strain theory (Agnew 1992). Strain theory explains that \u201cWhen le- gitimate solutions are not available, non-economic strain re- sults in non-compliant behavior (Agnew 1999)\u201d (Wall et al. 2016, p. 51). Such non-economic strains are typically stressors like anger and negative emotions, and deviance is a way of dealing with or escaping from these stressors (Agnew 1999). Crucially, the relationship between emotions and nerve man- agement needs to be better understood as the concept of<\/p>\n
Inf Syst Front<\/p>\n
nerves is closely related to negative emotion (Jacobs and Cherbonneau 2017), which is a consequence of an anger frus- tration situation. This anger\/frustration dimensions, the core premise of general strain theory (Agnew 1992, 1999), suggest that an offender will rely on these two factors to build the negative emotion and will, in turn, commit a crime.<\/p>\n
Meanwhile, RAT theory argues that criminal behavior is the result of an opportunity. Although crime can be attractive to commit (Katz 1988), there is often an explanation for crime accomplishment because it provides an opportunity to commit an illegal act due to the absence of capable guardian (Reyns 2013) or simply due to the \u2018virtual proximity\u2019 context in which hacking is greatly facilitated.<\/p>\n
Research explains that nerve develops as part of the group process, in which peer pressure is usually high (Hochstetler 2001). This leads to the negative act commitment by all indi- viduals who are part of the group (Hochstetler 2001). This is typically true in the black hat context, because hackers within the same hacking group will want to show to their \u2018peers\u2019 that they can handle their nerves and commit an illegal act. This allows them to gain recognition and get access to a larger community, since they were able to deliver on their acts by demonstrating strong technical skills and knowledge. As illus- tration, \u201cone of the most effective ways of gaining respect is to manifest nerve. A man shows nerve by taking another person\u2019s possessions, messing with someone\u2019s woman, throwing the first punch, \u2018getting in someone\u2019s face,\u2019 or pulling a trigger\u201d (Anderson 2000, p. 92).<\/p>\n
Thus, to these hackers, nerve management becomes a key goal or objective, so that they can prove their abilities to the greater group (Hochstetler 2002). This process appears to be happening frequently, with repetitive phases, where offenders demonstrate \u201ca sense of \u2018being on autopilot\u2019 or \u2018on automat- ic,\u2019 as they proceed from target to target\u201d (Hochstetler 2002, p. 63). It is not surprising that many black hat hackers use security tools (e.g., Metasploit Framework or nmap) to try to hack in an automated way. We also note that many hackers do not use out-of-the-box tools, but rather develop custom tools and approaches that can be difficult to detect by modern anti- virus or other security tools. Regardless of the approaches used, hacking has become shockingly ubiquitous: A typical Web server on the Internet is attacked more than a quarter of a million times in a day (Vaughan-Nichols 2018).<\/p>\n
3 Method<\/p>\n
Again, our study used a qualitative research method based on grounded theory (Corbin and Strauss 2008). Grounded theory aims at uncovering social relationships and behaviors of groups, known as social processes (Crooks 2001). Importantly, by uncovering these processes, theory emerges from the data through an incremental and systematic approach<\/p>\n
(Parks et al. 2017; Urquhart et al. 2010). Grounded theory is particularly useful for deeply examining emerging issues caused by new sociotechnical phenomenon (Parks et al. 2017). Consequently, grounded theory has been used effec- tively in several hacker related studies (e.g., Turgeman- Goldschmidt 2005; Turgeman-Goldschmidt 2008), in which the outcome of the grounded theory is \u201ca social construction of the social constructions found and explicated in the data\u201d (Charmaz 1990, p. 1165).<\/p>\n
Our data was collected from in-depth interviews (Table 1) with 16 black hat hackers. Since one of the paper\u2019s authors was a former white hat hacker, we had easier access to the initial sample of seven black hat hackers, who when asked, suggested 11 informants. All of the interviewees contacted were black hat hackers who had committed at least one illegal act during their hacking career. Institutional Review Board (IRB) approval of the primary investigator was obtained prior to the project start to remove any possible ethical concern related to this project. Other recruitment criteria included the following: 1) the hacker is still active (did not switch to white hat); 2) the hacker is part of a group and does not act on their own (this makes it easier to verify if the hacker really belongs to a specific hacking group and is what he\/she claims to be) and 3) the hacker is \u201cpresent\u201d for more than six months (we wanted to exclude novice and inexperienced hackers). We removed two informants that did not meet all of these criteria.<\/p>\n
To increase the likelihood that the participants were legiti- mate black hat hackers, we conducted ethnographic observa- tions on the Internet sources (e.g., forums) that were revealed by participants during the interview. This was done to increase the likelihood that no fake participants were interviewed but also to make sure that the claims advanced by participants (such as being black hat hacker) were true. By analyzing posts and interactions present on the identified sources were able to accurately confirm hacker\u2019s background and their claims (al- though we anonymized hackers real names\/nicknames in the paper, the ethnographic investigation was done using their real pseudonyms).<\/p>\n
The mean age for respondents was 22, with a range from 18 to 25 years of age. Detailed demographics are presented in Table 2.<\/p>\n
All of the interviews were semi-structured (they took place between January 2017 and February 2018) and followed an open-ended approach. The interviews were between 42 and 61 min long (an average of 55 min). Due to the sensitive nature of the topic and since all interviewees wanted to pre- serve their complete anonymity, all of the interviews were conducted through secured fully encrypted communication (most of the time using skype). Interviewees did not receive any financial compensation for their participation (this was expected, since hacking involves showing to others their ac- complishments through a \u201cfeeling of power\u201d that hackers want to express (Leeson and Coyne 2005). All of the<\/p>\n
Inf Syst Front<\/p>\n
