Ashley Madison hacked: A case of digital Robin Hood?

The affair-enabling dating site Ashley Madison was hacked, putting the information of its cheating clients at risk. But can the hackers claim the moral high ground?

|
Lee Jin-man/AP/File
In this June 10, 2015 photo, Ashley Madison's Korean web site is shown on a computer screen in Seoul, South Korea. The Ashley Madison cheating website was hacked by a group identifying itself as The Impact Team, compromising the personal information of its 37 million users.

In the world of hacking, there are good guys and there are bad guys. They both steal information, but the good guys – the “white hats” – will do it to help pinpoint sites’ vulnerabilities so companies can reinforce weak spots. The bad guys – “black hats” – take information to use for their own personal gain.

Is the Ashley Madison hack a case of moral vigilantism – a sort of white hat hack – or something else?

Experts say the ethical ambiguities around this hack place it in a different realm.

Ashley Madison, the paid, online service that connects people looking to cheat on their spouses, was hacked, and the thieves stole the names and other information about its 37 million users, KrebsonSecurity reported. 

The hackers, who identified themselves as The Impact Team, criticized the site’s owner Avid Life Media (ALM) for continuing to store user data after an account is deleted, and called the users themselves “cheating dirtbags.” The Impact Team published stolen information from users’ accounts and about the site’s server and finances, threatening to release more data, “including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails,” if ALM did not permanently shut down Ashley Madison and another dating site it owns, Established Men.

ALM chief executive Noel Biderman told KrebsonSecurity late Sunday night that the company was working to take down the information. Regardless of opinions on the morality of the site, he said, the information was still protected under property law.

“We’re not denying this happened,” Mr. Biderman said. “Like us or not, this is still a criminal act.”

Stressing the illegality of the hack, Paul Williams, chief technology officer of security consulting company White Badger Group, says neither hacker hat metaphor is wholly appropriate for committing an "ugly" act for a good reason.

“This one is more like ‘hacktivism’ to me,” Mr. Williams says. “It is definitely black hat, but it’s like Robin Hood robbing from the rich to give to the poor. In this case, these guys are doing a very ugly hack that’s blatantly against the law, but in the name of doing something good. So it’s kind of like a crossover of hacktivism and, of course, black hat.”

D.E. Wittkower, assistant professor of philosophy at Old Dominion University whose research involves the legal invocation of property rights to protect privacy, adds that since The Impact Team’s motivation is about morality – not aiding the company in boosting security or promoting criminal activity – even the more ambiguous “gray hat” label does not fit quite right.

Instead, he says he favors ALM’s claim that the hack is an act of “cyber-terrorism.” The term, he says, “in some sense, seems way overblown, but as a factual description I think might be pretty accurate, because what they’re trying to do is to utilize fear in order to bring about a change in company policy.”

“In this case, they want to stop the offering of these products,” Mr. Wittkower says. “It’s not a war against the company. They actually specifically identified a variety of properties and said, ‘these two should be shut down; the rest can stay up.’ So there’s a very specific political aim that seemed to be based in a moral judgment about those properties. They didn’t have an issue about the gay dating site. It was the adultery site.”

ALM said in a statement Monday morning an investigation had been launched into the breach, but Williams says it is unlikely the “brains” will be caught or punished since “the Internet doesn’t really support investigation too well.”

Ashley Madison called itself in an email last year “the last truly secure space on the Internet,” but apparently has been aware of the catastrophic implications of a security breach. KrebsonSecurity reported that ALM chief technology officer Trevor Stokes, asked what he would “hate” to see go wrong, said in one of the leaked documents, “I would hate to see our systems hacked and/or the leak of personal information.”

The Wall Street Journal presaged the hack in May, after the dating site AdultFriendFinder suffered a similar breach. In a report called “Risky Business for AshleyMadison.com,” potential ALM investors were urged to take the AdultFriendFinder hack as a warning of the risks associated with a security violation.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Ashley Madison hacked: A case of digital Robin Hood?
Read this article in
https://www.csmonitor.com/USA/USA-Update/2015/0720/Ashley-Madison-hacked-A-case-of-digital-Robin-Hood
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe