Every day, we hear about a new security breach, but who’s behind these attacks? Whether you’re dealing with the “professional mercenary,” the “cyber warrior” or the “malicious insider”, hackers come in many shapes and sizes. They have access to a varying set of resources including tools and utilise a broad range of attack techniques to [...]

The Sunday Times Sri Lanka

Hackers, who are they ?


Every day, we hear about a new security breach, but who’s behind these attacks? Whether you’re dealing with the “professional mercenary,” the “cyber warrior” or the “malicious insider”, hackers come in many shapes and sizes. They have access to a varying set of resources including tools and utilise a broad range of attack techniques to steal valuable information or cause business disruption. As a result, it’s crucial that organisations understand the motivations, sophistication, and potential impacts of hackers.

The term hacker was first used to describe a programmer or someone who hacked out computer code. Later the term evolved to identify an individual who had an advanced understanding of computer systems, networking, programming or hardware, but did not have any malicious intent. When the Internet appeared, these people found a new realm where they could travel through the virtual world. They were often exploring and learning how security systems, computers, networks, or programs worked. Today, an individual who illegally breaks into networks or computers or create computer viruses to damage or steal information to profit from their innate hacking capabilities is referred to as a hacker.

Hackers have different motives; some hackers are politically motivated. They destroy, disrupt, take control of targets, commit espionage, and make political statements, protests or retaliatory actions. Another set of hackers are motivated to steal intellectual property or other economically valuable assets such as funds and credit card information, commit fraud, industrial espionage and sabotage and blackmail. While other hackers are motivated for socio-cultural reasons and carry out attacks for philosophical, theological, political, and even humanitarian goals.

Sometimes, these include fun, curiosity, and a desire to gain publicity or ego gratification.The following are personas and categories the organisations have to defend against:

- A Black Hat Hacker is typically referred to as just plain “hackers”. They continue to technologically outpace white Hat hackers and often manage to find the path of least resistance, due to human error or laziness, or with a new type of attack technique. Hacking purists often use the term “crackers” to refer to black hat hackers and they are motivated generally to profit.

- Script Kiddy is a derogatory term for black hat hackers who use borrowed tools or programs to attack security systems, networks, applications, servers and deface websites in an attempt to make names for them.

- Phreaker is a telecom network hacker who hacks a telephone system illegally to make calls without paying for them.
- Hacker activists, or hacktivists, are both organised and unorganised. They are motivated by politics or religion, while others may wish to expose wrongdoing, or exact revenge, or simply harass their target for their own entertainment.

- State Sponsored Hackers belong to nation states who realise that it serves their military objectives to be well positioned online. They have limitless time and funding to target civilians, organisations, and governments.

- Spy Hackers are hackers for hire who are hired by organisations to infiltrate their competition and steal trade secrets. They may hack in from the outside or gain employment in order to act as a mole. Spy hackers may use similar tactics as hacktivists, but their only agenda is to serve their client’s goals and get paid.

- Cyber Terrorists are both organised and unorganised groups. They are generally motivated by religious or political beliefs; attempt to create fear and chaos by disrupting critical infrastructures. They are by far the most dangerous, with a wide range of skills and goals. Their ultimate motivation is to spread fear, terror and even commit murder. There can be some overlap or difficulty in placing them into a particular category when these discrete groups collaborate and share intelligence in a given situation.

In addition to the above, disgruntled employees may also launch retaliatory attacks or threaten the safety of internal systems while some insiders may be financially motivated to misuse company assets or manipulate the system for personal gain, while unintentional insiders may also unwittingly facilitate outside attacks. These give rise to operational cybersecurity risks. The inadvertent actions, generally by insiders, are without malicious or harmful intent. However, the deliberate actions by insiders or outsiders are intentional and are meant to do harm. The inaction generally by insiders, such as a failure to act in a given situation, either because of a lack of appropriate skills, knowledge, guidance or availability of the correct person to take action, cause more collateral damage to the organisation.

On the other hand, a White Hat Hacker is a qualified computer security expert who specialises in penetration testing and other methodologies to ensure that an organisation’s information systems are secure. These IT security professionals rely on a constantly evolving arsenal of technology to battle hackers but lag behind technologically. Organisations engage White Hat hackers to identify weakness in the security systems, computers, networks or programs and implement appropriate controls to mitigate risks arising from the hackers. These assessments have to be carried out continuously and especially when there is a major change or upgrade to systems, network or architecture and not just once a year to meet compliance requirements.

(The writer is a Governance, Risk and Compliance professional and a Director at Layers-7 Seguro Consultoria (Pvt) Ltd. He is the currently serving Secretary of the (ISC)2 Chennai Chapter, and a board member of the (ISC)2 Colombo Chapter. He can be emailed at sujit@layers-7.com).

What is hacking really?
Despite all the negative connotations associated with the word “hacking”, the initial idea of a “hacker” was first described, in the Hacker’s Dictionary (ironically), as “a person who enjoys exploring the details of programmable systems and how to stretch their capabilities, as opposed to most users, who prefer to learn only the minimum necessary”. So the next time you find yourself at a tech event, or even one of Sri Lanka’s growing-in-popularity hackathons, don’t be alarmed if you notice the term being thrown about, or proudly displayed on team t-shirts, because in this world, it’s actually a good thing.

Advertising Rates

Please contact the advertising office on 011 - 2479521 for the advertising rates.