If you have recently paid attention to the news, I am sure you have heard the term “hacker” at least several times. What is a hacker? What do they do? Why do they do it? All good questions, to be sure, and we will look at the answers. But, first, let’s have a quick history lesson.
When we talk about information technology (IT) or cybersecurity, we know that we are talking about those computing devices that we use daily to process information for various reasons. Maybe it is to do our math homework, write a letter/email, or create a database at work. Some folks even use them to play games! A small percentage of people also use their computers to ‘hack’ into other computers or systems and networks for personal gain or just because they think it is fun. However, the term hacking did not start as a negative term in IT. Quite the opposite.
The term hack, or verb hacking, was used in the IT world to describe people who were very good at programming using various languages and getting results that were either not expected or were not known prior. A hacker would make computers do things they originally weren’t intended to do.
For instance, hackers these days use computers around the world to create botnets, which can then be used to cause disruptions in networks through distributed denial of service (DDoS) attacks or reduce the time it takes for a hacker to brute force guess a password/passcode for a target system.
Today’s definition of what a hacker is and does would be more along the lines of someone that uses their programming skills (or lack of them) to cause breaches in data systems, shut down specific components in a manufacturing business, or steal information for some illicit purpose.
Hackers today generally fit into one or more of many different categories:
- Activists
- Called hacktivists in the media, these people have a goal they wish to accomplish, and they are willing to cause a system breach or some other computing system/network failure to achieve that goal.
- Cybercriminals
- Stealing data for various nefarious purposes, such as to demand a ransom for its return.
- Espionage
- Spying on another company, person, or nation-state to get an idea of what they are doing, their policies, or even steal products or national secrets.
- Fun
- Simply wanting to do something that is considered fun or exciting or might get you into trouble if you are caught. Emphasis on the word “if.”
- Work
- Using one’s programming skills and knowledge to help ensure that their systems, networks, and data are secure by looking for vulnerabilities.
While I am sure there are quite a few different types of hackers than those I have listed, this is a good starting point.
In our (Northstarr’s) world, hackers fit within three general groups:
White hat – those who use their skills for legal and appropriate purposes;
The grey hat is not illegal necessarily, but not strictly legal either. These folks skirt the razor’s edge to do what they do;
Black hat – hackers that use breaching to gain money or other benefits through illegal methods.
It is good to know that there are hackers out there who have started in one category but have transitioned to another category. Many black hat hackers have gone over to white hatting either on their own or because they were caught and forced to do so. Their skills and knowledge made them too valuable to keep behind bars.
How will this Affect You?
Hacking, for most, is an art form. Hackers use their skills and experience to uncover the vulnerabilities that allow them to accomplish specific tasks and goals that further the hacker’s agenda. Whatever that agenda might be, you are potentially a target for their efforts.
As an individual computer user or someone with a smartphone, you are targeted because your system may contain personal information related to your banking, where you live, or even where you work. That information can be used to gain access to your credit lines, open bank accounts, or even figure out a way into the network where you work. Your system could also be used as one member of a botnet, which processes large amounts of information or allows hackers to initiate a denial of service (DoS) attack without being directly involved.
Perhaps you are working for a state or federal government agency. A hacker might be interested in finding out information about you and where you work, so they will look to hack your personal and work systems to do so. Maybe they want to access classified data or cause a power plant shutdown. Perhaps they just want to say they could have but didn’t.
Each of the above reasons is a possibility, a why, for a hacker to try to hack you. Each of the reasons above is a good reason to know that hackers are out there and that you could be their next target.
What should you do
Being aware of hackers and their goals is a great place to start. Suppose you know that you have valuable information (to understand the value of your data better, read this post) or that the information you work with could be used for which it wasn’t intended. In that case, you want to familiarize yourself with the tactics and techniques they use. Read up on what is happening in the world, and if you are connected in some way to those events, know that a hacker may be looking to buddy up to your gear.
Now, suppose you are in the IT world or cybersecurity. In that case, I am sure you are well versed in what happens when you become a hacking target, so your job is to work to mitigate or remediate the vulnerabilities in those systems and networks. You daily are researching new vulnerabilities and how to make them go away or at least be less of a threat. Or your organization is finding other ways to deal with the risk.
Never assume, even if you don’t think you have anything worth stealing or causing to break down, that a hacker won’t find you or take advantage of your situation. Assume, instead, that a breach is coming and that you need to put effort into trying to avoid it.
Northstarr Recommendations
Being the defenders of your data and systems is our job and goal. We are a team of professionals that work every day to ensure that our clients are safe and secure from hackers and those with malicious intent. To give you the tools to make sure you can access your data, verify its integrity, and keep it confidential.
Let us know your concerns and needs by contacting us today with your application for a free assessment of your IT and cybersecurity efforts. You can also call us and set up a meeting to discuss those needs and how we might help you at 888-767-2210.
Don’t wait for a hacker to take advantage of you. Contact us now!
