By Ondrej Krehel,

Back when the Internet was a baby, and I was taking my first steps in network security, hackers were a fairly homogeneous lot.

Sure, some were scamming businesses for personal gain, but most were simple graffiti artists – breaking into popular websites to splash around some MS Paint. It was a way to rebel and earn credibility within the computer community.

As the Internet has grown up, so have hackers. Here’s a quick rundown of who they are:

  • •  Hacktivists — These hackers aren’t driven by self-interest; they’re part of a social movement. Many groups, like LulzSec and Anonymous, are trying to do right – or what they perceive as right – to perceived wrongs. It’s vigilante justice wrought by the hive mind. They seemingly get a lot of press, especially after high-profile attacks and apparent support of Occupy Wall Street.
  • •  White Hats — Beyond hacktivists, there are old school white hats and black hats. (At least their names sound old school.) The white hats are essentially security professionals who use hacker skills such as penetration testing to test network security.
  • •  Black Hats — They’re doing the same thing as the white hats, but for gain and fame.
  • •  State-Sponsored Hackers — The last 10 years have seen the rise of state-sponsored hackers. Their handiwork was recently seen in the RSA data breach, which resulted in attacks on defense contractors Lockheed Martin and Northrup Grummon. They are government agents of militaries and intelligence services taking the war online.
  • •  Corporate Hackers — And there are corporate versions of these hackers, too. Their aim is to break into businesses systems to steal proprietary information or sabotage competitors. Of all the hacker types, these are the ones we’re least likely to hear about because it’s not in any company’s interest to announce that its secrets were stolen.

There are other kinds, too. The script kiddies, the vandals, the cyber terrorists – but the scale of their attacks seems to be dwindling, generally, compared to recent hacktivist and state-sponsored reports.

Why should you care about all this? Well last time we talked about a holistic security system. One component was threats. Knowing the type of hacker that could be targeting your data moves you one step closer to protecting it.

Ondrej Krehel, Chief Information Security Officer,
Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.

Leave a Reply