What is a hacker?
Hackers are technically skilled people working in the hardware and software sector. They look for vulnerabilities in IT systems in order to draw public attention to them or use them for unauthorized access. Often they are also able to modify operations in an IT network or even paralyze them completely.
Reading Time: .
- A definition of a hacker ➔
- What types of hackers are there and what are their goals? ➔
- What methods do hackers use? ➔
- Is hacking legal? ➔
- Who are the most well-known hackers? ➔
- Which are the most notorious hacker groups? ➔
- What are the biggest hacks in recent history? ➔
- How can companies protect themselves from hackers? ➔
- What you need to know about hackers ➔
A definition of a hacker
Originally, the term “hacker” comprised a subset of people who were enthusiastic about technology, who analyzed devices and software, acquiring a great deal of knowledge about these topics. Creativity, a thirst for knowledge, and sophistication in IT were required to understand all of the backgrounds of these systems—criminal ulterior motives were practically non-existent at the time, quite the opposite.
“Hacking means testing the limits of what’s possible, in the spirit of playful cleverness,” explains Richard Stallman, the well-known programmer and founder of the “Free Software Movement” in the early 2000s. The negative connotation of the term came much later. Only once the storage and dissemination of sensitive data on the internet became more popular and networking between IT systems increased both at home and in the business world did cybercrime also rise.
However, if you stick to believing that a hacker is basically just a “technology nerd” who wants to understand the interrelationships of IT systems, then you should familiarize yourself with the following less common terms: crackers and script kiddies. A cracker is the real cybercriminal—his goal is to inflict damage and to enrich himself, often by employing “cracked software.” Copyrights as well as privacy policies are, to put it mildly, of secondary importance to him. Script kiddies—a token of belittlement often indicative of considerable ignorance—represent a growing threat to the internet and its users. They make reckless use of scripts that are more or less harmful and often created by others, barely aware of how they work. And their motives? Boredom, general interest in the subject matter, and an attitude of “try it out and see what happens, regardless of consequences.”
What types of hackers are there and what are their goals?
In attempting to define the different types of hackers, today the metaphor of hats originating in Hollywood’s version of the wild west is often invoked. In westerns, the cowboys wearing white hats are the “good guys” and the ones wearing black hats are the “bad guys.”
“Well-meaning” hackers work to improve the security and reliability of products such as software applications, operating systems, smartphones, or even cars and other means of transportation (e.g., public transport). It is likely that there is virtually no IT product to whose security hackers have not made a contribution—either with or without payment. White hats or “ethical hackers” fall into this category. They turn their talent and extensive IT knowledge into cash by getting hired by companies or private individuals to check their IT systems for possible vulnerabilities. Security gaps in networks and software are detected, bugs are repaired, and steps are taken to ensure that other, sometimes less well-meaning outside hackers have no chance of penetrating the system without authorization. For some years now, there have even been internationally recognized certificates, which ethical hackers can use to verify their knowledge and positive ethos.
The exact opposite of white hats: black hats are considered the criminal wing of hackers. They use their skills to infect systems with malware to illegally obtain money or information. Regardless of whether it’s user names and passwords, credit card data, information from company networks, or access to systems: black hats are able to use this information for their “ignoble” goals and turn it into money, sometimes even blackmail. Attackers do not always work on their own accord: those spying on governments, government agencies, and companies in other countries also do so in return for remuneration from their client.
Welcome to the gray zone of the hacker world: gray hats do not necessarily want their activities to cause harm, but they sometimes employ illegal methods. Those affected are not necessarily asked for permission before being hacked. Any potential vulnerabilities in IT systems are frequently openly published on the internet without giving the manufacturer and those responsible for security sufficient time to patch them. This exposes the users of the vulnerable product to a higher level of risk, since the information can also be misused by other hackers (such as black hats).
They are often politically motivated or have the general good in mind in their actions, or they want to promote freedom of expression. In doing so, however, they often employ unlawful methods, causing harm to people not involved (e.g., WikiLeaks). Likely the most well-known hacktivist group is Anonymous. Besides various politically motivated hacks, Anonymous is known for its attacks on the providers of child pornography and, as an act of vigilante justice, the subsequent disclosure of user data.
