As we increasingly live our lives digitally, the chance of our information being compromised, stolen and used for nefarious purposes is escalating. You may have heard of hackers and cyber terrorists, but there’s a whole ecosystem of cyber criminals and a sort of taxonomy security experts have come up with to describe them. Security software vendor AVG has helpfully outlined those categories in a piece from its Australia/New Zealand “security evangelist” Lloyd Borrett.
Know Your Enemy:
In the early days of computers, ’hackers’ were white hat good guys who tried to do no harm and hacker was a benign term. Hackers illegally accessed computers to learn more about them, or to find security holes in the computer or the network to which it’s attached. They did nothing malicious, used their skills for good purposes and took pride in the quality of hacks that would leave no trace of an intrusion. Today’s white hat hackers are typically computer security experts, who specialise in penetration testing and other security testing methodologies to ensure that a company’s information systems are secure.
During the early 1980s the lay of the land changed and we started to see the rise of ’crackers’. This refers to a person who intentionally accesses a computer, or network of computers, for evil reasons – typically, with the intent of destroying and/or stealing information. Today these bad guy crackers are sometimes referred to as black hats, or mostly just hackers.
Usually, both hackers and crackers have very advanced computer and networking skills allowing them to develop scripts or programs to help them attack computer systems and networks.
Hacking tools can sometimes fall into the hands of ’script kiddies’, who often use them randomly and with little regard or perhaps even understanding of the potentially harmful consequences. These script kiddies usually have very limited computer skills and can be quite immature, trying to effect large numbers of attacks in order to obtain attention and notoriety.
We typically use the term ’cyber criminals’ to describe those who use the Internet in illegal ways, or to facilitate illegal or fraudulent activities.
More specifically, cyber criminals are the people trying to put malware onto your system so that they can obtain valuable information such as credit card and bank account details, user names and passwords. This is identity theft and those responsible will either use the information to defraud someone, or sell it on to someone else who will.
Cyber criminals are also scammers and phishers who try to con you into giving them money. They might claim to need your help to transfer large amounts of money, or that you’ve won a prize in a lottery you never entered. Sometimes it’s the promise of an inheritance from a wealthy relative you’ve never heard of.
Some cyber criminals illegally distribute software, music, movies against copyright laws. They might even sell illegal forms of pornography. Typically their activities are entirely profit motivated, though in the cases of cyber bullying and cyber grooming the motivations lie elsewhere.
Not all cyber criminals have sophisticated computer and networking skills. Today, the vast majority of cyber criminals simply use the malicious tools and kits marketed for profit by those creating them.
In effect, most cyber criminals are simply up-to-date script kiddies, but now they’re motivated by profit, not notoriety. For about US$400, almost anyone can buy appropriate scripts and after about four hours of working through the instructions, be fully set up as a cyber criminal. Scary stuff.
People trying to illegally obtain information about companies or government organisations are known as ’cyber spies’. Typically when the attack is against a business it is profit driven, while when it’s against government organisations it is espionage.
People who carry out blackmail via the Internet are ’cyber extortionists’. For instance, threatening to release confidential information if an individual or company does not pay a large amount of money. Cyber extortionists may put in place a distributed denial of service attack (DDoS) against the web site or network of a business and demand payment to stop the attack. They might trick you into downloading and installing malware/scareware/scamware, for example rogue anti-virus software, and then demand payment in order for it to be removed.
Relatively new on the scene are ’cyber activists’ who use the Internet as a fast and cheap communications tool for their public movements. They may be involved in cause-related fundraising, community building, lobbying and organising public demonstrations. One example is Iranians using Twitter to organise mass protests in 2009.
Of course, one man’s freedom fighter is another man’s terrorist, so we also have ’cyber terrorists’. These are cyber criminals who use the Internet to destroy computers or disrupt Internet-connected services for political reasons. Just like a regular terrorist attack, cyber terrorism typically requires highly skilled individuals, a lot of money to implement, and detailed planning. An example is when hundreds of DDoS attacks in 2007 virtually took down the Internet in Estonia.
It seems that many countries, including the USA and China, have decided that the Internet is a valid tool to fight a war against their enemies. While the Internet can be used to greatly enhance military and economic power, it also presents a soft underbelly to present and future adversaries. Thus governments are recruiting and training ’cyber warriors’ to use the Internet for offensive attacks, and to protect us from such attacks by others. Sad, but true.