Do an image search for hackers and you’ll be greeted with a multitude of images of men and women wearing balaclavas and masks (why would a hacker need to wear a mask?) sat at a computer plotting some nefarious scheme. Why is this the common representation of hackers? Could it be a result of watching too many movies or is it part of the narrative that you should be afraid of these people? In this blog we take a look at the different types of hackers and their motivations.
"Script kiddie," is a term that emerged in the 1990s to describe novice, often amateurish individuals who attempt unauthorised access to IT systems and devices for amusement or financial gain.
While some script kiddies might possess programming skills, they typically lack the experience or knowledge to write sophisticated exploits targeting vulnerabilities. Their arsenal usually consists of open-source malware and scripts, allowing them to aim at various systems.
They are of indiscriminate, as they continuously attempt to compromise any accessible systems on the internet. Despite the fact that numerous techniques and scripts employed by script kiddies are ineffective, they can still pose a threat due to their relentless attempts to breach a system. Their consistent forays into hacking and exploration of sensitive areas can cause havoc as was seen last year when a 17-year old schoolboy was charged with hacking Rockstar Games and Uber.
One of the biggest reasons people do anything is because it’s fun. Many hackers that fall into this category do so for that reason alone, and it can be a very addictive hobby for some. The challenge of trying to outsmart security systems and outdo other hackers can be a big draw.
Hacktivists" is a term merging "hackers" and "activists" to designate distinct groups of individuals who use hacking skills to promote or advance a political or social cause. Hacktivists operate on the belief that their activities are a form of protest or civil disobedience against some perceived social wrong.
They exploit vulnerabilities in IT systems to draw attention to their cause, often through data breaches, defacement of websites, or distributed denial of service (DDoS) attacks.
Their targets typically include government agencies, corporations, or other entities they perceive as unjust oppressive or go against their political beliefs.
The most active hacktivist group recently is the group calling itself Anonymous Sudan. The pro-Russia group has targeted multiple organisations that they see as a opponents to the Russian government with DDoS attacks. Many recent hacktivist activity however has signs of state sponsored influences.
State-sponsored hackers, employed by nations to execute cyber warfare, pose a significant threat to other governments, organizations, businesses, or individuals perceived as adversaries. Their primary objective is to disrupt critical infrastructure, steal sensitive information, or compromise security. The prevalence of such state-sponsored attacks has surged dramatically since the inception of the Russia/Ukraine conflicts.
By far, these hackers are the most menacing due to the substantial resources and backing provided by their respective states. Unlike typical hackers who typically seek easy targets, state-sponsored hackers are relentless and well-equipped. They are capable of launching sustained assaults on their targets, employing the necessary resources and time until they breach defences and accomplish their goals.
The presence of these highly skilled and well-funded hackers significantly escalates the stakes in cyberspace, turning it into a battleground for geopolitical conflicts, espionage, and sabotage.
All of the above can be classed as a Black Hat hacker as they range from script kiddies just starting out to the most highly skilled of cyber criminals. What they all have in common is that they’re actions are used for illegal purposes with organised criminal organisations often being their main employer.
These criminal organisations are often well organised and often equip their operatives with collaboration tools and much like legitimate businesses offer service agreements and even customer support to clients. The Dark Web often hosts the sale of Black Hat malware kits that surprisingly include warranties.
Inevitably, Black Hat hackers often carve out their niches, specialising in areas like phishing or remote access tool management. Many secure their "employment" through forums and other links on the Dark Web. While some create and peddle malicious software themselves, others operate via franchising or leasing models, further blurring the line between their activities and those of the conventional business world.
Contrary to common perception, not all hackers pose a threat. Many, such as the cyber security professionals and penetration testers at Integrity360, are "white hat" hackers who use their skills for positive purposes. Their aim is to proactively identify and rectify system vulnerabilities before they can be exploited by malicious actors.
These experts hack into systems with the objective of bolstering security, not undermining it. Their valuable contributions enhance the overall online security landscape.
Numerous software and hardware companies recognise this, offering bounties to these ethical hackers when they uncover system flaws.
If you are worried about any of the threats outlined in this blog or need help in determining what steps you should take to protect yourself from the most material threats facing your organisation, please Get in touch to find out how you can protect your organisation.