A variety of other “hats:”
Then there are the sub-categories of green hats, blue hats, and red hats. A green hat is often equated with a script kiddie; someone who is fairly ignorant, is testing himself and his abilities, and, by doing so, more often than not spreads vandalism across the net without really meaning to do so. A blue hat is something akin to a white hat, at least as defined in Microsoft circles (accordingly, there was even a blue hat conference in the past). Other sources often see them as vengeful hackers who operate similar to a black hat. Red hats are generally considered the “Batmans” of the hacker scene—they keep an eye out for black hats and often take their pursuit into their own hands without involving law enforcement authorities.
What methods do hackers use?
Hackers are continuously perfecting their techniques and approaches. Cybercriminals and IT security companies are engaged in a veritable arms race. Ultimately, there will never be complete and total protection against the increasingly sophisticated methods of hackers.
Their most well-known attack techniques include:
A backdoor provides alternative access to a software or hardware system that simply bypasses access security. This kind of access may be implemented intentionally or installed in secret.
Trojans, worms, viruses:
Hackers inject malware into the operating system of their victims, for example to read, modify, or delete data.
A rootkit is a software package designed to remain hidden on the computer while allowing remote access to it. The big difference from viruses and the like: rootkits grant administrator access to a system—a virus “infects” it and modifies data/software to replicate itself.
An exploit is a systematic way of infiltrating IT systems by exploiting vulnerabilities or security gaps in software. It can be both a purely theoretical description of the vulnerability as well as an executable or usable program code for immediate use. For hackers, exploits are key tools for tampering.
A keylogger is a piece of hardware or software used to log, monitor, or reconstruct everything the user enters into a computer. Keyloggers are also often used by hackers to gain access to confidential data such as passwords and PINs.
In a DDoS attack, a hacker’s primary goal is to overload a network. If this happens, the performance of a website can slow to a crawl, or even fail completely, and network-dependent processes may be restricted.
Social engineering is the precisely planned manipulation of people to obtain information. Nearly any method of communication and technology can be used for this purpose, from phone calls, emails, and text messages, to personal conversations—anything is possible.
Hackers use a collection of networked computers or Internet of Things (IoT) devices on which a bot has been installed to take advantage of the processing power, network connectivity, and data of these systems to carry out further attacks.
Advanced Persistent Threats (APTs):
An “Advanced Persistent Threat” (APT) is a cyber attack in which an unauthorized person gains access to a network and tries to remain undetected for as long as possible.
Is hacking legal?
According to current computer criminal law (German Federal Law Gazette I 2007, No. 38 of August 10, 2007, p. 1786), computer crimes (especially with respect to white-collar crime) include all crimes in which a computer is used as a means of committing an offense or as the object of the offense. Specifically, according to the German Criminal Code (StGB), the following offenses are considered computer crimes:
- Fraud using illegally obtained credit cards with PIN
- Computer fraud (Section 263a StGB)
- Forgery of data of probative value (Section 269 StGB)
- Deception in relation to data processing in legal commerce (Section 270 StGB)
- Data manipulation (Section 303a StGB)
- Computer sabotage (Section 303b StGB)
- Data espionage (Section 202a StGB), software piracy, etc.
In the past few years, reforms have been incorporated into the law in the areas of data espionage (Sections 202a et seq. StGB), data manipulation, and computer sabotage (Sections 303a, 303b StGB). The recently introduced “hacker paragraph” (Section 202c StGB) likely represents the most controversial change: Whereas according to the previous legal situation, the acquisition of specially protected data by an unauthorized person by circumventing security precautions was alone punishable by law, unauthorized access to this data (“hacking”) now constitutes a criminal offense.
To summarize: The hacker paragraph provides for a substantial tightening of the past legal situation by extending criminal liability, meaning that now even mere unauthorized access or the circumvention of access protection are punishable. Anyone who intercepts unauthorized data is also liable to prosecution according to Section 202b StGB.
Who are the most well-known hackers?
- Kevin Mitnick: The American often dubbed the “world’s most famous hacker” attracted international attention for his hacking activities against 40 of the world’s largest companies. He is now an IT security consultant.
