Subscribe

Ashley Madison hacked: A case of digital Robin Hood? (+video)

The affair-enabling dating site Ashley Madison was hacked, putting the information of its cheating clients at risk. But can the hackers claim the moral high ground?

In the world of hacking, there are good guys and there are bad guys. They both steal information, but the good guys – the “white hats” – will do it to help pinpoint sites’ vulnerabilities so companies can reinforce weak spots. The bad guys – “black hats” – take information to use for their own personal gain.

Is the Ashley Madison hack a case of moral vigilantism – a sort of white hat hack – or something else?

Experts say the ethical ambiguities around this hack place it in a different realm.

Ashley Madison, the paid, online service that connects people looking to cheat on their spouses, was hacked, and the thieves stole the names and other information about its 37 million users, KrebsonSecurity reported. 

The hackers, who identified themselves as The Impact Team, criticized the site’s owner Avid Life Media (ALM) for continuing to store user data after an account is deleted, and called the users themselves “cheating dirtbags.” The Impact Team published stolen information from users’ accounts and about the site’s server and finances, threatening to release more data, “including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails,” if ALM did not permanently shut down Ashley Madison and another dating site it owns, Established Men.

ALM chief executive Noel Biderman told KrebsonSecurity late Sunday night that the company was working to take down the information. Regardless of opinions on the morality of the site, he said, the information was still protected under property law.

“We’re not denying this happened,” Mr. Biderman said. “Like us or not, this is still a criminal act.”

Stressing the illegality of the hack, Paul Williams, chief technology officer of security consulting company White Badger Group, says neither hacker hat metaphor is wholly appropriate for committing an "ugly" act for a good reason.

“This one is more like ‘hacktivism’ to me,” Mr. Williams says. “It is definitely black hat, but it’s like Robin Hood robbing from the rich to give to the poor. In this case, these guys are doing a very ugly hack that’s blatantly against the law, but in the name of doing something good. So it’s kind of like a crossover of hacktivism and, of course, black hat.”

D.E. Wittkower, assistant professor of philosophy at Old Dominion University whose research involves the legal invocation of property rights to protect privacy, adds that since The Impact Team’s motivation is about morality – not aiding the company in boosting security or promoting criminal activity – even the more ambiguous “gray hat” label does not fit quite right.

Instead, he says he favors ALM’s claim that the hack is an act of “cyber-terrorism.” The term, he says, “in some sense, seems way overblown, but as a factual description I think might be pretty accurate, because what they’re trying to do is to utilize fear in order to bring about a change in company policy.”

“In this case, they want to stop the offering of these products,” Mr. Wittkower says. “It’s not a war against the company. They actually specifically identified a variety of properties and said, ‘these two should be shut down; the rest can stay up.’ So there’s a very specific political aim that seemed to be based in a moral judgment about those properties. They didn’t have an issue about the gay dating site. It was the adultery site.”

ALM said in a statement Monday morning an investigation had been launched into the breach, but Williams says it is unlikely the “brains” will be caught or punished since “the Internet doesn’t really support investigation too well.”

Ashley Madison called itself in an email last year “the last truly secure space on the Internet,” but apparently has been aware of the catastrophic implications of a security breach. KrebsonSecurity reported that ALM chief technology officer Trevor Stokes, asked what he would “hate” to see go wrong, said in one of the leaked documents, “I would hate to see our systems hacked and/or the leak of personal information.”

The Wall Street Journal presaged the hack in May, after the dating site AdultFriendFinder suffered a similar breach. In a report called “Risky Business for AshleyMadison.com,” potential ALM investors were urged to take the AdultFriendFinder hack as a warning of the risks associated with a security violation.

About these ads
Sponsored Content by LockerDome
 
 
Make a Difference
Inspired? Here are some ways to make a difference on this issue.
FREE Newsletters
Get the Monitor stories you care about delivered to your inbox.
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK