What is hacking? Hacking in the broadest sense, is the ability to take a complex system and use it in a way for which it was not created. In fact that’s why if you go to Youtube and you type in the word HACKS, you’re not going to find a bunch of ways to write a script to subvert a DLL on the system. IT is like, using these complex systems and finding ways of doing things differently.
In IT systems, which are extremely complex, what we’re doing is we’re using these extremely complex systems, which were made simply to communicate and facilitate transactions and so on. And we’re exploiting or finding vulnerabilities. We’re finding ways around security, or where there is no security and taking advantage of it in order to gain unauthorized access or inappropriate access.
Why? Because we’ve taken that complex system and used it in a way that it wasn’t intended to be used. So, what happens is, hacker, will modify the system, modify the application in order to achieve the goals and it can still redistribute intellectual property lead to business loss. So, hacking can do all of that stuff.
Who is a hacker?
It’s somebody who’s intelligent, who has excellent computer skills and I want to tell you, excellent computer skills can be learned. And that’s easier than ever to do that. They can create, explore the computer, they again complex systems using them in ways for which they were not in expected to be used. Some hackers, hacking as a hobby, they just want to check it out. Try to compromise computers or networks just they’re just playing around having some fun.
Some hackers, their intentions can be to gain knowledge or probe and do illegal things. All right. So, some hack with malicious content, steal business data credit card information, social security numbers, passwords, etcetera.
So, what we’re seeing here, is not all hacking is bad. All right. Some people are doing it as a hobby and some people are doing it because they get paid to do it. Those are called consultants. And those are called red team security workers, but others do hacking for illegal purposes.
So let’s look at the classes of hackers threat actors. Alright, so let’s make one thing clear, this is actually pretty good that we see the title the way it’s presented. Not all hackers are criminals. Not all hackers are threat actors.
So, a hacker might be somebody like one of your system engineers, your security engineers that has all kinds of tricks up her sleeve to do crazy stuff with computer systems, but, they are not, a threat to the organization or anywhere else, rather, they’re helping out.
A hacker can be somebody like a pen tester, who’s hired by an organization, to help assure that the systems are not vulnerable to attack. However, if the attacker, the hacker is a black hat hacker, they have extraordinary computer skills and they’re doing it for destruction, right?
They are crackers, they crack into systems. The biggest difference between a black hat hacker and a white hat hacker, who is just somebody who works for an organization, or has their own company that does it to try to defend computer systems. The biggest difference between a black hat and a white hat hacker, is one word. Now, word is, permission.
So, let’s look at a hack.
Alright, so there’s a hacker, the hacker scans, the website for an organization .The website has vulnerabilities. One of the vulnerabilities, allows the hacker, to get to the inside of the network and find an application, that is running on an N-tier surface presentation. So they go to the presentation level and they use a special hack, using a stored procedure on the database called sp_cmdshell.
Running that stored procedure, they’re able to get the database to allow them access to the underlying operating system and using the underlying operating system, since the database is running as root, they’re able to take a user account that they discovered and turn it into a root account. After, getting the root account, they’re able to go from the Linux network, into the Microsoft network and find other applications and other data and begin to exfiltrate data, under the guise of DNS transactions, to a command and control server, where they are able to accumulate, 200 gigabytes of data from the organization and compromise 14 different machines. Is that, bad? I guess you could say.
And if, the attacker, if the hacker is, has been paid to test the security of the organization, they’re a pen tester. They’re, a white hat hacker. What they’re going to do now, is they’re going to write a report and they’re going to show you all the different ways, that the organization is vulnerable and they’re going to get paid a bunch of money for showing you how to lock it down, the other, because they have permission.
The black hat hacker, does not have permission and they’re doing it as a criminal enterprise and they should be arrested and locked away in jail digging away at the salt mines on regulars four. So, gray hat hackers, are people who work both offensively and defensively at various times.
A gray hat hacker, is sometimes referred to as a person who might do black hat now and then and white hat now and then.
If you’re doing any black hat, you’re a criminal. So, I don’t want to ever do that.
Suicide hackers, are black hat hackers that don’t care about getting caught.
Script kiddies, are hackers, that have low skills. So, let’s say that there’s somebody who really is kind of new to the whole computing world. They watch a few Youtube videos, download Kali Linux and they launch a high orbit ion cannon distributed denial of service attack against a company. And they just really started learning this last week. They’re a script kiddie, that just running script stuff that’s already been put together by real hackers.
So we have different and by the way, there are many more classes of hackers and threat actors and really,
everybody on this list except for white hat hackers, are threat actors. We also, continue this list with a few others, a cyber terrorist right? They have political or religious beliefs in there trying to terrorize, whatever network or host or organization. We have state sponsored hackers, right now, probably the first level of military in most nations is cyber, cyber security, cyber attacks, cyber threat. And so, most every major government in the world has state sponsored hackers.
We have hacktivists, they are promoting a political agenda, maybe disabling or defacing a website. We have hacker teams, consortium’s, of organized crime, based, attackers that work together with such great organization that there are organized almost like a major corporation. And these hacker teams, are taken on bigger and bigger projects.
We also have industrial spies and these are corporations, that are spying on and hacking other corporations.
Another type of attacker would be an insider. This is somebody who already has log on, they already have privilege, they already have an account and they’re trusted, but yet they are attacking the organization.
Another one would be, like I was describing before, a criminal syndicate. Organized criminal activity, organized hackers, hardened criminals, that, use even rented devices like AWS or Azure or botnets or others, to organize attacks, get money, steal data, etcetera.
