As much as a hack functions as a cultural and technological magic trick that illuminates its social milieu, it also represents an agonistic exercise of political, economic, and social power. A hack can be legally interpreted as malicious intent toward a targeted individual or institution, even if it is found to have been a wrong turn down the paths of a trusted system. A hack also may serve a symbolic function as speech, either as a discrete speech act or as part of a coordinated campaign. It may create a “ripple effect” that first influences interconnected sociotechnical systems such as e-commerce and online banking and then ripples outward to political systems. Regardless of actor or intent, the apparent pervasiveness of cyberattacks today by intrusion software and distributed denial-of-service (DDoS) botnets (“botnet” is a portmanteau of “robot” and “network”) suggests that surveillance, disruption, and loss of privacy are now basic costs of living with trusted systems both online and offline.³ Trusted systems are essential for online commerce, banking, media entertainment, and a host of other activities. With promises of ever-greater “convenience,” firms drive consumers to these systems, and the data that consumers wittingly and unwittingly contribute about themselves provides firms with increasingly granular user profiles and the ability to track and predict user behavior.

The closed nature of these networks is crucial to their legitimacy and engendering the trust of participants. Yet as more and more members of the public have their personal data collected, analyzed, and compiled into databases by third parties, these “data subjects” (in European Union parlance) increasingly are exposed to identity theft, financial disruptions, doxxing, and cyberbullying. Cloud computing already has introduced a new scale to the communicative effects of hacking (Mosco 2015). As a growing number of trusted systems connect “smart” devices like refrigerators, webcams, and digital video recorders to online services, the empirical bases for trust in these systems continues to erode even as these systems become ubiquitous. According to Gartner Research, the global number of “Internet of Things” devices has surged nearly 70 percent, to 6.4 billion, between 2014 and 2016. By 2020 the number will reach 20.8 billion (Lohr 2016, B3). Given that every thousand lines of software code has, on average, fifteen to twenty defects (Perlroth 2016c, F5), the Internet of Things promises a vast playground for hackers. For example, unsecured gadgets can be remotely commandeered to join in a network of robotically controlled botnets, which in turn can be converted into a targetable swarm cyber weapon (Limer 2016).

Hacks can employ many attack vectors to breach trusted systems, including printers, routers, USB drives, email attachments, infected web pages, and fake browser plugins. Once a system is breached and a “payload” (or recombinatory software code) is dropped, intrusion software can perform countless functions. It can take over a system for surveillance, destroying its data or holding it for ransom (i.e., “ransomware,” which increasingly bedevils individuals and institutions through online extortion). Intrusion software can also exfiltrate (“exfil”) or remove sensitive information from the network. Mass exfiltrations of account databases have leaked private data and personally identifiable information of millions of credit card users, subjecting them to possible identity theft. Email exfiltrations can lead to “doxxing,” in which private information on individuals is released on the internet with malicious intent.⁴ Intrusion software can also replicate in a botnet system, allowing a remote server to commandeer enslaved devices: “Cybercriminals use special Trojan viruses to breach the security of several users’ computers, take control of each computer and organize all of the infected machines into a network of ‘bots’ that the criminal can remotely manage” (Kaspersky Lab 2018).⁵

Zero-day vulnerabilities—unknown or unaddressed holes in program or network security, so named because they are newly discovered, or zero days old—allow anyone with knowledge of these systems and a fluency in the appropriate coding language to penetrate trusted systems. These vulnerabilities increase the likelihood of an effective attack, as well as the attack remaining undetected by the recipient (Batey 2015). Furthermore, cyberattacks defy easy categorization. They may include espionage, terrorism, theft, vandalism, or protest; the lines between categories may be blurred, compounded by the difficulty of ascertaining perpetrators and motives. Hackers can employ encryption, virtual private networks, and pseudonyms to conceal their identities. They also can disguise the origin of their attacks: “If hackers in Bucharest want to steal from a bank in Omaha, they might first penetrate a server in Kalamazoo, and from there one in Liverpool, and from there one in Perth, and so on, until their trail is thoroughly obscured. . . . A sophisticated hacker . . . might hop as many as thirty times before unleashing an attack” (Schmidle 2018). Cyberattacks are relatively inexpensive and cost-effective. According to the chief technology officer of the cybersecurity firm Splunk, Snehan Antani, “The cost of cyberattacks is 1/10th to 1/100th the cost of cyber defense. . . . This is because attack tools are freely distributed, the computing resources are stolen, and because the labour costs in state-sponsored attacks are typically low” (qtd. in D. Williams 2016).