interviews were recorded. Four interviewees decided to scramble their voice to minimize any potential identification. The interview guideline (Appendix A) was pretested with one information security professional and one white hat hacker. Minor modifications were implemented to better formulate questions. The interview started with some generic questions for the participants, asking them their hacker name, how they became hackers, etc. The interview then focused on their mo- tives to commit criminal activities and the way they manage their nerve, fear and emotions (e.g., a sample question we asked was: \u201cCan you describe how you feel in the presence of a threat to be caught?\u201d or \u201cAre you afraid to be arrested by the police?\u201d). The names the hackers used were not secret, and thus the interviewees did not have any objections against our using them. Therefore, in the following sections, we refer to their actual publicly available names.<\/p>\n
Following Strauss and Corbin (1994)\u2018s recommendations on conducting grounded theory building, we first started with initial open coding.. We proceeded with an axial coding by reducing and clustering different categories that we identified. Finally, we conducted selective coding by detailing and selecting the identified categories. In particular, we used nVivo software (nVivo is a graphical qualitative data analysis computer software package) to analyze the qualitative data, identify different information, patterns, and relationships pres- ent in the interviews. We combined or analyzed different cat- egories and subcategories based on their relationships and then tested the theoretical propositions by referring back to the data. For example, we grouped different ideas based on general behavior patterns that emerged from interviews and the corresponding hacking activities that participants detailed during the interview process.<\/p>\n
3.1 How Are Hackers\u2019 Nerves Managed?<\/p>\n
In a typical crime situation, fear behind the act of committing the crime is associated with increased heart rate, faster breath- ing (Warr 2000) or the release of adrenaline into the blood. Physical agitation accompanied by nervousness, decrease in body temperature, mouth dryness or even psychological sig- nals such as anger, frustration, outrage, are the main signs of fear (Ferraro and Grange 1987). Fear can be seen as \u201can in- hibitory emotion\u201d that should, in most cases, prevent and mit- igate criminal offenses (Topalli and Wright 2013, p. 52). Because the emotion of fear drives deterrence (Beccaria 2009), it is expected that the perceived risk of getting caught or sanction risk will be the result of the fear (Gibbs 1975). For Cusson (1993, p. 55) \u201cfear is obviously at the heart of deter- rence,\u201d but \u201cis not a calculated risk.\u201d It would, therefore, be expected that hackers behave the same and manage their nerves accordingly. However, hackers are a different type of offender, since they are usually hiding their identity behind their computers. Therefore, they are usually not facing the victim, as is the case with street crimes. It is still expected that the fear generated by the thought of the possibilities of appre- hension, would influence the way nerves are managed in the hacker\u2019s mind. However, in reality, the way this cognitive process is managed is different from other criminal situations (e.g., robbery).<\/p>\n
3.1.1 From Cognitive Distortion to Broken Windows: Shunting and Minimization Techniques<\/p>\n
Cognitive distortion refers to rationalizing attitudes, beliefs or thoughts about one\u2019s own or other\u2019s social behavior (Barriga<\/p>\n
Table 1 Interview details Hacker (name) Interview length (min) Age Hacking focus Hacking life (in years)<\/p>\n
Voodoo 45 22 – Phishing \/ Denial of Service 5<\/p>\n
Phantasm 58 23 – ClickJacking Attacks 2<\/p>\n
Trinity 54 25 – Malware, Virus, Trojan 4<\/p>\n
L@ky 58 24 – System penetration \/ intrusion 3<\/p>\n
LucNb 54 21 – System penetration \/ intrusion 6<\/p>\n
NotoriusX 61 24 – Malware, Virus, Trojan 8<\/p>\n
NbG 42 23 – Ransomware 5<\/p>\n
JustiX 57 24 – Phishing \/ Denial of Service 8<\/p>\n
Mr.trojan 60 22 – System penetration \/ intrusion 7<\/p>\n
Crypto 59 23 – Social engineering 6<\/p>\n
Hig Hacker 48 18 – Stealing financial data 3<\/p>\n
B14D3 49 19 – Phishing \/ Denial of Service 4<\/p>\n
M3M0RY 59 25 – Phishing \/ Denial of Service 9<\/p>\n
Mr Binary 57 22 – Phishing \/ Denial of Service 4<\/p>\n
Yuliux 55 20 – Ransomware, Malware 5<\/p>\n
White Devil 60 20 – System penetration \/ intrusion 6<\/p>\n
Inf Syst Front<\/p>\n
and Gibbs 1996). In the hacking context, a particularly suit- able cognitive distortion is minimizing or mislabeling, where the antisocial behavior is followed by the mentality where the offender believes that no harm is really done, and that his\/her actions can even be seen and accepted as admirable. When asked how they felt about their acts, whether it is something they consider to be dangerous, illegal or criminal, they all expressed the same feeling that it was a \u2018non-violent\u2019 act which did not harm anyone. For example, Voodoo said:<\/p>\n
\u201c\u2026this is just harmless exploration. It’s not a violent act or a destructive act. It’s nothing.\u201d<\/p>\n
Phantasm explained that his\/her acts are not violent at all, since it is all about learning:<\/p>\n
\u201cNot at all. Well, first of all, I was just looking around, playing around. What was fun for me was a challenge to see what I could pull off.\u201d<\/p>\n
All of the interviewees confirmed the belief that there was nothing really wrong in what they were doing. The cognitive tactic employed in this context can be referred to as shunting. This is similar to but slightly different from neutralization (Sykes and Matza 1957). Shunting involves only thinking about the positive outcomes and putting aside any fear that may arise from the action (Jacobs and Cherbonneau 2017). Lord Nikon explained that he\/she is not even thinking about any negative consequences. He\/she sees it as something pos- itive, where he\/she will get a new \u2018power\u2019 through his\/her acts:<\/p>\n
\u201cWell, it’s power at your fingertips. You can control all these computers from the government, from the military, from large corporations. And if you know what you’re doing, you can travel through the internet at your will, with no restrictions. That’s power; it’s a power trip.\u201d<\/p>\n
Trinity has a slightly different view when asked about what he\/she considers to be illegal:<\/p>\n
\u201cAt the first time when I came into the headlines for my breach\u2026, I was a little bit afraid that I was getting caught\u2026I did not leak all the database only a little bit to make them aware of it. If it’s legal? In my opinion, it is<\/p>\n
legal when you only leak a little bit database to make them aware of it.\u201d<\/p>\n
