Why I can’t leave the hacker scene – a confession


Many things in life can be a dichotomy. Even while things in life can oppose each other, it doesn’t necessarily mean they don’t each hold significant value. For example, I was released from prison for the last time in 2020 following a hacking charge. I knew that the very thing that had put me in prison for over a decade was still something worth returning to, only under different hats and different rules. Thus, I hung up my black hat and began pursuing ethical adventures. Could the very thing that destroyed my life also offer me redemption?

Everyone recoiled when they saw my return to the hacking scene, especially my family, which makes sense. For example, during the course of my life, everyone had ideas of their own concerning what they felt I should be doing with said life of mine.

Before I stepped into the role of a threat actor, I was a religious teacher and music director for a religious institution. Before that, I was a professional classical concert pianist and accomplished fiddle player.

ADVERTISEMENT

Truly, I came from many different worlds with opposing contrasts. Still, in spite of everything I lost, I chose hacking and, by extension, cybersecurity as my career path. That is because there is so much more to gain, even if I don’t know what I stand to achieve. Thus, those who knew me recoiled, even gnashed their teeth at me, not perceiving the possibility that there was a bigger picture unfolding.

Rule breaker

The first time I was freed from incarceration was in December 2016. I had nothing to do with hacking. I loathed it. Furthermore, I wanted nothing to do with it. I wouldn’t let any of my former companions from the hacker world contact me. Strangely enough, family members would goad me into helping them with uncovering scams they found on Facebook. I adamantly refused.

I went on to try to have a new life with new objectives and goals. As fate would have it, my new life ended with me back in chains after breaking into a US customs-controlled shipyard, trying to flee the country while disguised as an Israeli-American, and blackmailing the captain of a cargo ship.

When I was released, I had a court order to be fitted with a GPS ankle bracelet so the government could make sure I didn’t disappear again. Guess what I did?

There is something within me that’s hardwired to push boundaries and break rules. I mean, when I was first arrested for hacking industrial controls, I was facing a possible 10–20 years maximum prison sentence and still wrote hacking literature and simple tutorials for the inmates who wanted to learn.

How could I tame this inherent need to buck, rebel, and break the rules?

I found a way without working for the federal government, law enforcement, or a corporation.

ADVERTISEMENT

The lost decade

The world was impossibly alien to me when I was released. I stepped into a world that resembled very little the 2009 era I came from. It was like stepping from a slow-moving time machine.

You must understand something, I was absent during a decade’s worth of sociological-technological trends and evolution that unfolded from 2009 to 2020. Factor in that I didn’t have unfettered access to information during my incarceration, hence why I was so far behind. I watched from the recesses of a prison cell as a technological revolution unfolded.

I was arrested in the same year when bitcoin became a thing and took off a few years later, changing the financial landscape after the biggest financial market crisis since the Great Depression.

Modern smart devices emerged with renewed vigor, backed with superior processing power and battery life while combining aspects of desktop computing, thus spawning smartphones, smartwatches, and tablets, which in turn gave birth to modern smart homes.

Then, in 2010, while I was still fighting my criminal hacking case, Iraqi insurgents utilized SkyGrabber, a readily available $26 software, to hack into US military Predator drone feeds, revealing that the drones employed absolutely no encryption.

Stuxnet happened.

The Arab Spring kicked off, causing social upheavals against governments across the world.

That same year, with their fates combined, Manning, Assange, and the whistleblowing platform Wikileaks changed the world after releasing classified US State Department cables detailing US war crimes committed during the war in Afghanistan.

As 2010 came to a close, Anonymous emerged from the ashes of its folly and blazed with newfound glory as it took up the mantle of hacktivism in support of WikiLeaks, being dubbed the “WikiLeaks Army.”

ADVERTISEMENT

In 2011, LulzSec and Teamp0ison emerged and gave international law enforcement a run for their money. This same year gave girth to the Occupy Wall Street Movement, as the government stood in staunch opposition in fear of losing control. This movement continued until 2016.

In 2012, I was in solitary confinement when President Obama issued an executive order delineating emergency measures for internet control, which gave the US government power to control the internet for the sake of national security. This development holds significant importance.

With the power to control the web comes the power to cause arbitrary information blackouts and censorship, which is what we saw during the offset of the 2009 Iranian presidential elections when protestors took to the streets.

Holograms emerged, along with VR and Augmented Reality, which finally became commercially available to consumers. I was still in solitary confinement when a Hologram of rapper icon Tupac Shakur materialized at a Coachella concert in 2012.

In 2013, I had already spent 13 months in solitary confinement when Edward Snowden, a former contractor for the National Security Agency (NSA) who later became a whistleblower, disclosed approximately 9,000 to 10,000 highly classified NSA documents to journalists.

This leak revealed a large-scale surveillance program known as Prism, leading to the curtailment of the NSA's unrestricted activities. This event sparked congressional scrutiny, resulting in the passage of new laws and the termination of certain individuals from their positions.

That same year, BackTrack 6 was discontinued, evolving into Kali Linux.

In 2015, an Amazon Alexa device was witness to a murder, and a judge ordered Amazon to give up the recordings.

In 2017, right before I was being freed from a world of concrete and iron, AOL Instant Messenger disappeared. The era had shifted. Everyone was now using platforms like Telegram, Discord, WhatsApp, and Messenger, which meant old unencrypted chat protocols like IRC no longer had a use except for nostalgia.

Somewhere in time, Milw0rm ceased to exist. Only to be replaced with Exploit-DB.

ADVERTISEMENT

The Bug Bounty Program became a new way for hackers of all hats to participate in helping companies become more secure and get paid doing what they love.

Everyone is now plugged into their smartphones, obsessed with likes and views. You can even make more money as a professional gamer on Patreon or a YouTube personality than in most conventional forms of employment. People talk differently. Dress differently. I was away long enough for almost all my siblings to have children.

Somewhere in time, I ceased to exist, only to be replaced with a memory. Time still moves, even if you do not move with it.

Redefining the identity

It took me some time to get up to speed. If there was one thing I learned from the hardships I experienced during my time in prison, it could be summed up with one word: consequences. I, for one, understand consequences better than most people you will cross paths with on the internet, especially in the hacker world.

That dopamine rush I used to get from hacking is dead. Time whittled that away. However, different circumstances motivated my return to the scene. The same reason why many retired hacktivists return:: to guide this new generation and steer them away from harm and irreparable consequences of careless hacking.

The difference between my generation and the present is that this generation is obsessed with meddling in geopolitical cyber warfare, where we are all on the brink of seeing hackers attack industrial control systems that may ultimately result in the loss of human life. Nowadays, hackers are working with ground forces in foreign wars, just as much as unknown actors falsely claiming to be diplomats and military personnel trying to leverage hackers for their own purposes.

Opposing hackers from hostile nations during times of war are now subverting hacktivism aid.

With that in mind, all too often, the cybersecurity industry does not address a cyber threat until after the threat has occurred. So, I began an initiative to try to mitigate cyberattacks before they happen without involving law enforcement and without working for any third party.

The trick is to not break the law.

ADVERTISEMENT

Additionally, prison put me in immediate proximity to child sexual predators. Naturally, I found purpose in joining an OpChildSafety initiative, to use my computer skills for good and uncover the identity of predators, as well as launch educational campaigns without hacking.

If I want to hack, I practice on virtual machines. That way, my sword stays sharpened.

What hacktivism needs are teachers who have been there, who know what's at stake, and who can exist as guardians to help shape the next generation before it's too late. Hackers are going to hack. There’s no stopping that.

Hackers who understand consequences will hack responsibly.