Tuesday, March 6, 2012

Applying An Ancient Chinese Lesson: Know Your Enemies

7 Levels of Hackers

Terms used in information technology and IT security often are vague. Take, for instance, cloud computing. Some might think of the public cloud; others, the private, hybrid or community cloud. Or, the term could mean software as a service, platform as a service and so on.

The same can be said of the word hacker. Not all hackers are the same, and that presents problems in defending against them. The catch-all media description of a hacker is one who accesses a computer system by circumventing its security system.

But contrary to popular belief, not all are motivated by the prospect of obtaining credit-card details or personal data that they can sell for cash. Not all that fall into the hacker category are cybercriminals. Not all are human.

They are seven levels of hackers, the higher the number, the greater the danger they pose:
  1. Script Kiddies: Essentially bored teens with some programming skills who hack for fun and recognition. They're thrill seekers.

  2. The Hacking Group: A loose collection of script kiddies who wield more power as a collective than as individuals, and can cause serious disruption to business. Think LulzSec, known for attacks last year on Sony, CIA and the U.S. Senate, among others.

  3. Hacktivists: Collectives that often act with a political or social motivation. Anonymous is the best known hacktivist group that has been credited - or blamed - with attacks against child-porn sites, Koch Industries, Bank of America, NATO and various government websites.

  4. Black Hat Professionals: Using their expert coding skills and determination, these hackers generally neither destroy nor seek publicity but figure out new ways to infiltrate impenetrable targets, developing avenues of attacks that could prove costly for governments and businesses.

  5. Organized Criminal Gangs: Led by professional criminals, these serious hackers function within a sophisticated structure, guided by strict rules to ensure their crimes go undetected by law enforcement.

  6. Nation States: With massive computing power at their disposal, they target critical infrastructure, military, utilities or financial sectors.

  7. The Automated Tool: Fundamentally, it's a piece of software that acts like a worm virus and tries to affect as much as possible to give itself the largest possible framework. A well-crafted tool could be utilized by any one of the other six criminal types.

No comments: