Contact | Support | Login | Content Library Search
Home > About RSA > News & Events

Press Releases

Monday, May 24, 2004
What makes a "hacker"? Ideology, motivation and psychology examined in new report
Danube-University Krems and RSA Security assess Identity Theft from the inside the hacker’s mind – and strategies for defence

MAINZ, Germany— A white paper commissioned by RSA Security Inc. (NASDAQ: RSAS) and compiled by the Centre for Practical Computer Science at Danube-University Krems was published today, investigating the ideological motivations behind Identity Theft.

The report looks into the background and psychological make-up of the hacker community and the practical methods that are employed. In addition, the paper contains advice for end-users and businesses on the best possible protection. The authors – Christian Fötiger and Wolfgang Ziegler – are both participants in the University’s “Information Security Management” Master of Science course.

Not all hackers are criminals
A significant conclusion of the work questions our everyday terminology on the subject. The word “hacker” is commonly used to describe an instigator of a criminal computing offence, and as such is universally pejorative. However the report differentiates those who engage in criminal activities including identity theft or the spread of Trojans from traditional hackers who are committed to the open source scene and who develop and share code with the purpose of improving the IT infrastructure.

Criminal hackers – or “crackers” – deviate from the classical self-perception of the hacker community, and hackers regard their activities with contempt. However, the definition has become blurred due to the fact that traditional hackers – in seeking to point out leaks in security – do not always use legal methods, even if their intentions are not inherently criminal.

Why Identity Theft is on the rise
In recent years identity theft has increased rapidly, with passwords the primary target. The report suggests that there are a number of motivations for this activity, but that financial gain and experimentation top the bill. Many victims do not realise that their personal data has been stolen for some time, thereby increasing the harm that is done and the amount of time it will take to repair the damage once it is discovered; others never realise that their identity has been compromised. The report recommends a series of security arrangements for individuals, businesses and industry, with an emphasis on consumer education, compliance and cross-industry identity management solutions.

“Danube-University has written an excellent paper on such a hot topic,” says Tim Pickard, Strategic Marketing Director EMEA at RSA Security. “This report demonstrates the urgent need for enterprises and industry to take action in order to break this cycle. We all have a responsibility in terms of education and risk awareness, and by concentrating our energies we can help to ensure that society is protected more effectively.”

“We are pleased that in RSA Security we have found a partner that judges the reality of this topic correctly,” says Dr. Gert Adamek, Director of the Centre for Practical Computer Science at Danube-University Krems. “In my opinion the White Paper gives a competent and interesting insight into how hackers really think and act, irrespective of the stereotypes portrayed by the media.”

About RSA Security
RSA Security helps organisations protect private information and manage the identities of people and applications accessing and exchanging that information. RSA Security’s portfolio of solutions - including identity & access management, secure mobile & remote access, secure enterprise access and secure transactions - are all designed to provide the most seamless e-security experience in the market. Our strong reputation is built on our history of ingenuity, leadership, proven technologies and our more than 14,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit www.rsasecurity.com.

Danube-University Krems:
General information: www.donau-uni.ac.at
Information on the ‘Information Security Management MSc’ Master of Science Course: www.donau-uni.ac.at/de/studium/fachabteilungen/tim/zentren/zpi/studienangebot/security/index.php
Contact Information:
Dr. Gert Adamek
Zentrumsleitung
Tel: +43 2732 893 - 2318
Fax: +43 2732 893 - 4304
Mail: gert.adamek@donau-uni.ac.at

RSA is either a registered trademark or trademark of RSA Security Inc. in the United States and/or other countries. All other products and services mentioned are trademarks of their respective companies.
Top of Page Email to a Friend Print
© 2010 RSA Security. All rights reserved | Privacy | Legal | Site Map

RSA, The Security Division of EMC, provides Secure Data, Compliance, SIM, SEM, SIEM, PCI, Consumer Identity, Two-Factor Authentication, Custom Applications, Consulting, Assessment, and other security solutions and services to over 90% of the Fortune 500.
 
Access Control |  Authentication and Identity Assurance |  Credential Management |  Data Loss Prevention |  Data Encryption and Key Management |  Fraud Prevention |  Security Information and Event Management |  Log Management |  IT Compliance |  ISO 27002 Compliance |  Information Risk Management for Financial Services |  Payment Card Industry Data Security Standard | 
 
RSA Access Manager
RSA BSAFE
RSA eFraudNetwork
 RSA Data Loss Prevention
RSA Consumer Solutions
RSA FraudAction
 RSA Digital Certificate Solutions
RSA Encryption/Key Management
RSA Enterprise Data Security
 RSA enVision
RSA SecurID
RSA Smart Cards

 RSA Federated Identity Manager
RSA Adaptive Authentication