Several others confirmed Trinity\u2019s position that only doing [leaking] a little is not a problem. This sort of minimization technique is an interesting method that hackers use to cogni- tively minimize the severity of their acts.<\/p>\n
Another interesting method used by hackers has its origins in the Broken windows theory (Wilson 2003), which suggests that policing methods that target minor crimes are welcome. This is because a fast reaction will most likely prevent bigger crimes to happen. However, these \u201cminor\u201d crimes in the hacking milieu are usually not sanctioned. This provides jus- tification for hackers to continue with their acts, which could lead to more harmful actions. One hacker explained that risks are low, as the cost of their acts is also low. Therefore, they do not expect the police to chase them for small losses. L@ky commented:<\/p>\n
[It seems like a lot of risk for the $2K you’ve made so far]\u201d…Well, that is publicly. And in less than a month. It is no risk for me, as they can’t do anything. Like I said, quick easy cash in about a month.\u201d<\/p>\n
Another hacker explained<\/p>\n
\u201cI\u2019m never hacking a company based in my country \u2013 no police will come and take me down for such a small cost \u2013 If I steel few millions, it would probably be different \u2013 but I\u2019m cautious about the amount.\u201d<\/p>\n
Clearly, nerves are managed through calculated risks that each hacker weighs to understand possible gains and losses, but this \u2018calculation\u2019 may not be as rational as the hack- er believes it to be. This behavior can be associated to bounded rationality, as seen in security contexts in gen- eral (e.g., D\u2019Arcy and Lowry 2019), because the decisions hackers make are \u2018bounded\u2019 by their cognitive limitations and also influenced by their emotions. As illustration, one hacker (LucNb) boldly claimed that<\/p>\n
\u201conly inexperienced or novice hackers do not pay atten- tion to the risks vs fear to get caught \u2013 so they make errors and cross the line…I never do that.\u201d<\/p>\n
3.1.2 Plan B, Thrill and Lens Widening Techniques<\/p>\n
Interestingly, most of the interviewed hackers claimed that they do not worry too much about being apprehended, wheth- er their illegal acts are small or large. The majority of the interviewees claim to have some sort of a backup plan. For example, Trinity said<\/p>\n
Table 2 Demographics<\/p>\n
Summary Variable Mean Value Standard deviation<\/p>\n
Mean age 22 2.0<\/p>\n
Average interview length (in min) 55 5.5<\/p>\n
Average hacking life (in years) 5.3 1.92<\/p>\n
Inf Syst Front<\/p>\n
\u201cWell, it is a little more complicated than that, but I have plans in case something happens.\u201d<\/p>\n
Others also highlighted that they usually have a backup plan, in case things go wrong. They emphasized the importance of having a Plan B. For example, L@ky explained:<\/p>\n
\u201cI\u2019m not afraid. In case something goes wrong \u2013 I\u2019m ready and I know what I will do\u2026I don\u2019t worry so much.\u201d<\/p>\n
This \u2018Plan B scenario\u2019 thinking is important in nerve manage- ment. Having a Plan B, reduces the psychological discomfort associated with uncertainty (Shin and Milkman 2016). It not only it drives a hacker\u2019s state of mind regarding removing or mitigating the risk factors, it also contributes to a better focus on the Plan B scenario. These hackers feel more comfortable in the way their nerves are managed, since they do not fully perceive the inherent risks. This is because they convince themselves they are somehow \u201csecured\u201d by the Plan B sce- nario that they have put in place. However, when hackers were asked what exactly their Plan B is, most of the them gave a vague and unclear answer. Several of them did not want to clearly explain their back up plan. A few others tried to ex- plain it, but their answers were generic. As illustration, one noted that his\/her plan B is:<\/p>\n
\u201cI will co-operate and turn to white hat hacker\u2026I\u2019m sure I will not go to prison not pay any penalties\u2026this is anyway not big deal\u2026I did not harm to anyone.\u201d<\/p>\n
Another important technique used by hackers to manage their nerves is experiencing the thrill. Thrill corresponds to a social entertainment method used by hackers to satisfy their inner psychological needs (Turgeman-Goldschmidt 2005). Thrill is a positive, powerful emotion that they thus use to cover up the natural fear that should be resulting from the huge risks they are taking. For example, NotoriusX commented:<\/p>\n
\u201cI was just in it for the thrill\u201d and Ley2x added \u201cTo be honest, there is a thrill in knowing that what I do would be illegal except for a legal document that says I\u2019m allowed to do it without getting in trouble.\u201d<\/p>\n
Hiding behind the thrill, provides an opportunity for hackers to go after novelty and intense sensations, as a result of achiev- ing their goal (e.g., breaking into a system). This pursuit of new experience for its own sake, despite the risks, shows how nerves can be more effectively managed.<\/p>\n
Lens widening refers to a technique, in which offenders believe that their acts are not that dangerous (Jacobs and Cherbonneau 2017). This allows them to believe that there is really no reason to be nervous. It is a \u201cbigger picture\u201d view, in<\/p>\n
which offenders compare their acts against other illegal activ- ities and by doing so, they attribute a lower score to the seri- ousness of their acts. For example, NbG explained:<\/p>\n
\u201cwhat I do is nothing; there are people that get killed daily and all I do is just sneaking around a bit and looking what is behind the curtain; the risk of getting caught is minimal\u2026I will not go to jail for that.\u201d<\/p>\n
A similar behavior can also be found in neutralization theory via the \u2018denial of injury technique,\u2019 in which an offender in- sists that his\/her actions did not cause any meaningful harm or damage (Sykes and Matza 1957).<\/p>\n
Another hacker added that most of the time hacking acts do not get reported. This is because companies are afraid of the impact that the hacking may have on their image. This sup- ports the lens widening view of the majority of the inter- viewees, who highlighted that their acts are rarely reported. When they are reported or when an investigation takes place, they seem to be \u201cprotected\u201d by the gravity of their acts, which in their view, is not that high. Consequently, they should not be punished or risk some more serious consequences. This is because there are so many more serious crimes, compared to their hacking activities. They serve a good cause, as explained by JustiX:<\/p>\n
\u201call I do is to help companies\u2026when I find a bug I to send them an email informing them about my findings\u2026 of course, I learn a lot from their security issues\u2026and I will not get caught \u2013 why should I? I just helped them by informing them about the security vulnerability I discovered.\u201d<\/p>\n
4 Discussion<\/p>\n
Our study used grounded theory building approach, supported by the theoretical lens we applied from general strain theory (Agnew 1992) and RAT (Cohen and Felson 1979), to better understand the theoretical importance of nerve management by black hat hackers. In particular, we sought to understand, through theory building process, how black hat hackers man- age their nerves and which techniques they use in their decision-making process before and after committing a crime.<\/p>\n
Drawing from a sample of 16 hackers, we investigated how hackers manage their nerves during illegal hacking activities. According to Jacobs and Cherbonneau (2017), nerves and nervousness are recognized but relatively understudied parts of the offender decision-making process. In that context, \u201cnerve management is, therefore, best considered to be an intervening exercise in the threat perception process, that moderates the fear-offending relationship through its effect on nervousness\u201d (Jacobs and Cherbonneau 2017, p. 14).<\/p>\n
Inf Syst Front<\/p>\n
Through our grounded theory study, we identified five broader techniques that hackers use to better manage their nerves, including: shunting, minimization, Plan B, thrill and lens wid- ening techniques.<\/p>\n
As can be seen from the five techniques described earlier, these hackers are essentially trying to trick themselves to bet- ter manage their nerves by implementing different strategies that should help them better cope with the threat. All of the identified techniques have a common purpose, which is to minimize the fear of sanctions, in such a way that offenders feel better and minimize the threat-perception process.<\/p>\n
From a theoretical perspective, our research offers several new insights. First, we addressed the calls to further investi- gate black hat research (Mahmood et al. 2010) to better un- mask the mystery of the hacker world (Crossler et al. 2013), by gaining access to real known hackers as the subjects of our study. This addresses one of the primary challenges in the hacking research. By doing so, we contribute to expanding the existing theoretical basis of general strain theory (Agnew 1992) and RAT (Cohen and Felson 1979), by highlighting theoretical justifications that each of these theories offer to better understand hacking in a nerve management context. In particular, the stressors that hackers experience are impor- tant factors that drive their emotional states. Also, the \u201cvirtual proximity\u201d together with absence of capable guardians pro- vide explanations of why hacking is unique as a criminal activity and highlights the importance of these two dimen- sions for research and prevention. We further propose newly uncovered techniques that contribute to the frustration or an- ger phenomenon, which is occurring in the hacker\u2019s mindset. All five techniques (i.e., shunting, minimization, Plan B, thrill, and lens widening) contribute at different levels, to better manage nerves when experiencing strains or stressors. These techniques are well-positioned within past research that has called to further understand the psychological predispositions behind criminal acts (Schell and Holt 2009), and in particular, the emotional states of hacker\u2019s minds. In such a context, our findings bring new theoretical insights on top of the already established criminological theories. This adds new dimension to the existing cybercrime knowledge which was in need of better understanding of hacker\u2019s motivations and the applica- bility of traditional theories of crime to virtual offenses (Holt and Bossler 2014).<\/p>\n
Because negative emotions influence the way nerves are managed, emotions are better controlled in the presence of shunting or minimization techniques. This is because of- fenders will try to escape reality and try to minimize or shed their negative thoughts and emotions. Parallel to that process, as suggested by RAT, crime is the result of an opportunity, in which the motivated offender will create Plan B and will use his\/her thrill and lens widening techniques to control the fear. As a result, they will be better able to manage their nerves. That is, hackers are weighing costs and benefits and use the<\/p>\n
suitable technique to reduce and minimize the negative out- comes in their minds. However, the hackers are deluding themselves somewhat as in reality they are operating with \u2018bounded rationality\u2019 influenced by emotions, and do not fully rationally calculate costs and benefits. This process results in unconscious decisions that downplay the risks and increase benefits, such as: \u201cthere is no big risk in getting caught\u201d; \u201cPlan B exists and will save me if I get into trouble\u201d; or, \u201cThis is a small act that I\u2019m doing\u2026it\u2019s no big deal in reality.\u201d This sheds light on the inner motivational states that hackers are going through, when trying to manage their nerves more effectively.<\/p>\n
Our research thus offers valuable new insights on the psy- chological reasoning in the hacker\u2019s decision-making process, during their crime life cycle. By using different techniques, hackers are indirectly trying to convince themselves that their acts, which are digital crimes, are not as important as other physical crimes (e.g., robbery). Therefore, they delude them- selves into thinking that the inherent risks cannot be the same and should not be seen in the same way. This is an important insight, since it suggests that the seriousness of their acts is not clearly understood, communicated, or explained. Notably, we contribute to having a clearer understanding of a hacker\u2019s cognitive profile, which should contribute to a better under- standing of hacker\u2019s criminal actions and behaviors. Although, this may not be the perfect representation of the black hat hacker as even within the same hacking group there are notable differences in their skills and abilities to conduct hacking (Holt and Bossler 2014; Holt et al. 2012) our study provides some initial insights into psychological structure of hacker\u2019s motivational states.<\/p>\n
