To the uninitiated, hacker culture commands a mysterious allure. It’s a world filled with shadowy aliases and technical jargon. In this secret underground, libertarian warriors — or infantile nihilists, depending on your point of view — plot the capture of corporate data centers and attacks on government agencies.
That world, long inaccessible to the general public, is about to open up. Enter rankmyhack.com, a Web site claiming to be the hacker community’s “first elite hacker ranking system.” If it takes off, the system could intensify the race to perform high-profile exploits, encourage a new generation of hackers to pick up the trade or raise the overall likelihood of future cyber-attacks.
The system allocates points to successful hackers based on the popularity of their chosen targets. Hacking Yahoo! earned one member 37.5 million points, propelling the code-wizard to the top of the leader-board. Hackers win more points for more complex attacks. To become ranked, a hacker must insert a certain line of text into a Web site undetected. The board — rendered in classic green and black — resembles an arcade-style list of high scores.
Rankmyhack.com brings to hacking what has lately taken the social media world by storm: gamification. Gamification aims to boost consumer engagement with a commercial brand using mechanics that include virtual awards, badges or points. In the case of hacking, competition for prestige is already built into the community’s social fabric. But Rankmyhack.com’s gamified approach could have the added effect of expanding what was once an exclusive club.
Like any contest, Rankmyhack.com’s appeal lies in its apparent egalitarianism. Anyone can become ranked, with the right mix of skills and ambition — a tempting prospect for aspiring hackers looking to prove themselves. What’s more, the Web site gives veteran hackers greater incentive to compete with one another, encouraging ever more difficult hacks on the fattest targets. The consequences of this ratcheting effect won’t be limited to a circle of geeks. It’ll have a real impact on information security across an array of sectors. This year alone, the public bore witness to a flurry of attacks on businesses like Sony, Lockheed Martin and Booz Allen Hamilton. Many of these were perpetrated by Lulzsec, a group that broke from the larger and better-known collective, Anonymous, precisely so that it could carry out more aggressive cyber-attacks.
Preventing young hackers from joining the black-hat leagues will be a tall order in this environment. Research now suggests that society isn’t divided by one technological generation gap — that is, between parents and their children — but that such gaps may exist even between siblings. Disconnects such as these make it more difficult for parents to understand what their children are up to, let alone intervene.
Still, at least one white-hat institution hopes to benefit from the renewed spotlight on hacking: the U.S. government. With cyber-security fast becoming something of an obsession in Washington, U.S. agencies are racing — sometimes against each other — to hire code-savvy youngsters. Recruiters from the Defense Department, the National Security Agency and the Department of Homeland Security all descended on the hacker convention DefCon this month.
Incidentally, 2011 also marks the first year that DefCon welcomed hackers as young as eight years old to the convention hall.