Security+ TechNotes - Attackers

4. Attackers and their motivation

Attacks, as well as the attackers, come in many different shapes and forms. Before we go through the most common types of attacks, we'll first have a look at who the attackers are and what their motivation is. Please note that the descriptions below are used and abused often more incorrect than correctly, and are not defined in any standard.

Hackers
The term hacker is used to define someone who overcomes limitations in hard and software by using clever solutions, often to 'problems' the typical computer user doesn't even know of. A hacker wants to know the ins-and-outs of a system and go even further. Curiosity and competition are often part of the motivation of a hacker. In terms of security the term hacker is often used incorrectly to describe malicious individuals who gain unauthorized access to network resources. The hacker community has made several attempts to take back the word 'hacker' by providing alternatives to define those that do have malicious intentions, such as 'cracker'. These attempt have largely failed, because today it is quite common to use the word hacker when talking about someone who breaks into computers. When a security system is breached by someone who cracked passwords, it's said the system is 'hacked'.

Crackers
A cracker is a more proper term to describe someone with malicious intentions who gains unauthorized access to network resources or software. They crack passwords, code, and software to gain unauthorized access to a system in order to steal, alter, or destroy data.

Black Hats
These are considered the bad hackers, the crackers. Their motivation includes money, recognition ("Look at me, I hacked the NSA!", "I told you Microsoft Windows has more back doors than the Matrix!"), improving security, and various criminal intentions.

White Hats
 These are considered the good guys, hackers with a certain level of ethics. Their goal is to improve security and create awareness. They are often employed by security companies to work as security auditors and perform penetration testing.

Grey Hats
 Black hats turned white who use their black hat skills for a white hat job.

Script Kiddies
These are the amateurs, the wannabees. They usually don't have a lot of resources nor knowledge about the target, nor advanced hacking skills, but they can be disastrous nevertheless. Especially when they play with the tools written by more knowledgeable hackers and crackers.

Governments
Intelligence agencies who want to stay on top of things usually have a department with extremely skilled hackers and crypto-analysts. They have the resources, the money, and usually know a lot about the target.

Employees
The not-so-trustworthy employees who are already connected to the network which gives them a head start if they have malicious intentions. Attacks by ex-employees who want revenge or settle a score are quite common. That's why it is important to disable the user account of an employee as soon as possible. Preferably, although often not possible, as soon as the employee knows he or she is going to get fired. Also employees without an ill agenda can do lot of damage. Do to improper configurations, users can be given the access and the rights to damage resources in the network. A lot of times this is done unintentionally. The user accidently deletes, moves, or changes company resources or stumbles on private information about other employees or customers (i.e. salaries, social security numbers) when browsing the file server.

Hacktivists
This type of attacker is usually out to make a political statement create awareness about certain issues. Examples are human and animal rights activists. They often don't have an extreme amount of skills or knowledge about the target, but they may have a lot of resources. A common attack from hacktivists is a DDOS attack performed by gathering enough people with the same ideals who have a computer with Internet connection.

Terrorists
Scum of the earth who attempt to cause chaos and worse, often for political or religious reasons. Unfortunately, they have a lot of resources and skills, and know the target very well.

L33t hax0rs (Elite hackers)
Usually script kiddies with an Unreal Tournament, or similar online multiplayer first-person-shooting game, addiction. In case they do have any skills they usually waste them on cracking games to give them an unfair advantage. Their motivation is typically to win by cheating and showing off the little amount of skills they have.
 
Current related exam topics for the Security+ exam:

DOMAIN 1.0: General Security Concepts

1.4 Recognize the following attacks and specify the appropriate actions to take to mitigate vulnerability and risk.
- DOS / DDOS (Denial of Service / Distributed Denial of Service)
- Back Door
- Spoofing
- Man in the Middle
- Replay
- TCP/IP Hijacking
- Weak Keys
- Mathematical
- Social Engineering
- Birthday
- Password Guessing
-- Brute Force
-- Dictionary
- Software Exploitation
Rate this paper at SecurityDocs.com:
Date: Saturday, June 12, 2004
TechExams.Net		 Author: Johan Hiemstra
CNA CCNA CCDA CWNA
MCSE NT4 MCSA 2000/2003
Security+

Featured Sponsors

TrainSignal - “Hands On” computer training for IT professionals. Network+ Training, MCSE, Cisco & more! Visit Train Signal’s free training site to get loads of Free Computer Training, videos, articles and practice exams.

Preplogic - Experience over 8 hours of FREE LearnSmart Video Training, the smartest, fastest and most effective way to learn MCSE, Network+ and many more. Never Open a Book Again. Click here.

The CWNP® Program - the industry standard for vendor neutral wireless LAN training and certification. Career certifications in WLAN administration, WLAN security, WLAN analysis, and CWNE for wireless LAN experts. Learn more about the CWNP Program. Find a class near you.
 

All images and text are copyright protected, violations of these rights will be prosecuted to the full extent of the law.
2002-2008 TechExams.Net | Advertise | Disclaimer