Attackers and Cybersecurity Professionals

Attackers are individuals or groups who attempt to exploit vulnerability for personal or financial gain. Attackers are interested in everything, from credit cards to product designs and anything with value.

Amateurs – These people are sometimes called Script Kiddies. They are usually attackers with little or no skill, often using existing tools or instructions found on the Internet to launch attacks. Some of them are just curious, while others are trying to demonstrate their skills and cause harm. They may be using basic tools, but the results can still be devastating.

Hackers – This group of attackers break into computers or networks to gain access. Depending on the intent of the break-in, these attackers are classified as white, grey, or black hats. The white hat attackers break into networks or computer systems to discover weaknesses so that the security of these systems can be improved. These break-ins are done with prior permission and any results are reported back to the owner. On the other hand, black hat attackers take advantage of any vulnerability for illegal personal, financial or political gain. Grey hat attackers are somewhere between white and black hat attackers. The grey hat attackers may find a vulnerability in a system. Grey hat hackers may report the vulnerability to the owners of the system if that action coincides with their agenda. Some grey hat hackers publish the facts about the vulnerability on the Internet so that other attackers can exploit it.

White Hat Hacker – These are ethical hackers who use their programming skills for good, ethical and legal purposes. White-Hat hackers may perform network penetration tests in an attempt to compromise networks and systems by using their knowledge of computer security systems to discover network vulnerabilities. Security vulnerabilities are reported to developers for them to fix before the vulnerabilities can be threatened. Some organizations award prizes or bounties to white hat hackers when they inform them of a vulnerability.

Grey Hat Hacker – These are individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage.an example would be someone who compromises a network without permission and then discloses the vulnerability publicly. A grey hat hacker may disclose a vulnerability to the affected organization after having compromised their network. This allows the organization to fix the problem.

Black Hat Hacker – These are unethical criminals who violate computer and network security for personal gain, or for malicious reasons such as attacking networks. Black-hat hackers exploit vulnerabilities to compromise computer and network systems.

Organized Hackers – These hackers include organizations of cyber criminals, hacktivists, terrorists, and state-sponsored hackers. Cyber criminals are usually groups of professional criminals focused on control, power, and wealth. The criminals are highly sophisticated and organized, and they may even provide cybercrime as a service to other criminals. Hacktivists make political statements to create awareness to issues that are important to them. State-sponsored attackers gather intelligence or commit sabotage on behalf of their government. These attackers are usually highly trained and well-funded, and their attacks are focused on specific goals that are beneficial to their government.