When we talk about hackers, many people imagine the typical image of a person (usually teenagers) hiding in a room behind a computer, typing indecipherable commands until getting ahold of any valuable information that seems impossible to access. The reality goes beyond this stereotype created by Hollywood, a hacker may be the person we least imagine and their motives can be different. Some hackers are not always focused on money. To determine the best defense to protect our information, it would be better to know who these people are and what motivates them to cause this type of damage.
The word “hacker” comes from the English word “hack” which means “to give an ax”. Originally, the term was used to describe the way technicians fix defective devices, but now, the word has evolved to acquire a negative connotation.
This connotation is clear that it is due to the serious damage that can occur to a person or a company, the main purpose for doing so varies.
Hackers vs cybercriminals
Adam Tyler, Innovation Director of the company CSID, explains that the profile of the current hacker is a young videogame aficionado, accustomed to Internet and social networks, who learns hacking as a personal challenge, the same way that they try to overcome a complicated video game.
This profile of hacker – which we already know – uses hacking for fun. Their motivation is not financial but a challenge to itself, rather achieving notoriety in its community. However when the game starts to be a business, then the rules change, or they skip.
As explained by Chema Alonso, CDO of Telefónica, “do not confuse a hacker with a cybercriminal, the second can enter systems with a purpose with a monetary objective or companies to steal information. Hackers, on the other hand, do it only out of passion and without the intention of doing harm. “
The profile of the hacker
Virtually anyone with access to the internet can learn to be a hacker. A survey conducted by a computer security company in Latin America, states that 76% of hackers are men whose ages are between 14 years (8%) to 50 (11%). The average age is 35 years (43%).
It is difficult to differentiate one from another, since many hackers end up being cybercriminals. Hackers are restless minds who are always looking for new ways to use technology. A poll of 127 hackers revealed that 51% of respondents said that their main motivation when launching cyber attacks is “the search for emotions”, while 18% point to economic benefits as a reason.
Another characteristic of cybercriminals is that they do not act alone, they can operate in large organizations around the world attacking approximately 600,000 times per day.
Cybercriminals carry out their attacks not only to obtain monetary gains and confidential information, but also to affect the reputation of the company and its brand. For example, interrupting digital services such as blocking access to emails or websites, among other types of attacks that affect the operating system of companies.
Types of cyber attacks
The type of cyber attack could determine the ideals or motives of the cybercriminal, the most common are:
Cybercrime: uses techniques such as phishing, steal the identity of people or companies to perform bank fraud, empty accounts, etc. This is generally for economic purposes.
Hacktivism: Is damaging pages of large companies or the government to make a protest. The objective of these cyber attacks is ideological and / or social. Most known within the hacktivists is the Anonymous organization.
Cyber espionage: Compromises cybersecurity in companies. Since it deals with the theft of sensitive and valuable information, such as stealing private financial information from customers and employees, which then can be sold at very high prices on the black market.
Cyberterrorism: usually directed against governments or countries, affecting services such as health, defense, or infrastructure of great importance.
Types of hacker and how they operate
Each hacker has his way of operating. According to the actions he commits and the reasons he has, the most common classification is the following:
White Hat: The hero you who helps save you from cyber attackers, also known as “ethical hackers”, since they are people who work in computer security companies constantly looking for vulnerabilities to correct them.
Black Hat: This type of hacker is what we can define as a cybercriminal, he is the villain of the movie, they hack only for his personal interests. They use sophisticated techniques to access systems and steal data, destroy it or sell it on the black market.
Gray Hat: This person is a hybrid between the previous ones, because it is possible that he acts illegally but with good intentions. It can penetrate systems and disclose useful information to the general public, for example, accusing large companies of testing for the unauthorized collection of user data.
How do they choose their victims?
Hackers know who are the most vulnerable people for an attack. Their main targets are employees who have little knowledge about the proper use of computer systems. They also focus on hacking freelance workers, since typically these profiles consists of of people who have access to the systems of the company, but are not subject to corporate policies.
Why hack Social Networks?
Another favorite space for hackers are social networks. What do hackers look for in them? People using social media post photos, comments, new purchases etc. daily with family and friends. We are leaving information public to everyone, although it seems that it does not have importance, is of great value for cybercriminals. Since they can obtain a large amount of personal data and then use it in their favor.
Disseminate malwares sell our personal data, deceive users through phishing or other malicious actions that hackers can allow with all the information they get from our social networks.
How to recognize a cybercriminal in organizations
As we mentioned above, it is difficult to identify a hacker, because it could be the person you least expect. In spite of this, some characteristics could be taken into consideration in order to recognize a cybercriminal:
• A person with a high knowledge of computers and networks in general, such as, change of IP, use of Keylogger programs, use of unusual browsers, among others.
• People who take advantage of social spaces to ask about customer data and sensitive or restricted use information.
• They install spyware without authorization.
• Deactivate the antivirus software on the work equipment.
• They make use without authorization of computers or devices of the other members of the organization.
• Employees who work extra, beyond office hours without giving justification.
Although some features may be a bit exaggerated to justify the profile of a “possible” hacker, paying attention and getting to know the staff of the company does not hurt. The important thing is to ensure possible ways of where the attack may come.