In Defense of Hacking

Faculty Q&A / Timothy C. Summers

What if instead of being villains, hackers are the heroes of the cyber underworld? That’s the position of Timothy Summers, director of innovation, entrepreneurship and engagement in UMD’s College of Information Studies. A self-taught hacker who was breaking into computer systems before he could drive, Summers today studies hackers’ cognitive psychology and touts “ethical hacking” as a way to improve society. The challenge for the United States, he tells Terp, is to ensure a steady supply of computer whizzes with a passion to protect.

TERP: How did you start going beyond the basics with computers?

Summers: I’d gotten a game from a computer store, and there was a glitch that wouldn’t let you boot back into Windows. I had to call tech support and stay on the phone all night—back in the days when you paid for long-distance by the minute—typing in codes and scripts to fix it. Doing that was a revelation to me. (The next big thing for me was learning about phone phreaking, where you’re hacking phone lines to make long-distance calls.)

TERP: What pushed you to ethical hacking?

Summers: When I was 13, I got into an argument online with a hacker. He sent me a file that turned out to be a virus, and it was really, really cool. It showed me a movie on the left side of my screen, while on the right it was literally deleting every file on the computer. That was a pivotal moment in my life. I never wanted it to happen to my mom or my aunt or my grandma. I realized I needed to learn to create viruses myself so I could understand how to stop them.

TERP: So it’s not all about making mischief?

Summers: For many of us, hacking is about protecting people. It’s what motivated me, starting at home and then taking that to the Department of Defense, where I worked in cybersecurity. Hackers have been described as “the immune system of the internet,” which I think is accurate. When a new technology comes out, it’s the hackers that break it apart and find out everything that’s wrong with it or vulnerable about it, so it can be fixed before harm can spread.

TERP: How do we encourage more ethical hacking, and less of the other kind?

Summers: In terms of ethical hacking, there’s actually a huge lack of qualified people. Many of our adversaries actually have a lot more able hackers than we do. One of the biggest challenges at the moment is training. Unfortunately, for people with necessary skills, Silicon Valley is much more attractive than the government. So the government is doing a lot of work to develop cyber talent [including through UMD’s Maryland Cybersecurity Center and Advanced Cybersecurity Experience for Students program], my research focuses on the cognition necessary for effective hacking, and we basically have to keep encouraging people to enter this field.