Supply Chain Defense
What is Hacking? Cracking the Code
July 27, 2020 | 2 min read
BlueVoyant
Hacking is an attempt to circumvent cybersecurity, typically with the intent of illicit activity. Hackers seek to exploit weaknesses that will compromise internet enabled devices, such as computers, smartphones, tablets, and networks. In most cases, hacking is unauthorized access and control over someone else's digital property.
Motivations for Hacking
There are multiple reasons why a person or group would want to gain access to another person’s digital property. Money, fame, unfair advantage, beliefs, and power are all motivations.
- Money: financial gain through credit card and BIN theft
- Fame: reputation, street cred, and popularity from vandalizing other websites
- Unfair Advantage: corporate espionage and theft of trade secrets to gain market share
- Beliefs: political or social-cause oriented “activists” who want the public’s attention to focus on their cause
- Power: international attacks aimed at destabilizing infrastructure, creating confusion and unrest
Hacker Personas
Hackers are typically bucketed into 5 groups that identify their objectives and how they’ve been known to behave:
- Ethical Hackers: also known as “white hat hackers” - these people are cybersecurity professionals who work to identify and fix weaknesses through penetration testing and vulnerability assessments. They are working on behalf of the digital property owner to help them improve their security posture.
- Crackers: also known as “black hat hackers” - these people actively work to break the security of computers and networks. They “crack” and compromise systems performing illegal activities and work to cover their tracks. They are typically seeking personal gain through data theft and sale.
- Gray Hats: people who may not have malicious intent, but who may violate ethical standards. They may engage in work that isn’t “above board” with the focus of “operating for common good”. They typically access systems without authority but reveal the weaknesses to the system owner.
- Script Kiddies: unskilled/novice hackers who use “off the shelf” hacking tools to gain access to computer systems.
- Hacktivists: hacker activists with social, religious or political agendas that target websites to share their messages by hijacking public-facing information.
Types of Hacking
Hacking typically requires some level of technological proficiency to execute a compromise. Common tactics include:
- Botnets: a group of compromised computers that can be tasked with various commands and most commonly used to download, install and steal data.
- DDoS attacks: used to force systems infected with malware to send requests to the target website with the aim of disrupting normal services.
- Ransomware: a type of malware used to infect a computer, block all access and demand a ransom from the user to regain access.
- Trojans: named after the Trojan horse of Greek mythology, a Trojan is malware masquerading as legitimate software, usually relying on the victim to click on or install the software.
- Viruses: the hacker releases these into the files of the system with the intent to corrupt data.
- Worms: a type of Trojan that is capable of replicating itself into other devices connected to the infected system.
How to Protect Against Hackers
With cyber-attacks on the rise, prevention as much as possible is the best way to go. Here’s how you can guard against hackers:
- Hardware: Protect against theft of physical devices as much as possible – secure computers to desks, protect your devices with a password and don’t write your password down.
- Data: Encrypt and back-up data, preferably off-site such as in the Cloud
- Software: Install antivirus, anti-malware and a firewall software to start. Online security programs and cybersecurity services should be considered based upon your needs.
In today’s advanced technical world, the most important guard against hackers is education. The more you learn and increase your awareness, the less likely you are to fall victim.
Related Reading
Digital Risk Protection
Breakdown of Takedown: An Overview of Tackling Phishing Threats
November 25, 2024 | 5 min read
Microsoft
Scary Cybersecurity Stories to Tell in the Dark: Tales from the Digital Depths
October 22, 2024 | 1 min read