Monday, 4 March 2013

Hackers - The Types of Hackers and Hacker Psychology

Hacking has a mysterious taboo behind it and the term "hacker" is often misunderstood due to the image that the media and Hollywood have portrayed them as. When you think about a hacker I'm sure you picture a pimply nosed kid in a dark room who gets his kicks out of causing distress to computer users and defacing websites. While this description is an accurate portrayal of ONE type of hacker, most of today's real threats come from sophisticated and organized networks. These hackers have the sole intent of stealing your money, identity, and/or causing as much mayhem as possible for their own financial and psychological gains. 

It is important to point out that not all hackers are out to get you and that they can be divided into 3 distinct categories:

1.   THE BLACK-HAT HACKER - These are your stereotypical hackers who are out to cause mayhem and have criminal intentions. Black-Hat hackers use their skills and talents for BAD.

2.   THE WHITE-HAT HACKER - These a system security professionals who hack computer systems in a controlled environment and with the permission of the system owners. The goals of these hackers are to find system weaknesses with the view to patch them up before a Black-Hat hacker finds them. Many White-Hat hackers are actually reformed Black-Hat hackers. White-Hat hackers use their skills and talents for GOOD.

3.   THE GREY-HAT HACKER -  The Grey-Hat hacker is someone who sits on the fence and partake in White-Hat and Black-Hat hacking. These people could have a day job as a system security professional however indulge in Black-Hat hacking in their spare time. Grey-Hat hackers use their skills and talents for GOOD and BAD.

Below is a list of the different types of hackers from a stereotypical perspective. Please note that these are all generalizations are there are often variations to the norm:  

  • The Kid
  • The Activist (Hacktivist)
  • The Rogue Insider
  • The Spy (Corporate, Governmental)
  • The Criminal
  • The Tinkerer
  • The Reformed Hacker

The Kid

 "The Kid" is hacker who is normally male, between the ages of 13-30 years. They are often antisocial and introverted in the real world however may have a massive network of friends around the world online. These hackers find pleasure in trying to outsmart IT security administrators and get their adrenaline kicks when they succeed. When "The Kid" succeeds with a hack they may get sense and feeling of accomplishment thinking "I'm better than you IT professional" which fills the void of any potential self-worth issues which they may have.  

As hacking is an online activity these hackers don't normally realise the harm that they can cause to people and companies in the real world.  These hacker are often not very skilled with the hacking software and techniques which they use so they are almost always caught.

The Activist (Hacktivist)

Hacktivists are a group of people who share a common opinion towards another person, group, company, government or even religion.  They find social acceptance  by being part of the collective of the hacktivist group and by interacting with other like-minded people. The goals of hacktivist attacks may range from trying to make people aware of a social injustice to the flat out destruction of their targets business and reputation.

Hacktivists perform hacking operations because they may disagree with a social, commercial or political norm and by carrying out these attacks they may get the feeling of collective accomplishment. The mindset of the hactivist is that they are performing their attacks for the greater good and to defend their personal freedoms. 

The Rogue Insider

The "Rogue Insider" is a person who works for the company and accesses, modifies or takes computer information and data that they are not allowed to.
Rogue insiders could be:

·         A disgruntled employee.

·         Someone that's just being nosey and accessing data which they don't have clearance to or for non-work related reasons.

·         An employee with inadequate  IT security knowledge and opens a malware infected email or visits malicious websites at work.

·         An employee who's been recruited by a competitor company to steal or damage data or cause harm to the companies reputation.

The last type of rogue insider mentioned above is the most dangerous. Their motivations for hacking their employer's system is almost always GREED. These "Rouge Insiders" hack purely for profit. They make their money either by stealing money directly from their employers or by stealing company/customer data with the view of reselling this data to a competitor. They might also use the stolen customer data to steal money directly from the customer. 

The Spy (Corporate and Governmental)

 The Corporate Spy: 

The corporate spy is normally a "hacker for hire" and use their hacking skills purely for financial gain. These hackers are normally contracted by companies to perform hacks on their competitors with the view of leveraging a corporate advantage over those competitors. This is also known as industrial espionage.

Companies may recruit a "corporate spy" to perform the following:

·         Learn about what new developments the competitor is working on.

·         Steal information such as product blue prints.

·         Learn about a competitor's financial position.

·         Find any "dirty laundry" about a competitor to use against them.

·         Steal customer information with the view of snatching the customers away from the target company.

·         Cause damage to the competitor's system with the view of hindering performance.

·         Damage the competitor's credibility.

The Governmental Spy:

Most world governments have their own departments of hackers in their employ. For the "governmental spy" their motivation for hacking is that it's a job.  These hackers may be involved in law-enforcement, keeping tabs on the populous (Although many governments deny this) or military operations and could either be trained by the government or be a reformed hacker. These hackers are normally employed or contracted by governmental departments like the police, national security and intelligence organisations or the military. 

When it comes to military hackers, in peace-time these hackers may be used to keep an eye on other countries affairs (Once again most governments deny this) and at times of conflict these hackers can be used to obtain intel on the enemy and/or cripple the oppositions communications network and infrastructure making them a soft target. 

The Criminal

The "Criminal Hacker" is motivated purely by money and has a complete disregard for social order. These are the hackers that will steal your bank account information in order to take your money. As the victims of criminal hackers are normally faceless it makes them an easy target and the criminal hacker's conscious is barely affected.

Although most criminal hackers do it for their own financial gains, there is an exception; some criminal hackers are in actual fact hacktivist extremists who destroy commercial property to justify their disagreement and hatred towards certain corporations, governments or religious groups.

 The Reformed Hacker

 These are White-Hat hackers who used to Black-Hat hackers but they were either caught or ceased illegal hacking before they were caught. The skill acquired from Black-Hat hacking have made them highly skilled system security professionals with an edge over their competition in the work environment because they already know what system flaws to look for. While experience counts towards them when it comes to finding employment many companies are weary about hiring a reformed hacker due to their dubious past.

The motivations for "Reformed Hackers" are normally to make an honest wage however there are some hacker who pretend to be reformed but are actually trying to gain access to company systems.

 The Tinkerer

The Tinkerer is a hacker who's not content with the standard settings of a software application or electronic device (Like a smart phone). Their motivations may be to either enhance the capabilities of a software application or to "crack" security protocols in the application against the manufacturers licensing terms. The Tinkerer may perform these hacks in order to make pirated copies of a software application or allow the "cracked" device to be able to install unofficial applications.

Most Tinkerers don't think that what they do is illegal and in some instances it's not. From the Tinkerer's perspective, by performing these cracks they are actually doing a community service.

 In Conclusion

There have lately been many high profile hacking attacks on multi-billion dollar companies who have the best system security software and personal that money can buy. This just proves that no system is ever safe and there is not much anyone can do if a hacker really wants access to your system.

All you can really do is always keep your operating system and programs up to date and ensure that a reputable antivirus is installed on your computer. The last thing that you want to do is make it easy for a hacker to infiltrate your computer system.

The above article is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

You are free to republish a modified or "as is" version of the above work as long as you include the following attribution on the same page as the article and allow the users of your webpage to republish this work the same way.

1 comment:

  1. Gone are the days of hackers trying to break into a computer system for fun. With the entire world now reliant on the Internet and the fact that the Internet was not initially designed with anti-hacking measures in mind, the threats of a hack attack on anybody, be it a kid or a hardened criminal, are real.