Another element of defending your data is identifying potential attackers who might want to steal or manipulate that data. For example, a company might need to protect its data from corporate competitors, terrorists, employees, and hackers, to name just a few.
The term “hacker” is often used very generically to describe attackers. However, not all hackers have malicious intent.
Table : lists various types of “hackers.”
Type of “Hacker” | Description |
White hat hacker | A white hat hacker has the skills to break into computer systems and do damage. However, he uses his skills to help organizations. For example, a white hat hacker might work for a company to test the security of its network. |
Black hat hacker | A black hat hacker, also known as a “cracker,” uses his skills for unethical reasons (for example, to steal funds). |
Gray hat hacker | A gray hat hacker can be thought of as a white hat hacker who occasionally strays and acts unethically. For example, a gray hat hacker might be employed as a legitimate network security tester. However, in the course of his ethical duties, he finds an opportunity for personal gain and acts unethically to obtain that personal gain. |
Phreaker | A phreaker is a hacker of a telecommunications system. For example, a phreaker known as “Captain Crunch” used a toy whistle he found in a box of Captain Crunch cereal (which generated a 2600-Hz tone) to trick phone systems into letting him place free long distance calls. Convincing a telecommunications carrier to permit free long distance calls in this manner is an example of “phreaking.” |
Script kiddy | A script kiddy is a user who lacks the skills of a typical hacker. Rather, he downloads hacking utilities and uses those utilities to launch attacks, rather than writing his own programs. |
Hacktivist | A hacktivist is a hacker with political motivations, such as someone who defaces the website of a political candidate. |
Computer security hacker | A computer security hacker is knowledgeable about the technical aspects of computer and network security systems. For example, this person might attempt to attack a system protected by an IPS by fragmenting malicious traffic in a way that would go undetected by the |
Academic hacker | An academic hacker typically is an employee or student at an institution of higher education. The academic hacker uses the institution’s computing resources to write “clever” programs. Typically, these hackers use their real names (unlike the pseudonyms often used by computer security hackers), and they tend to focus on open-standards-based software and operating systems (for example, Linux). |
Hobby hacker | A hobby hacker tends to focus on home computing. He might modify existing hardware or software to, for example, use software without a legitimate license. For example, code that “unlocks” an Apple iPhone might be the work of a hobby hacker. |
As shown in Table , “hackers” come in many flavors, which leads to the question, “What motivates a hacker?” Some hackers might work for governments to try to gather intelligence from other governments. Some attackers seek financial gain through their attacks. Other hackers simply enjoy the challenge of compromising a protected information system.
However, at this point, you should be familiar with five broad categories of attacks:
Tidak ada komentar:
Posting Komentar