- Adrian Lamo: In his relatively short life, he was instrumental in the arrest of whistleblower Chelsea Manning and after gaining unauthorized access to computers at The New York Times, Yahoo, and Microsoft in the early 2000s was sentenced to two years’ probation, with six months of home detention.
- Kevin Poulsen: Also known as “Dark Dante,” he hacked into the Pentagon’s IT system by successfully guessing passwords, and stole highly confidential documents. He later became an investigative journalist (Wired).
- Albert Gonzalez: One of the most infamous credit card data thieves in hacker history, especially the Heartland and TJX hacks, was sentenced to 20 years in federal prison.
- Gary McKinnon: Also known as the “UFO hacker:” like Kevin Poulsen in his day, the native Scotsman hacked into the Pentagon and the networks of NASA, the US Army, Navy, and Air Force.
- Michael Calce: The Canadian-born hacker began his hacking career at the age of nine when he hacked into AOL to extend the 30-day free trial. He became known as “MafiaBoy” and for conducting DDoS attacks against some high-profile companies.
- Hector Xavier Monsegur: He became famous using the pseudonym “Sabu” and worked for years for the Anonymous and LulzSec hacking groups, for which he is said to have hacked into Sony and stolen customer data in 2011. However, he now counts himself among the white hats and protects his clients from other cyber attacks.
- Julian Assange: Who doesn’t know the living legend of WikiLeaks? The Australian hacked into American high-security networks and used his platform to publish sensitive data, together with his team. If extradited to the U.S., he faces an all but draconian prison sentence of 175 years under the Espionage Act.
Which are the most notorious hacker groups?
It is no longer a secret that the cyber underground has reached a dizzyingly high level of professionalism. Broad swathes of the public have also long since caught wind of this. However, the fact that hackers often organize themselves into collectives in order to profit from a broad spectrum of knowledge is a recent phenomenon. The best known hacktivist collectives and hacker groups include:
The Shadow Brokers:
The Shadow Brokers is a group of hackers that first appeared in the summer of 2016. They published several leaks containing hacker tools from the “Equation Group,” later identified as the US National Security Agency (NSA), including several zero-day exploits for Microsoft products. One of the leaks involved EternalBlue, the attack tool used in the largest global attack campaigns in history—WannaCry and NotPetya.
It is purported to have been the North Korean Lazarus Group that used the leaked EternalBlue exploit for its WannaCry campaign in 2017—one of the most devastating ransomware attacks to date with over 130,000 infected computers. In addition to countless private PCs, numerous systems in company networks, government agencies, and even hospitals were affected by the attack. The group is also believed to be behind an attack on the National Bank of Bangladesh in 2016, in which approx. US$ 81 million was stolen.
The Equation Group is a collective of hackers who are said to have ties to the US National Security Agency (NSA). In addition, security researchers assume that the group is connected to the developers of Stuxnet or even programmed the computer worm itself.
Fancy Bear, also known as APT28, is the hacker group that purportedly influenced the outcome of the 2016 presidential election by attacking the Democratic National Committee. IT security companies suspect Fancy Bear of operating from inside Russia since 2008, attacking companies and organizations in the aerospace, defense, energy, government, and media sectors. The group uses an arsenal of sophisticated malware technologies in its attacks.
Countless virtual bank heists with loot totaling an estimated US$ 1 billion have purportedly been committed by the Carbanak hacker group, aka Fin7. The hacker collective specializes in spear phishing attacks, in which people in key positions are very selectively targeted.
American IT security specialists believe that the APT37/Reaper hacker group works for the North Korean government. Although this group of cyber criminals also attempts to cover their tracks, they do not always succeed. Some of the malware used by the group in their attacks has already been attributed to North Koreans. APT37/Reaper specializes in espionage. Its targets are companies and organizations in neighboring countries, with the main focus on South Korea and Japan.
Anonymous is likely the most well-known, decentralized hacker group, operating worldwide in the name of the common good and often linked to the publication of personal data from the pedophile world. Their other campaigns targeted, for example, the Iranian government, well-known neo-Nazi websites, and also EU projects, such as the Copyright Act’s highly contentious Article 13.