Notably, some of the interviewees eventually recognized the gravity of their acts, but only after having negative expe- riences with the police. We thus argue that policy makers (e.g., government officials, legal and justice system policy makers) should learn from this when building and defining criminal laws in respect to hacking. Part of the issue here is that author- ities need to change the calculus that hackers apply to their nerve management, such that they see greater risk and fear, and thus are less likely to have the nerve to go through with the act. Here, broadly warning and communicating potential hackers of specific and severe consequences for specific types of hacking, versus vague consequences would be a step for- ward. Crucially, this communication needs to be reframed from the typical obscure legalese of lawyers to the actual lan- guage used by hackers.<\/p>\n
For these reasons, they should try to better communicate not only the risks for hackers, but also the harm of the hackers\u2019 acts for their victims \u2014not only for companies but also for people\u2019s lives whose data is exploited (such as their privacy and identity theft). Moreover, they should communicate the monitoring and policing efforts they are doing, especially on the dark Web, to increase a sense of \u2018guardianship\u2019 to decrease<\/p>\n
Inf Syst Front<\/p>\n
the hacker\u2019s belief they are anonymous and cannot get caught, or that if they do get caught it will actually be a \u2018big deal.\u2019 Better communication and sensibility toward the hacking community should thus create positive effects in mitigating hacker\u2019s criminal objectives and goals. Education can be lev- eraged in which ex- black hat hackers could be used to spread the message and teach new and existing hackers on the pos- sible consequences of their crimes. Highlighting the fact that there are small or large acts, could be one opportunity to be explored by the policy makers. It would strengthen the mes- sage that no matter how small the financial impact can be, the hacking crime can have similar consequences in terms of the sanctions and punishment, as the other types of crimes. Also, policy makers need to understand this activity as more than mere \u201chacking\u201d but under- stand it can involve identity theft, stolen currency, dis- abling mission-critical systems that not only can lead to devasting economic consequences but can threaten human life (e.g., traffic control systems, industrial control systems, utility systems, military systems.<\/p>\n
Furthermore, it is important to explain to hackers that their Plan B is not what they think of. In reality, Plan B is usually going to prison or paying high fines. Interestingly, this area of justice system was highlighted by Holt and Bossler (2014) as being one of the important areas that should provide more insights on how the courts and correctional system should react when confronted to cybercrime situations. In particular, Plan B, in this context, should be correctly positioned within the correctional system to account for the recent evolution and past experiences of offending through technological means. Further understanding of this relationship of two opposite sides, offender vs jus- tice system, we could further \u201cunderstand how the larger crim- inal justice system is responding to cybercrimes at all levels\u201d (Holt and Bossler 2014, p. 34).<\/p>\n
Moreover, this improved communication can come from those who actively manage and protect servers. The calculus is clearly different in considering hacking a Pentagon comput- er versus the Web site of a small-town newspaper. Here, per- ceptions of the strength of the US government may be just as important as the actual strength of the guardianship and tech- nologies involved protecting the computers. Thus, one ap- proach for lesser-known entities would be to leverage the rep- utation and explicitly communicate the guardianship of a better-known entity (e.g., IBM, Oracle).<\/p>\n
Future research could further extend our initial findings on the importance of hackers managing their nerves and fear in such a way that future studies could, for example, study the passage from black hat (illegal) crimes to white hat (ethical hacking) activities. This could provide some new insights on how the hacker\u2019s inner psychological motivations are driven and what motivates them to become good one day. Our re- search is also limited by the fact that we could not verify with<\/p>\n
100% certainty that the hackers we interviewed are who they pretend to be; however, we did conduct ethnographic obser- vations to verify the participants\u2019 hacker identity and their behaviors as \u2018black hat.\u2019 Unfortunately, we could not collect any detailed demographics about the interviewees, due to the nature of their activities. This is a substantial challenge when studying any serious criminal behavior. Another challenge relates to the actual definition of the black hat hacker. Although provide a definition in this paper, in reality, the definition of who exactly is and is not a black hat hacker is a challenging topic that is not easy to address. Finally, as motivations of black hat hackers can be different ones ranging from state-sponsored attacks to hacktivism, the way their nerve is managed can also be impacted dif- ferentially. For example, if a black-hat hacker is sup- ported by a State and a large group of professional hackers, their nerve management calculus is going to be quite different than for a lone black-hat hacker. Thus, future re- search should look at nerve management for these different kinds of motivations.<\/p>\n
Overall, in this research, we have investigated the theoret- ical importance of nerve management in the unique hacking decision-making offender context. We contribute to the cur- rent state of cybercrime scholarship by providing new theo- retical insights into the complex psychological and motiva- tional reasoning behind hacking illegal activities. In particular, we identified five cognitive and presentational tactics that black hat hackers use to shape their nerve management. This has important implications on how the perception of threat is managed and provides important insights on why hacking, as one type of the crime, is differently approached and management from emotional and fear perspectives when compared to more traditional crime contexts (e.g., street crime). These insights provide valuable insights to different stakeholders (e.g., legal and justice sys- tem) which should benefit from our findings as it suggests how fear, and consequently nerve, is managed in the unique hacking context.<\/p>\n
5 Conclusion<\/p>\n
Our study investigated how black hat hackers manage their nerves when conducting crime activities. We iden- tified five techniques they use: shunting, minimization, Plan B, thrill, and lens widening techniques. Each of these techniques helps hackers to better manage their nerves and consequently, learn how live with their fear. During their psychological decision-making processes, hackers turn to these five techniques to create a new mindset. It allows them to hide with the objective of minimiz- ing and mitigating the inherent risks they incur during their criminal activities.<\/p>\n
