May 23, 2011

The Cybercrime ‘Five’: Are all hackers the same?

Carl Leonard Principal Security Analyst

Hacker is a term used to mean a variety of things over the years, and as a catch all name for ‘bad guys’ perpetrating cybercrimes it’s pretty well accepted. Most people are unaware that different meanings exist when we say hacker, and it would be reasonable to ask why should you care? However, in understanding the motivation and objective behind your ‘hacker’  - you may be in a better position to plan an appropriate defence. Malicious hackers can be broken down in to 5 broad classifications, which we will explore in a series of ongoing posts. The first type we are going to explore are "Script Kiddies."

1. Script kiddies   

script kiddies

Who: This group want in on the action. They are usually thought of as barely shaving malodorous teens, hacking late in to the night, drinking pop and eating giant bags of crisps. Remember the film "War Games"? Despite the fact that it’s nearly 30 years later the resemblance is just as popular as ever. Often they break into computers using programs written by others, with very little knowledge about the way they work, other times they are flexing their newly formed cyber muscles.

Why: Because they can. These are not the hardened criminals of the cyber world  - their primary motivation is not money – it’s bragging rights. It’s all about proving they have the skills or hacking for the sheer thrill of doing something naughty.  At best they're a nuisance, at worst they are honing their CV for a future career in cybercrime.

What: In 2009 an 18-year-old hacker hijacked high-profile Twitter accounts, including Barack Obama and Britney Spears. He gained entry to Twitter’s administrative control panel by pointing an automated password-guesser at the account of a member of Twitter’s support staff, giving him the ability to access any Twitter account by resetting the password. Realizing he hadn’t used a proxy to hide his IP address, potentially making him traceable, he shared the knowledge with fellow hackers so they could hack the accounts instead.

 We'll continue to look at other types of hackers in future posts. Stay tuned for more Insights in the coming days.

Carl Leonard

Principal Security Analyst

Carl Leonard is a Principal Security Analyst within Forcepoint X-Labs. He is responsible for enhancing threat protection and threat monitoring technologies at Forcepoint, in collaboration with the company’s global Labs teams. Focusing on protecting companies against the latest cyberattacks that...

Read more articles by Carl Leonard

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.