Among its activities, this hacker group became known through RDoS attacks on Swiss banks and the ProtonMail mail provider. These and similar blackmail attacks are considered the “trademark” of the Armada Collective.
Sabu, the notorious hacker, is considered one of the most prominent members of this British hacktivist group, which has targeted corporations such as Sony, Nintendo, and Infragard. User account data was/is often stolen and then published.
What are the biggest hacks in recent history?
The Stuxnet worm is often considered the starting point for any discussion about the security of the IoT among the general public: Malware of the same name was discovered in June 2010 after being distributed via a USB thumb drive. This was followed by other instances of digital sabotage attacks on industrial plants, causing massive financial damage. This also includes the attack on the blast furnace of a German steel plant in 2014, which began with seemingly harmless phishing emails. The biggest headlines, however, were mainly for hacks in which data theft played a key role:
Sony Playstation Network:
In April 2011, from one minute to the next, nothing worked anymore for many PlayStation owners all over the world. The reason for this was a cyber attack on the PlayStation Network (PSN) digital service portal. In addition to taking PSN offline for nearly four weeks, the data (credit card information and personal data) of approx. 77 million PSN subscribers was also stolen in the cyber attack.
The private information of approx. 70 million customers of the largest retail company in the U.S. was stolen by a hacker group in 2013. This resulted in losses of approx. US$ 3.6 billion. Those responsible have not yet been convicted.
In mid-September 2013, cyber criminals attacked the Adobe software company. They stole approx. 38 million Adobe customer records, including the credit card information of nearly three million registered customers.
Yahoo Data Breach:
It will probably go down as the biggest data breach in history: In 2013 and 2014, the data (names, email addresses, phone numbers, security questions and answers) of over a billion Yahoo users was stolen. The damage it caused was estimated to be US$ 350 million. Analysts suspect that a possibly state-sponsored criminal gang was behind the hack.
After a hack of the Ashley Madison extramarital affairs website, the addresses, credit card numbers, and sexual preferences of approx. 40 million users were made public in 2015. A hacker group called Impact Team was allegedly behind this.
Nach einem Hack des Seitensprung-Portals Ashley Madison wurden im Jahr 2015 Anschriften, Kreditkartennummern und sexuelle Vorlieben von rund 40 Millionen Usern öffentlich gemacht. Dahinter steckte angeblich eine Hackergruppe namens Impact Team.
How can companies protect themselves from hackers?
Hackers, hacktivists, cyber criminals—all of them are capable of attacking any information technology target and are therefore a risk. Time and again, the theft of account and credit card data via phishing or spam mails causes a sensation, which can quickly become very expensive. To protect yourself from this, you need to pay a bit of attention and maintain your software so that no critical security holes can be exploited. Simple anti-virus software and regular updates are obviously inadequate in a business environment. It is important to provide education such as awareness training for all employees. The IT department must also be up-to-date and aware of the current threat situation. Meticulous auditing, careful monitoring, risk analyses, and a security-by-design approach generally help companies to protect themselves from cyber attacks as effectively as possible.
It is also advisable to work with a professional provider of protection solutions so that malware attacks, phishing mails, and DDoS attacks can be quickly and reliably blocked.
What you need to know about hackers
There is no such thing as perfect protection against a hacker attack—the methods of cyber criminals have now become so advanced that basic protective measures are often no longer enough to defend against them. In addition, many employees lack an awareness for digital security: If, for example, a spam email is unwittingly opened or a malicious website is accessed without hesitation, it may already be too late. For this reason, it is particularly advisable for companies to regularly train their employees and enlist the help of certified security service providers with industry experience who can identify and address potential problem areas. This also includes Myra Security, whose certified Security-as-a-Service platform reliably protects digital business processes. Smart Myra technology monitors, analyzes, and filters malicious internet traffic before virtual attacks can do any real harm.
If you are interested in futher informations, we are willing to send you our product sheet for free
How Myra DDoS Protection can reliably secure your website or web application against all DDoS attack vectors:
- How is the protection activated in case of attack?
- What are the advantages of Myra protection solution?
- What are the features of Myra DDoS Protection for web applications?