Inf Syst Front<\/p>\n
Appendix 1: Interview Guideline<\/p>\n
Introduction<\/p>\n
The interview will not take more than 1 h. I will be recording the session because I don\u2019t want to miss any of your comments. All comments and responses will be kept strictly confidential which means that your responses will be shared only with research team members and will ensure that any information from the report does not identify you as the respondent. Do you have any questions at this stage?<\/p>\n
Introductory questions<\/p>\n
1. Can you tell us your name (hacker nickname), gender and age?<\/p>\n
2. Can you briefly describe who you are and when you started to hack?<\/p>\n
3. Can you confirm which type of hacker you are and what does that mean to you?<\/p>\n
About Hacking<\/p>\n
4. Can you provide more information your hacking debuts and how did you learn?<\/p>\n
5. What motivates you to hack? What attracted you to black hat hacking?<\/p>\n
6. Is what you do illegal? 7. What is the scope of your hacking activities? On which<\/p>\n
online sites (e.g., forums) you are active?<\/p>\n
Hacking vs Fear<\/p>\n
8. What is your perception regarding risks behind hacking activities? Please explain.<\/p>\n
9. How do you see the criminal side related to your activi- ties? Please explain.<\/p>\n
10. Do you worry about being apprehended? Please explain. 11. Do you have any backup plans? Please explain. 12. Do you have any bad feelings when hacking? Please<\/p>\n
explain. 13. How do you manage your fear? Please explain.<\/p>\n
Outlook \/ Interview Closing<\/p>\n
14. What are the challenges in doing the hacking job? Please explain.<\/p>\n
15. How do you see your future in hacking? Please explain.<\/p>\n
Interview closing<\/p>\n
a) Would you like to add anything else? b) If not, I will analyze all information provided together<\/p>\n
with other interviews in the following weeks and would be happy to send you a copy to review if you are interest- ed. Thank you very much for your time!<\/p>\n
General probes used during the Interview<\/p>\n
& Would you give me an example? & Can you elaborate on that idea? & Would you explain that further? & I\u2019m not sure I understand what you\u2019re saying. & Is there anything else?<\/p>\n
References<\/p>\n
Agnew, R. (1992). Foundation for a general strain theory of crime and delinquency. Criminology, 30(1), 47\u201388.<\/p>\n
Agnew, R. (1999). A general strain theory of community differences in crime rates. Journal of Research in Crime and Deliquency, 36(2), 123\u2013155.<\/p>\n
Anderson, E. (2000). Code of the street: Decency, violence, and the moral life of the inner city. New York, NY: WW Norton & Company.<\/p>\n
Bandura, A., & Walters, R. H. (1977). Social learning theory. New York, NY: General Learning Press.<\/p>\n
Baron, S. W. (2004). General strain, street youth and crime: A test of Agnew’s revised theory. Criminology, 42(2), 457\u2013484.<\/p>\n
Barriga, A. Q., & Gibbs, J. C. (1996). Measuring cognitive distortion in antisocial youth: Development and preliminary validation of the \u201chow I think\u201d questionnaire. Aggressive Behavior, 22(5), 333\u2013343.<\/p>\n
Beccaria, C. (2009). On crimes and punishments and other writings. Toronto Buffalo, London: University of Toronto Press.<\/p>\n
Benjamin, V., Li, W., Holt, T., & Chen, H. (2015). Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. Paper presented at the 2015 IEEE international conference on intel- ligence and security informatics (ISI), Baltimore, MD, USA.<\/p>\n
Benjamin, V., Zhang, B., Nunamaker, J. F., Jr., & Chen, H. (2016). Examining hacker participation length in cybercriminal internet- relay-chat communities. Journal of Management Information Systems, 33(2), 482\u2013510.<\/p>\n
Benjamin, V., Valacich, J., & Chen, H. (2019). DICE-e: A framework for conducting darknet identification, collection, evaluation with ethics. MIS Quarterly, 43(1), 1\u201322.<\/p>\n
Blackburn, R. (1993). The psychology of criminal conduct: Theory, re- search and practice. Oxford, England: John Wiley & Sons.<\/p>\n
Chandler, A. (1996). The changing definition and image of hackers in popular discourse. International Journal of the Sociology of Law, 24(2), 229\u2013251.<\/p>\n
Charmaz, K. (1990). \u2018Discovering\u2019chronic illness: Using grounded theo- ry. Social Science & Medicine, 30(11), 1161\u20131172.<\/p>\n
Cherbonneau, M., & Copes, H. (2006). \u2018Drive it like you stole it\u2019: Auto theft and the illusion of normalcy. British Journal of Criminology, 46(2), 193\u2013211.<\/p>\n
Inf Syst Front<\/p>\n
Cisco. (2018). 2018 Annual Cybersecurity Report. Retrieved from https:\/\/ www.cisco.com\/c\/en\/us\/products\/security\/security-reports.html. Accessed 13 Jan 2018<\/p>\n
Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44(4), 588\u2013608.<\/p>\n
Corbin, J., & Strauss, A. (2008). Basics of qualitative research: Techniques and procedures for developing grounded theory. In London: Thousand oaks. CA: Sage.<\/p>\n
Cornish, D. B., Clarke, R. V., & Wortley, R. (2008). The rational choice perspective (Vol. 21). Cullompton, UK: Willan Publishing.<\/p>\n
Crooks, D. L. (2001). The importance of symbolic interaction in ground- ed theory research on women’s health. Health Care for Women International, 22(1\u20132), 11\u201327.<\/p>\n
Cross, T. (2006). Academic freedom and the hacker ethic. Communications of the ACM, 49(6), 37\u201340.<\/p>\n
Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers & Security, 32, 90\u2013101.<\/p>\n
Cusson, M. (1993). Situational deterrence: Fear during the criminal event. Crime Prevention Studies, 1, 55\u201368.<\/p>\n
D\u2019Arcy, J., & Lowry, P. B. (2019). Cognitive-affective drivers of em- ployees\u2019 daily compliance with information security policies: A multilevel, longitudinal study. Information Systems Journal, 29(1), 43\u201369.<\/p>\n
Davis, R. W., & Hutchison, S. C. (1997). Computer crime in Canada: An introduction to technological crime and related legal issues. Canada: Carswell Legal Publications.<\/p>\n
Deci, E. L., & Ryan, R. M. (2010). Self determination theory Corsini Encyclopedia of Psychology. Online: Wiley Online Library.<\/p>\n
EY. (2018). 21st EY Global Information Security Survey. Retrieved from https:\/\/www.ey.com\/Publication\/vwLUAssets\/ey-global- information-security-survey-2018-19\/$FILE\/ey-global- information-security-survey-2018-19.pdf<\/p>\n
Ferraro, K. F., & Grange, R. L. (1987). The measurement of fear of crime. Sociological Inquiry, 57(1), 70\u201397.<\/p>\n
Gibbs, J. P. (1975). Crime, punishment, and deterrence. New York, NY: Elsevier New York.<\/p>\n
Gottfredson, M. R., & Hirschi, T. (1990). A General Theory of Crime: Stanford University press.<\/p>\n
