Last time, I
went over the three types of hackers out there.
To give you a stronger foundation from which to build your defense in
this digital world, I’ve broken down the category of hacker once more into the
various types underneath the hats. In
order to defend against impending subterfuge, it is important to know who may
be targeting you or your company.
Script Kiddie
Doesn’t sound
very intimidating does it? A Script kiddie is someone
in the black hat community who manipulates scripts and programs developed by
other, more skilled hackers. The script
kiddie is the baby brother of the family who gains attention by learning how to
use his big brother’s tools. While the
Script kiddie is widely regarded as a juvenile, unskilled hacker, they may
still prove to be dangerous. Given
the right tools and some ingenuity, a Script Kiddie could wreak untold havoc on
any system.
Cybercriminal
A cybercriminal
is your typical black hat hacker. Cybercriminals
make use of system or network vulnerabilities to gain access to and exploit
companies and/or users for their own purpose.
Most cybercriminals are categorized as such because they are limited to
primarily personal gain as a motivation.
Digital bank heists, customer credit card information theft, and similar
attacks are all done by a black hat cybercriminal who just wanted to see his or
her next payday.
Hacktivists
The name is
pretty self-explanatory: we’re talking
about black hat activists. This is the type of person who would
otherwise stand outside of a company or political building and picket or
protest to affect change. Unfortunately
for the targeted institution, hacktivists
have a rather particular skillset which allows them more opportunities than
your average protestor. A hacktivist
will generally follow a black hat level attack methodology, though their
motivations center on more direct affectations.
For example, a black hat cybercriminal might rob a bank to get away with
large amounts of cash because he is broke, or needs attention. A hacktivist, however, will still rob a bank,
but they will find a bank that they feel is responsible for some sort of black
mark on life as they see it. The bank
might have refused their credit application, or maybe the hacktivist doesn’t
like banks who welcome other religious customers. Motivations for a hacktivist are typically
personal in nature, but with a wider implication than just individual
gain. Religion, politics, revenge,
exposing wrongful behavior, and harassment are all motivating factors for a
hacktivist on the prowl.
State Sponsored Hacker
I’m sure by now
that you’ve heard about the Stuxnet worm. The Stuxnet
hack is a perfect example of work that was most likely done by a State
Sponsored Hacker (SSH). A SSH is an
individual who has been hired by a particular government, given limitless time
and funding, and is sent out to work entirely against an opposing target (usually
a separate government or city-state).
State sponsored hackers are the elite among the hacking community, and
often receive no credit for their actions aside from the success of their
attack. Depending on the point of view,
these hackers could wear just about any hat comfortably, so long as they have a
job to do. State sponsored hackers are
the older brother in the family who disappears for long stretches of time, only
to come home for thanksgiving with a new Lamborghini and a brooding expression
for every question posed to him. SSHs
are secretive, effective, and wildly dangerous.
Spy Hacker
Surprisingly,
spy hackers are not the same as SSHs.
Spy hackers serve a similar function, but the targets and background are not at
the same caliber of an SSH. Spy hackers
are hired by a company or institution (not government), to infiltrate, spy, and
otherwise prey upon the competition in an attempt to deliver an advantage to
the employer. These hackers may act as
white hat hackers for the target, or even as hacktivists, but their end game is
to serve their initial employer.
Cyber Terrorist
Did you see the Associated Press tweet fiasco about the attack at the white house that
left President Obama injured? It was taken down rather quickly after the
posters realized it was a well-engineered hoax, but its effect was massive in
the ten minutes or so that it was out there in cyberspace. Millions of people saw it, and millions of
people feared for the worst. This type
of attack was instigated by one of the worst categories of hackers: the cyber
terrorist. Cyber Terrorists, like their
namesake, seek to instill fear and terror on a population. The scale may vary, but the motivation
remains the same, whether it is a digital attack against an entire country, or
just a small portion. Cyber Terrorists
do not stop at informational deception.
Cyber Terrorists are also the type of hackers who seek to deal out
physical harm. Murder is often a goal of
the Cyber Terrorist, and as such, these hackers are among the most feared and
dangerous of them all.
So there you
are! Use this knowledge to prepare yourself and defend against the enemy. To be a successful Hacker Attacker means
knowing your enemy, and now you are well on your way to victory! Just remember,
not all hackers are evil. You could be
sitting next to one right now, or you might need the help of a white hat hacker
the next time you have server issues.
Think smart, be prepared. Be a Hacker
Attacker Nation.
No comments:
Post a Comment