(We'll get through this without using an image of someone wearing a hoody)
Historically, we have not advocated our Cyber Security services and how thoroughly we can test your business for cyber weaknesses - and for good reason.
There are so many specialists and professionals who possess the skills to analyse your security vulnerabilities, but what is needed is more customer education around cyber security threats. We believe that educating our customers is the first step in empowering them in the war against cyber crime. In this way, we help you make informed decisions about who you feel would be the best fit to help protect your business.
No doubt you have heard about mass data breaches in top household brand names, and while we will look at some of the most infamous and nefarious breaches, we'd like to highlight the 'types' of hackers on the market (those who stand in broad daylight and those who operate in the underbelly of society).
The types of hacker are often referred to as wearing different coloured ‘hats’, with each one having a different implication for their target. To illustrate, here’s a list of what each 'type' of hacker does, and what that might mean for your business.
The stereotypical ‘hacker’ – the kind you hear about on the news.
Motives: Financial gain.
Aims: To break into your business and steal bank details, money or confidential data. They usually use these stolen resources for their own gain, to sell on to the black market (the Dark Web) or to extort your business.
What That Means for You: Black Hat hackers are at the top of the business risk list. Their methods are varied and range from complex to basic, so they can potentially be protected against. But if their attacks are successful, the results could be devastating for your business and your customers.
The polar opposite of the Black Hat - the 'White Knights', if you will
Motives: A desire to help, along with a passion for finding holes in security networks.
Aims: To protect organisations and people and support them in the ongoing battle against cyber threats. A White Hat hacker is someone like us – a company or individual who will help you protect your business. They can help you put effective protections in place, find vulnerabilities and provide solutions to solve them, before other hackers find them. There is even a qualification and organisation specifically for them – the CEH (Certified Ethical Hacker) from the EC Council.What That Means for You: A business that is well protected from every angle of attack in the digital world, and ongoing support in case of a breach.
Out for mischief.
Motives: Personal enjoyment.
Aims: Grey Hat hackers have all the skills of a Black and a White Hat hacker. The difference is, they don’t care about stealing from people, nor do they particularly want to help people. Instead, they like to play with systems and enjoy the challenge of finding gaps, breaking protections and generally just find hacking fun.
What That Means for You: Despite their skill set and the fact that they do break into systems, Grey Hat hackers will rarely do anything harmful. They break into things because they can, and then move on. Grey Hat hackers actually make up the majority of the hacking community, even though it’s the Black Hats most people know about.
Vengeful and aggressive in every way- but only if you create them.
Aims: Blue Hat hackers often take existing code for malware and viruses they find online, then modify it to meet their needs. They will use this code to target the business or individual they feel has wronged them and inflict their revenge.
What That Means for You: Generally, only a problem if you’ve made someone very, very angry (check your Twitter feed, TrustPilot and Google reviews!). This could be a customer, supplier or employee – anyone who might be so angry that they want to ‘make you pay’.
The caped crusaders of the cyber world.
Motives: Vigilante justice.
Aims: To put a stop to people they know to be Black Hat hackers. But they are downright scary in how they go about it. They essentially take the Black Hat’s arsenal and turn it back against them. Using malware, DoS attacks, viruses and Trojan Horses to destroy their machines from the inside out. It’s a pretty effective way of stopping them from attacking anyone else
What That Means for You: Nothing really. Red Hat hackers are similar to White Hat ones, in the sense that they are working to put a stop to Black Hat attacks on your business. But you probably won’t know about it.
New hackers honing their craft in the cyber world.
Motives: Learning to be Jedi level hackers.
Aims: Green Hat hackers are all about the learning and experience of hacking. They are new to the world of scripting, coding and hacking in general, so you probably won’t find one attacking. Instead, they join online message boards asking questions of the hacker community, honing their skills.
What That Means for You: Green Hat hackers don’t really represent a threat to businesses. They are still ‘green’, and more interested in learning how to hack than actually doing it.
This is something of an odd one out, since it’s neither a hat nor a colour! Be warned, a Script Kiddie can still cause problems, no matter how innocent the name sounds.
Motives: Causing chaos and disruption.
Aims: Script Kiddies have no interest in things as mundane as theft. Or, as it turns out, script. They don’t tend to develop their own software – instead they download existing malware development software and watch videos on how to use it. When they’re confident, they’ll attack. A typical Script Kiddie attack would be a DoS (Denial of Service) or DDoS (Distributed Denial of Service). This basically means they flood an IP address with so much useless traffic that it collapses. Think most retail websites on Black Friday. It causes chaos and prevents anyone else from using the service.
What That Means for You: While they might not present as a direct financial risk, Script Kiddies can be a pain and cause indirect loss of income. They can cause disruption to your business that can damage your reputation or lose you customers, and it can take some time to get everything back online afterwards.
While the media might do a good job of making all hackers out to be these malicious people who meet after dark and conspire to steal from innocent businesses, the reality is that there are lots of different kinds of hacker out there. Each have their own motives, skills and plans for your business, but that’s exactly the crucial point - “their” plans for “your” business. No-one should have plans for your business other than you.
So hopefully this article gives you a bit of an insight into the world of hacking in all its different natures. At Haptic Networks, we do offer penetration testing (by our Certified Ethical Hacker) as one of our cyber security services. We don't claim to be experts, but I'm confident we can help your organisation increase awareness and security. If you'd like a free consultation, just ask!