Groff, E. R. (2008). Adding the temporal and spatial aspects of routine activities: A further test of routine activity theory. Security Journal, 21(1\u20132), 95\u2013116.<\/p>\n
Hochstetler, A. (2001). Opportunities and decisions: Interactional dynam- ics in robbery and burglary groups. Criminology, 39(3), 737\u2013764.<\/p>\n
Hochstetler, A. (2002). Sprees and runs: Opportunity construction and criminal episodes. Deviant Behavior, 23(1), 45\u201373.<\/p>\n
Holt, T. J. (2009). The attack dynamics of political and religiously moti- vated hackers. NewYork: Paper presented at the Cyber Infrastructure Protection.<\/p>\n
Holt, T. J., & Bossler, A. M. (2014). An assessment of the current state of cybercrime scholarship. Deviant Behavior, 35(1), 20\u201340.<\/p>\n
Holt, T. J., Strumsky, D., Smirnova, O., & Kilger, M. (2012). Examining the social networks of malware writers and hackers. International Journal of Cyber Criminology, 6(1), 891\u2013903.<\/p>\n
Hu, Q., Zhang, C., & Xu, Z. (2011). How can you tell a hacker from a geek? Ask whether he spends more time on computer games than sports. Blacksburg, Virginia: Paper presented at the DeWald Information Security Research Workshop.<\/p>\n
Jacobs, B. A., & Cherbonneau, M. (2017). Nerve management and crime accomplishment. Journal of Research in Crime and Delinquency, 54(5), 617\u2013638.<\/p>\n
Kallman, E. A., & Grillo, J. P. (1998). Ethical decision making and information technology: An introduction with cases. Collingdale: DIANE Publishing Company.<\/p>\n
Katz, J. (1988). Seductions of crime: Moral and sensual attractions in doing evil. New York, NY: Basic Books.<\/p>\n
Kshetri, N. (2006). The simple economics of cybercrimes. IEEE Security and Privacy, 4(1), 33\u201339.<\/p>\n
Leeson, P. T., & Coyne, C. J. (2005). The economics of computer hacking. JL Econ. & Pol’y, 1, 511.<\/p>\n
Levy, S. (2001). Hackers: Heroes of the computer revolution (Vol. 4). New York, NY: Penguin Books New York.<\/p>\n
Lichstein, H. (1963). Telephone Hackers Active. The Tech, 43(20), 20. Lowry, P. B., Zhang, J., Wang, C., & Siponen, M. (2016). Why do adults<\/p>\n
engage in cyberbullying on social media? An integration of online disinhibition and deindividuation effects with the social structure and social learning (SSSL) model. Information Systems Research, 27(4), 962\u2013986.<\/p>\n
Lowry, P. B., Dinev, T., & Willison, R. (2017). Why security and privacy research lies at the Centre of the information systems (IS) artefact: Proposing a bold research agenda. European Journal of Information Systems, 26(6), 546\u2013563.<\/p>\n
Mahmood, M. A., Siponen, M., Straub, D., Rao, H. R., & Raghu, T. (2010). Moving toward black hat research in information systems security: An editorial introduction to the special issue. MIS Quarterly, 34(3), 431\u2013433.<\/p>\n
Parks, R., Xu, H., Chu, C.-H., & Lowry, P. B. (2017). Examining the intended and unintended consequences of organisational privacy safeguards enactment in healthcare. European Journal of Information Systems, 26(1), 37\u201365.<\/p>\n
Patchin, J. W., & Hinduja, S. (2011). Traditional and nontraditional bul- lying among youth: A test of general strain theory. Youth & Society, 43(2), 727\u2013751.<\/p>\n
Phukan, S. (2002). IT ethics in the internet age: New dimensions. Paper presented at the proceedings of informing. Cork, Ireland: Science & IT Education Conference.<\/p>\n
Probasco, J. R., & Davis, W. L. (1995). A human capital perspective on criminal careers. Journal of Applied Business Research, 11(3), 58.<\/p>\n
Reyns, B. W. (2013). Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact of- fenses. Journal of Research in Crime and Delinquency, 50(2), 216\u2013 238.<\/p>\n
Rogers, M. K. (2006). A two-dimensional circumplex approach to the development of a hacker taxonomy. Digital Investigation, 3(2), 97\u2013 102.<\/p>\n
Schell, B. H., & Dodge, J. L. (2002). The hacking of America: Who’s doing it, why, and how. Westport, CT, USA: Greenwood Publishing Group Inc..<\/p>\n
Schell, B. H., & Holt, T. J. (2009). A profile of the demographics, psy- chological predispositions, and social\/behavioral patterns of com- puter hacker insiders and outsiders Online consumer protection: Theories of human relativism (pp. 190\u2013213). Online: IGI Global.<\/p>\n
Shin, J., & Milkman, K. L. (2016). How backup plans can harm goal pursuit: The unexpected downside of being prepared for failure. Organizational Behavior and Human Decision Processes, 135, 1\u20139.<\/p>\n
Skinner, B. F. (1972). Beyond freedom and dignity. New York: Bantam Books.<\/p>\n
Smith, A. D., & Rupp, W. T. (2002). Issues in cybersecurity; understand- ing the potential risks associated with hackers\/crackers. Information Management & Computer Security, 10(4), 178\u2013183.<\/p>\n
Strauss, A., & Corbin, J. (1994). Grounded theory methodology. Handbook of Qualitative Research, 17, 273\u2013285.<\/p>\n
Sykes, G. M., & Matza, D. (1957). Techniques of neutralization: A theory of delinquency. American Sociological Review, 22(6), 664\u2013670.<\/p>\n
Teske, N. (1997). Beyond altruism: Identity-construction as moral motive in political explanation. Political Psychology, 18(1), 71\u201391.<\/p>\n
The-Honeynet-Project. (2004). Know your enemy: Learning about secu- rity threats. Boston, Massachusetts: Addison-Wesley Professional.<\/p>\n
Inf Syst Front<\/p>\n
https:\/\/www.cisco.com\/c\/en\/us\/products\/security\/security-reports.html
\nhttps:\/\/www.cisco.com\/c\/en\/us\/products\/security\/security-reports.html
\nhttps:\/\/www.ey.com\/Publication\/vwLUAssets\/ey-global-information-security-survey-2018-19\/FILE\/ey-global-information-security-survey-2018-19.pdf
\nhttps:\/\/www.ey.com\/Publication\/vwLUAssets\/ey-global-information-security-survey-2018-19\/FILE\/ey-global-information-security-survey-2018-19.pdf
\nhttps:\/\/www.ey.com\/Publication\/vwLUAssets\/ey-global-information-security-survey-2018-19\/FILE\/ey-global-information-security-survey-2018-19.pdf
\nTopalli, V., & Wright, R. (2013). Affect and the dynamic foreground of predatory street crime Affect and cognition in criminal decision making (Vol. 42). New York, NY.<\/p>\n
Turgeman-Goldschmidt, O. (2005). Hackers’ accounts: Hacking as a so- cial entertainment. Social Science Computer Review, 23(1), 8\u201323.<\/p>\n
Turgeman-Goldschmidt, O. (2008). Meanings that hackers assign to their being a hacker. International Journal of Cyber Criminology, 2(2), 382.<\/p>\n
Urquhart, C., Lehmann, H., & Myers, M. D. (2010). Putting the \u2018theory\u2019back into grounded theory: Guidelines for grounded theory studies in information systems. Information Systems Journal, 20(4), 357\u2013381.<\/p>\n
Vaughan-Nichols, S. J. (2018). Your website is under constant attack. Retrieved from https:\/\/www.zdnet.com\/article\/your-website-is- under-constant-attack\/. Accessed 13 Jan 2019<\/p>\n
