WATCH The Types of Hackers – Day 20 of Cybersecurity Awareness Month
Mike Miller 00:06
Small businesses and MSPs are under attack by hackers from anywhere at any time. And in this next segment, we learn about the different types of hackers out there and what their motivations are. To explain all about hacker types, we have Craig Taylor, CEO and co founder of CyberHoot with us today, Craig, tell us about these hackers types and why it’s important to understand their different goals for hacking.
Craig Taylor 00:30
Well, I’ll start with a story that’s more than 2000 years old. Sun Tzu was a Chinese general who wrote a book called The Art of War more than 2000 years ago. And it contains many hidden gems that the advice of which applies to modern cybersecurity defenses today, one of the critical statements he makes is to know thine enemy and what they want.
This is very important advice for SMBs and MSPs. Today trying to defend themselves against the onslaught of attacks from all these different kinds of hackers.
The Seven Types of Hackers
So let’s go through the seven different types of hackers that CyberHoot has identified, and what their motivations are. And in so doing, you’ll learn maybe a little bit better way to defend against it and whether or not you might be facing that adversary or not, depending on what you have in your business. So without further ado, there are the following seven types of hackers.
Number 1: is a black hat hacker, this type of hacker is solely out for their own benefit, often with money as their ultimate goal and motivation. And they do so at all costs, they have no regard for anyone else’s safety, security or businesses, they would sooner burn that business down and take all the money out of it, then do you know a little less damage and allow it to survive and take less money for themselves.
Number 2: is a grey hat hacker is somewhat of a misnomer, because this person might sometimes hack for good identifying bugs and making money and bug bounty programs to vendors of applications out there. But sometimes they go a little bit on the dark side, and they hack for their own personal benefit. And they keep it to themselves without reporting it to those vendors because they can monetize it better on the black market.
Number 3: are white hat hackers. These folks are cybersecurity professionals who hack for good. They almost exclusively make money on about bug bounty programs reporting to vendors on our what’s called a responsible disclosure method where they keep their findings private until the company issues a patch and then they go public with what they discovered in their hacking capabilities.
All three of those are motivated by one way or another by money. But white hack, hackers are the most ethical and try to do what’s right for society.
Number 4: are script kiddies. For example. If you remember the Wargames from the early 80s. These kids working in their kids parents basement tried to break into the Pentagon or the NASA and steal the space shuttle plans. They’re really out not to harm our companies, but to get notoriety and fame for their hacking exploits. Typically, they can’t write their own code. They’re using other people’s software to do their hacking. That’s why we call them script kiddies because they’re using other people’s scripts.
Number 5: Now the the hacker organization that worries me the most for the listeners out there is this next one SMBs and MSPs really need to pay attention to organized crime, who are hacking for money pure and simple. They’re the ones that are hiring the blackhat hackers to work for those organized crime families, to compromise them breach your companies with ransomware and extort you for money so that they can make their you know, their money that the way they normally made.
It was you know, in the old days, 100 years ago robbing a bank, but today you can’t really robbed a bank. There’s just too many smartphones and security measures. So they’ve taken their physical security threats, move them online, and it’s a lot easier to get away with hacking online and not get caught today than it ever has been in the past.
Number 6 and 7: So organized crime has realized that they moved a lot of their operations online to attack our companies are SMBs and MSPs. The next group of hackers is nation states. And every country of the world doesn’t matter if you’re Canada, the United States, China, Israel, all over the world. Every country has an offensive and a defensive hacking organization. And a lot of countries will hack businesses for their intellectual property and then share it with their own companies back home.
Now, I don’t want to name names, but there are some Asian countries that do a lot of this and help their companies build better products with Intellectual Property they’ve stolen from the US and the last group of hackers is hacktivist And these are hackers who are out to hack companies based on a social, political cause of some kind.
So if you’re a political organization, you may be hacked because they want to embarrass you about your internal conversations around your platform and your your machinations around how to win elections. If you’re a logging company or a farming company or commercial fishing company, you might be hacked because somebody out there believes you’re logging too much, or you’re farming with bad methods and you’re polluting our waterways or you’re fishing too much in your, you’re destroying our ocean. So there’s social causes for that.
So in summary, we’ve got seven different hacker groups. And I think we have a graphic that will will give you a quick view of this, but we have blackhat hackers. We have white hat hackers, and grey hat or grey hat hackers in the middle script kiddies, organized crime nation state sponsored hackers and hacktivist. These are the folks that are out there, and the cause of all these news articles we hear every each and every day.
Mike Miller 06:10
Well, I didn’t know there are so many different types of hackers out there Carig. This is truly a good example of how important it is to become aware of your adversaries and their motivation to help you become more secure.