Since cyber warfare is based in code, it lacks the manufacturing, warehousing, and deployment costs associated with traditional weapons. The sole expense is the labor of coders, and this expense stands to fall with “cloud” sharing and mobile technologies. While criminal hacks may seek a quick financial return, state-based attacks may be more precisely targeted with a specific goal, such as gaining strategic or technical information that may later be employed for disruptive purposes. Yet intent may be as difficult to ascertain as origin: “When a Russian criminal group with ties to Russian intelligence was detected attacking U.S. banks in 2014, for instance, the security community debated whether it was regular old cybercrime, or an attack linked to Russian state interests, designed as a response to the sanctioning of the regime for its invasion of Ukraine. But even then, was the attack a retaliation that got caught? Or was it akin to a nuclear test in a crisis, a signal intended to be detected, a warning of greater consequences if the United States pushed further?” (Singer 2015).

Attacks are not necessarily waged between individual entities (such as single nation versus single nation), and both criminal and state hackers may use similar means and methods of attack, making them harder to differentiate. Reflecting the growing alliance of state and corporate actors, methods used by states may trickle down to private firms, while states may buy and stockpile exploits from hackers and brokers or employ cyber mercenaries. The difficulties of determining parties, motives, and responses is further complicated by the fact that revealing these factors also reveals how deeply state agencies (such as the National Security Agency) have penetrated their networks. A public response to a cyberattack may lead to escalation, while a covert response may not be viewed as proportional or serve as an effective deterrent.

Victims of massive hacking episodes and data breaches include Sony, Target, Anthem, Home Depot, J. P. Morgan, Chase Bank, T-Mobile, and Experian, as well as U.S. government agencies including the Internal Revenue Service, the Postal Service, and the Office of Personnel Management. The National Health Service in the United Kingdom also suffered a crippling cyberattack. By some estimates 90 percent of U.S. companies have been hacked. At a cybersecurity conference in 2012, then FBI director Robert Mueller claimed, “There are only two types of companies: those that have been hacked and those that will be” (Schmidle 2018). A computer user now must think like a network administrator: “Assume you’re going to be hacked and try to catch it before it does too much damage” (Tynan 2016). Both of these guidelines promote thinking like a hacker.

Hacks are a technical application of force to affect communication systems. In one sense hacking is “only a modern term for bugging, eavesdropping, signals intercept, listening-in, tapping, monitoring,” and other technical threats to electronic privacy (McMullan 2015). Force can also cause harm from data destruction. Tools for hacks (including “lawful intercepts” by police, intelligence services, and other government agencies) must—by law—be built into global communications networks through technical “back doors” and administrative controls. Yet these “official” back doors also may exploited by unauthorized and unknown users (Landau 2013, 12). Other hacking tools are based on the exploitation of mundane vulnerabilities like weak passwords or users’ proclivity to open dodgy email attachments. A third vector for attacks is provided by the aforementioned zero-day exploits.⁶ These exploits are collected and sold by a flotilla of established and ephemeral cybersecurity businesses, including stand-alone companies, divisions of defense companies and accounting agencies, and independent contractors. Much of this work on trusted-system vulnerabilities is treated as classified or proprietary research, further benefiting the bottom lines of stakeholders while further compromising the security of the public internet.

Since the turn of the twenty-first century, reports of hacking episodes have increased exponentially. Many go unreported, adding to the catalog of systemic risks we face in digital capitalism. Yet hacking, as an application of force to communication systems, is not new; it can be traced to an earlier, mechanical age. Kirkpatrick Sale’s (1996) account of Luddite resistance in the early stages of the Industrial Revolution provides a prescient historical example. Hacking’s antecedents also may be found in events surrounding the development of radio or “wireless telegraphy” at the turn of the twentieth century. Guglielmo Marconi, like Apple’s Steve Jobs, employed extensive stagecraft when unveiling technology. Marconi’s first public demonstration of wireless telegraphy, held in 1903 at the London Royal Institution’s lecture theater, was preceded by extensive publicity. Much to his dismay Marconi’s trusted system was subjected to a brute-force hack during the demo. The electrical system for the slide projector accompanying Marconi’s lecture was remotely commandeered by a radio transmitter outside the theater, causing the projector to flicker in pulses, which were immediately recognized as Morse code (Marks 2011; Raboy 2016).⁷ Marconi denounced the prank as “scientific hooliganism” (Marks 2011); the hacker was later identified as an envious magician and radio hobbyist.

“Scientific hooliganism” also provided an effective pretext for corporate and military interests to wrest control of the electromagnetic spectrum from “amateurs,” whose number included hobbyists and bench scientists working alone or in early research labs. Competing claims to wireless innovations, and accusations of amateur “interference,” led to the U.S. Radio Act of 1912, in which corporations and the military were awarded vast swaths of the electromagnetic spectrum, while amateurs were exiled to a sliver of the remaining accessible frequencies (Douglas 1987). The British-based Marconi operation quickly dominated the international market for wireless telegraphy. At the behest of the U.S. Navy in the interests of national security, American Telephone and Telegraph, General Electric, United Fruit Company, and Westinghouse formed the Radio Corporation of America in 1919. RCA gathered the necessary elements for end-to-end radio communications and further consolidated corporate control over the electromagnetic spectrum. It was the genesis of a trusted system for analog radio–frequency technology, including licensing and ownership regulations, for media and technology producers.

In the world of telephony, AT&T’s switched telephone network and Western Electric devices comprised a trusted system that legally excluded access by rival wireline systems and devices and unsanctioned (or nonpaying) users. And hacking naturally followed: Phil Lapsley (2013) describes user “hacks” of the phone system in the mid-twentieth century, which inspired a loose social network of phone “phreaks” intent on subverting the monopolistic practices of AT&T and Western Electric. Phone phreaks breached analog switching systems to obtain dial tone and long-distance or conference calling without payment. In a 1971 article in Esquire, author Ron Rosenbaum vividly described how John Draper, aka Captain Crunch, demonstrated the global scope of the phone network’s trusted system. Draper hacked into the Bell network and routed a toll-free call from his home through international switches to his own second telephone line. Specifically, Draper connected a single long-distance call from California through switching stations in Tokyo, India, Greece, South Africa, London, and New York and back to an adjacent phone in California, wrapping his call around the globe. “Needless to say I had to shout to hear myself. But the echo was far out. Fantastic. Delayed. It was delayed twenty seconds, but I could hear myself talk to myself,” he stated (Rosenbaum 1971, 117). This demonstration proved network bypass was possible, and it became more popular until authorities responded, in the early phases of a “hacker crackdown” (Sterling 1992).

Eventually digital switching systems superannuated this type of bypass. Concurrently, engineers at MIT and other elite universities developed social and technical bonds through “hacking” (or breaching and programming) mainframe computers (S. Levy 1984). Much as radio amateurs found themselves at the sharp end of the stick from military and corporate interests, phone phreaks and mainframe hackers found their “disruption” contained and co-opted: they and kindred spirits migrated to the emergent cyber culture, developing interconnected email relays and operating online bulletin board services in the 1970s and 1980s, before commercial internet service providers came along. Later they were known for their affiliation with the Whole Earth ’Lectronic Link, Prodigy, and similar online services (Turner 2006; Markoff 2005).⁸

As with phone-system phreaking, software hacking came to symbolize technological craft and means of resistance, asserting individual and group agency over a world of increasingly abstract, complex, and interconnected technical systems that enabled new forms of social interaction.⁹ The recursive or self-referential social shaping of information and communication technology has attracted the attention of social and political theorists to the field (Kelty 2008). Anthropological work on hackers in general, and on the “hacktivist” collective that calls itself “Anonymous” in particular (e.g., Coleman 2011, 2013), has provided insight into the motives, actions, and communicative effects of some high-profile hacking campaigns. We seek to build on this line of inquiry by addressing the impact of hacking on social complexity and communicative action.

Why Hackers Win examines the ways in which hacking illuminates the relationship between the technical codes of trusted systems, the legal codes in which they operate, and how these codes overlap and interact to shape our social reality. As Niklas Luhmann notes, economic, legal, and political systems require trust to function effectively. At the same time their structural and operational properties “may erode confidence and thereby undermine one of the essential conditions of trust” (2000, 103). Hacking can undermine trust by breaching interconnected social systems and challenging the expectations that accompany their use. Given the Network Society’s immense complexity and accompanying risks, state and corporate actors who rely on trust have incentive ...