IT 101: Who are the Attackers?
Welcome to IT 101, where the experts at 2W Tech will tackle a hot topic in the IT industry and break it down for educational purposes.
“Hacker” used to be the catchall term for a person who used advanced computer skills to attack computers. That morphed into a variety of “hat” titles — white hat hackers for ethical attackers, gray hat hackers for vigilantes shaming organizations into fixing their vulnerabilities, etc. But those titles did not always accurately reflect the different motives and goals of the attackers.
The following are more descriptive categories of hackers:
- Cybercriminals – Strictly speaking, cybercriminals are a loose network or attackers, identity thieves and financial fraudsters who are highly motivated, less risk-averse, well-funded and tenacious. Instead of attacking a computer to show of their skills, cybercriminals have a more focused goal of financial gain.
- Script kiddies – Script kiddies want to attack computers yet lack the knowledge of computers and networks to do so. They instead do their work by downloading automated attack software, or scripts, from websites and using it to perform malicious acts.
- Brokers – Brokers sell their knowledge of a vulnerability to other attackers or even governments. These buyers are generally willing to pay a high price because this vulnerability is unknown to the software financier and thus unlikely to be “patched” until after new attacks based on it are already widespread.
- Insiders – Employees, contractors and business partners also pose a serious threat to an organization. Most malicious insider attacks consist of the sabotage or theft of intellectual property.
- Cyberterrorists – These attackers’ motivation is ideological, attacking for the sake of their principles or beliefs. They can be inactive for several years and then suddenly strike in a new way.
- Hacktivists – Attacks by hacktivists can involve breaking into a website and changing the contents on the site as a means of making a political statement against those who oppose their beliefs.
- State-sponsored attackers – These attackers target foreign governments or even citizens of the government who are considered hostile or threatening.
With so many potential threats to your organization, you should not tackle cybersecurity alone. Contact 2W Tech for help with your defenses.