Describe Hackers And Their Activities

Cybersecurity and the activities of computer hackers are very much in the news these days.:key:

But do you know your Black hat from your Grey hat? And what about White hats?

Here is a list of some common terms used to describe hackers and their activities - particularly useful for those attending the cyber security session at the ICAS Conference:

Black hat

Someone who carries out hacking for illegal purposes, usually for financial gain. They break into secure networks to destroy, ransom, modify or steal data, or to make the network unusable for authorised users. The name comes from the fact that the villains in old silent black and white western films were easily identified by cinema viewers because they wore black Stetsons whilst the “good guys” wore white hats.

Back door

A hidden “conduit” into a computer system that bypasses the orthodox protection of logins and passwords, thus making them basically ineffective in protecting data.

Brute force attack

A highly intensive, automated search by a hacker for every possible password to a system so as to breach security and gain access to a computer.

Doxing

Discovering and then publishing the identity of an internet user by following their details online.

Grey hat

Someone who carries out hacking, but not for personal or financial gain. An example would be hacking, carried out as part of a wider political protest by activists to embarrass or shame an organisation whose policies, or official views they regard as anathema.

IP

Internet protocol address – a computer’s identifier or “fingerprint”. This is used to identify the person using the device, track its activity or to reveal its location.

Keystroke logging

Tracking which keys are pressed by the user of a computer so that the hacker can then record login codes and passwords to the system.

Malware

A program designed to seize control over or steal data from a computer.

Phishing

Duping someone into giving you their personal information, such as passwords, bank account details (such as PIN numbers) and credit card details by sending them emails which appear to come from bona fide people or organisations.

Spoofing

Altering a genuine email so that it now appears to come from somewhere else, such as from your bank and giving spurious instructions which, if followed, will imperil the security of your data.

Spyware

This is “malware” programmed to sit unnoticed on a computer and send back data surreptitiously to the hacker.

Trojan Horse

Malware disguised as a “benign” and useful piece of software, but instead installs a “back door” in your computer which then allows a hacker unlimited access to your machine.

Virus

Self-replicating “malware” that injects copies of itself onto your computer. It can then cause catastrophic damage such as destroying a hard drive but can also steal information and log keystrokes.

Whaling

Phishing that targets the senior echelons of management of an organisation by a hacker in pursuit of financial gain or greater exposure for a political cause. Whaling could be used to collect sensitive or deeply embarrassing information about an individual e.g. salary, bonuses, private address, email and telephone numbers.

White hat

A hacker who uses their skills for social good, or helps organisations by exposing vulnerabilities in their IT systems. This is the opposite of a black hat.