The stereotypical view of a hacker is a young man living in his mother’s basement and hacking into computer systems while wearing a hoodie and eating tons of junk food.
While this is accurate in some cases, it is not as prevalent as Hollywood would like us to believe. Hackers look just like anyone else and many of them have “normal” jobs and then go home and hack on nights and weekends.
You can’t tell a hacker by looking at him. In fact, some hackers specialize in looking so normal and authentic that people don’t think twice about doing what they ask.
So if most portrayals of hackers in the media are inaccurate, then what are hackers really like? What motivates them? What risks do they pose to you both professionally and personally?
We’re here to help. Each article in the Hacker Ecosystem series on our blog will be focused on demystifying some aspects of how hacking really works. The series is broken into three general areas: Inside the Mind of a Hacker, The Infrastructure of Hacking, and Hacking and You.
The first step to understanding the threat that a hacker may pose to your organization is understanding how a hacker “works”. Most people think of hackers as being criminals but are all hackers criminals? What motivates hackers?
Why are they willing to sit in front of a computer all day trying to break into other people’s computers rather than getting a “real job”? Are there different types of hackers or are they all pretty much the same?
This part of the Hacker Ecosystem series is focused on answering all of these questions and more. You’ve probably heard the quote “know your enemy”. If you understand how hackers think, you have a better chance of protecting against them.
Cybersecurity is a ridiculously unfair game where a defender has to protect every part of their network and an attacker only has to find one thing that they missed. By learning to think like a hacker, you have a better chance of finding any weak spots in your defenses before they do.
In the beginning, hacking was essentially a game. There was no real money in it and most hackers were just those people who liked solving puzzles for the fun of it.
While hackers frequently broke the law in pursuit of fun, there was rarely any malice in it and the goal was playing a prank or getting into a computer just to show that you could.
Now, hacking is a business. There is definitely money in it and organized cybercrime is most definitely a thing. Hackers have even picked up a few tips from the business world and now commonly practice division of labor.
In this section, we’ll talk about how the business of hacking works. Some ways that hackers make a profit are obvious, like ransomware, but others may surprise you. We’ll get into the various roles and specializations that hackers have and what all is for sale on the Internet. Hackers are just like any other competitor or criminal organization and understanding how they work is an important step in protecting yourself from them.
The rest of this series is focused on the hacker with little or no mention of the other half of the hacker ecosystem: you. Any type of crime requires both a criminal and a victim to happen and this section is focused on the relationship between hackers and you. If you’re a smaller business, does this mean that hackers will decide that you’re not worth their time and leave you alone?
What’s the difference between an intrusion and an attack and how should your response differ? The articles in this section are intended to give you food for thought and help you start asking the right questions to get started improving your cyber defenses.