Wall, J. D., Lowry, P. B., & Barlow, J. (2016). Organizational violations of externally governed privacy and security rules: Explaining and predicting selective violations under conditions of strain and excess. Journal of the Association for Information Systems, 17(1), 39\u201376.<\/p>\n
Warr, M. (2000). Fear of crime in the United States: Avenues for research and policy. Criminal Justice, 4(4), 451\u2013489.<\/p>\n
Wikstr\u00f6m, P.-O. H. (2004). Crime as alternative: Towards a cross-level situational action theory of crime causation. Beyond Empiricism: Institutions and Intentions in the Study of Crime, 13, 1\u201337.<\/p>\n
Wikstr\u00f6m, P.-O. H. (2006). Individuals, settings, and acts of crime: Situational mechanisms and the explanation of crime. New York: Cambridge University Press.<\/p>\n
Willison, R., & Lowry, P. B. (2018). Disentangling the motivations for organizational insider computer abuse through the rational choice and life course perspectives. The DATA BASE for Advances in Information Systems, 49(April), 81\u2013102.<\/p>\n
Willison, R., Lowry, P. B., & Paternoster, R. (2018). A tale of two deter- rents: Considering the role of absolute and restrictive deterrence in inspiring new directions in behavioral and organizational security. Journal of the Association for Information Systems, 19(12), 1187\u2013 1216.<\/p>\n
Wilson, J. Q. (2003). Broken windows: The police and neighborhood safety James Q. Wilson and George L. Kelling Criminological Perspectives: Essential Readings (Vol. 400, pp. 29038). London: SAGE.<\/p>\n
Yar, M. (2005). Computer hacking: Just another case of juvenile delin- quency? The Howard Journal of Crime and Justice, 44(4), 387\u2013399.<\/p>\n
Young, R., Zhang, L., & Prybutok, V. R. (2007). Hacking into the minds of hackers. Information Systems Management, 24(4), 281\u2013287.<\/p>\n
Publisher\u2019s Note Springer Nature remains neutral with regard to juris- dictional claims in published maps and institutional affiliations.<\/p>\n
Mario Silic is a post-doctoral researcher at the Institute of Information Management, University of St. Gallen, Switzerland. He holds a Ph.D. from University of St Gallen, Switzerland. His research motivation fo- cuses on the fields of information security, open source software, human- computer interaction and mobile. He has published research in Journal of Management Information Systems, Security Journal, Information & Management, Computers & Security, Computers in Human Behavior, and others.<\/p>\n
Paul Benjamin Lowry is the Suzanne Parker Thornhill Chair Professor and Eminent Scholar in Business Information Technology at the Pamplin College of Business at Virginia Tech. He is a former tenured Full Professor at both City University of Hong Kong and The University of Hong Kong. He received his Ph.D. in Management Information Systems from the University of Arizona and an MBA from the Marriott School of Management. He has published 220+ publications, including 120+ jour- nal articles in MIS Quarterly, Information Systems Research, J. of MIS, J. of the AIS, Information System J., European J. of Information Systems, J. of Strategic IS, J. of IT, Decision Sciences J., Information & Management, Decision Support Systems, and others. He is a department editor at Decision Sciences J. He also is an SE at J. of MIS, J. of the AIS, and Information System J., and an AE at the European J. of Information Systems. He has also served multiple times as track co-chair at ICIS, ECIS, and PACIS. His research interests include (1) organizational and behavioral security and privacy; (2) online deviance, online harassment, and computer ethics; (3) HCI, social media, and gamification; and (4) business analytics, decision sciences, innovation, and supply chains.<\/p>\n
Inf Syst Front<\/p>\n
https:\/\/www.zdnet.com\/article\/your-website-is-under-constant-attack\/
\nhttps:\/\/www.zdnet.com\/article\/your-website-is-under-constant-attack\/
\nReproduced with permission of copyright owner. Further reproduction prohibited without permission.<\/p>\n
Breaking Bad in Cyberspace: Understanding why and how Black Hat Hackers Manage their Nerves to Commit their Virtual Crimes
\nAbstract
\nIntroduction
\nTheoretical Background
\nDevelopment of Crime
\nNerve Management
\nMethod
\nHow Are Hackers\u2019 Nerves Managed?
\nFrom Cognitive Distortion to Broken Windows: Shunting and Minimization Techniques
\nPlan B, Thrill and Lens Widening Techniques
\nDiscussion
\nConclusion
\nAppendix 1: Interview Guideline
\nIntroduction
\nIntroductory questions
\nAbout Hacking
\nHacking vs Fear
\nOutlook \/ Interview Closing
\nInterview closing
\nGeneral probes used during the Interview
\nReferences<\/p>\n","protected":false},"excerpt":{"rendered":"
Breaking Bad in Cyberspace: Understanding why and how Black Hat Hackers Manage their Nerves to Commit their Virtual Crimes Mario Silic1 & Paul Benjamin Lowry2 # Springer Science+Business Media, LLC, part of Springer Nature 2019 Abstract What is happening in hacker\u2019s minds when they are committing criminal activities? How black hat hackers manage nerves, which […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3346,3350,3347,3348,3353,3349,3352],"tags":[3368,3367,3374,3373,3361,3360,3357,3358,3370,3365,2169,3372,3356,3364,3355,3371,3363,3362,3369,3354,3366,3359],"class_list":["post-7202","post","type-post","status-publish","format-standard","hentry","category-ae","category-au","category-ca","category-cn","category-sg","category-uk","category-us","tag-best-dissertation-writing-service","tag-best-dissertation-writing-service-uk","tag-best-dissertation-writing-services-uk","tag-best-rated-essay-writing-service","tag-business-dissertation-help","tag-buy-dissertation-help","tag-custom-dissertation-writing-help","tag-dissertation-help-specialist","tag-dissertation-proofreading-services","tag-dissertation-title-generator","tag-dissertation-writing-service","tag-dissertation-writing-services-in-usa","tag-help-with-dissertation-writing-london","tag-help-with-my-dissertation","tag-my-dissertation-writing-help","tag-nursing-study-bay","tag-online-healthcare-assignment-help","tag-online-nursing-papers","tag-tips-on-writing-a-dissertation","tag-uk-best-nursing-assignment-writing-service-for-students","tag-uk-dissertation-writing-help-online","tag-writing-dissertation-proposal"],"_links":{"self":[{"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/posts\/7202","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/comments?post=7202"}],"version-history":[{"count":0,"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/posts\/7202\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/media?parent=7202"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/categories?post=7202"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.colapapers.com\/us\/wp-json\/wp\/v2\/tags?post=7202"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}