Hackers And You: Part 1 – Hacking Explained
Welcome to the first part of our series on hackers and you. We will be throwing the spotlight on hackers and some of what you should know about them and how they relate to your VPS. In this first part, we’ll be starting with the hackers themselves.
What is hacking?
The term hacking itself originally referred to the adapting of hardware or software to achieve a goal that is outside of the original design of the system. People who performed hacking were termed hackers. These days the word hacker is most commonly used to refer to someone who is attempting to bypass some form of security on a system.
The dark and the light sides of hacking.
Security hackers are largely split into two groups, white hat and black hat hackers. White hat is a term used to refer to hackers who usually work in the security industry and make use of hacking techniques in a legal manner. White hackers perform tasks such as finding and disclosing security vulnerabilities to software manufacturers or systems administrators. The term black hat is used to reference a hacker who is attempting to find and use security vulnerabilities with a malicious intent, such as to steal or sell data or vandalize a system. Generally, unless you’ve hired a white hat hacker to test your systems then the chances are that you’ll be coming up against black hat hackers.
Pros and convicts
As with many other walks of life, not all hackers are created equal. The most commonly encountered type of hacker is the ‘script kiddie’, a somewhat derogatory term used to reference a hacker that doesn’t particularly have any skills of their own but makes use of scripts and software written by other hackers in order to compromise systems. Some hackers focus on finding vulnerabilities in software that they can write exploits for that they then sell for the script kiddies to use. Others focus on breaching particular systems or organizations to steal data, money, or to hold organizations to ransom. These types of hackers tend to be quite organized and dangerous, and are the ones that are usually portrayed in the media.
Fortunately, the latter group generally target people and businesses specifically for a reason. So unless there’s something in particular about you or your website to attract them, they’ll likely ignore you in favor of more lucrative targets. These are the sort of people who go after companies like Ashley Madison and Equifax. In contrast to this targeted methodology of hacking, script kiddies use a very scattergun approach. Often they will start with a script that will probe IP addresses on the internet, with the aim of determining whether they have any software running on them that the script kiddy has an exploit that they can use against it. There are so many of these scripts being run by so many people that a new server freshly added to the internet could be being probed and potentially have exploits being tried against them less than an hour after appearing online.
Nation State Hackers
Finally, we have nation-state hackers, employed by their government tasked with hacking into servers or services belonging to another country. For the most part, unless you are running a service for the government or important for your country then these people are likely to ignore you. That said, there are some government-sponsored script kiddies out there, though these often deface random websites in order to post propaganda for their government or against another country’s government.
Now that we’ve covered who hackers are, in our next part of this series we’ll be looking at some hacking motivations and why they might go about hacking you.