Current Activities

Hackers Profiling

Towards new evolutions in hackers profiling

The Hacker’s Profiling Project (HPP) started back in 2004. While many years have passed since its inception, the HPP Core Team has continued working on the project, as pointed out by Misha Glenny at TED.

Background information

The advances being made in information and communication technology represent a double-edged sword, and as we move into the future, the benefits and costs are rapidly coming into focus. We are now dependent on our technological infrastructure for almost all aspects of our daily lives, and this dependence is equally important in the public and private spheres. Air, road, and railway traffic controls, electricity and gas grids, wire and mobile telecommunications systems, police and fire dispatch centres, hospitals, government offices and structures controlling national defence and public services are now organised and controlled through the use of computers and advanced IT networks. Within the private sector, banks, stock markets, and other monetary institutions that transfer or handle billions of daily transactions are also built upon integrated computer systems. Such massive dependence on information technology has created new vulnerabilities for modern society, and public and private entities have to face the reality that their technology infrastructure may be susceptible to attack.

The HPP aims to improve the response to ICT crime and the transnational organised crime groups that may be involved in it by outlining the criminal profiles of the different types of hackers, with particular emphasis on their possible involvement in transnational organised crime activities and cyber-terrorism. Through a better understanding of hackers, HPP will facilitate the prevention and countering of ICT crime and will improve the operational methods that may lead to the identification of cybercriminals.

Project phases

The HPP project began in 2006 and is composed of 8 different phases, carried out with the support of the Italian Association for Information Technology Security (CLUSIT):

  • Phase 1 - Theoretical collection (completed/on-going): Elaboration and distribution of a questionnaire that consists of three modules: Module A on personal data; Module B on relational data; and Module C on technical and criminological data. The questionnaire is available in several languages.
  • Phase 2 - Observation (on-going): Participation in IT underground security events in Europe, the USA, Asia and Australia.
  • Phase 3 - Filing (on-going): Creation of a database for the classification and elaboration of data collected during phase 1.
  • Phase 4 - “Live” collection (to be commenced): Elaboration and building up of a new generation of highly customized Honey-Net Systems.
  • Phase 5 - Gap and Correlation Analysis (yet to come): Gap analysis and correlation among data collected through the questionnaire, Honey-Net and profiles taken from existing literature on the topic.
  • Phase 6 - Live assessment (pending): Continuous assessment of hackers’ profiles and correlation of modus operandi through the data collected in phase 4.
  • Phase 7 - Final profiling (pending): Redefinition and fine-tuning of different hacker profiles previously used as “de-facto standard.”
  • Phase 8 - Diffusion of the model (pending): Final elaboration of results, drafting and publication of the elaborated methodology, campaigns to raise awareness.

The Hackers Profiling Book

Output: the book “Profiling Hackers”

The first output of the project was the publication of the book “Profiling Hackers. The Science of Criminal Profiling as Applied to the World of Hacking”, Taylor & Francis, which came out on 12 December 2008 (1st Italian edition was published by Apogeo in February 2007).

The book serves as an attempt to apply the behavioral science of Criminal Profiling to the hacking realm. Its main objective is to provide a new means of investigation in order to deal with issues related to cybercrime. But there is a lot more waiting to be discovered...

Computer networks are commonly thought of as unfathomable and invisible, effectively beyond our grasp. The hacker has an ability to visualize this complex digital environment, making his or personality an object of intrigue, both original and controversial.

Aware of the lack of information preventing the public from adequately understanding the phenomenon of hacking, the authors' desire is to provide insight into the topic by relating interesting anecdotes and describing the bizarre characters that practice hacking and cracking as an art form, while still following established ethical models. Providing an in-depth study of the hacking world, focusing on the relationship between technology and crime, the authors reveal hidden aspects and many interesting details concerning this subject, while answering questions like: Who are the real hackers? What kind of life does a hacker lead when not online? Is it possible to determine a hacker's profile on the basis of his behaviour or types of intrusions?

HPP 2.0

Hackers Profiling Project 2.0: HPP V2.0 serves as a sequel to the original HPP project that started in 2004 and ended in 2010. HPP's original goal was the application of the concepts of criminal profiling to the world of hacking. Due to recent events happening in the world of cyber security and the evolving nature of cyberspace, HPP 2.0 aims to update the profiles that resulted from the original study. The development of an online presence by terrorist organizations and the infiltration of organized criminal groups into the world of hacking, are two of the main developments that have occurred in recent years, and they require further investigation.

The aim of the project is to revisit and update the hackers’ profiles resulting from the findings of the original HPP project in order to achieve a clearer understanding of emerging patterns in the world of hacking.

Contact Us Disclaimer | Acknowledgements