Friday, February 18, 2011

Seven Types of Hackers

This could also be titled "Taxonomies are Difficult".

Roger Grimes at InfoWorld has a Seven Types of Hackers article. Taxonomies are generally tough to do, and I think Roger could improve upon his list a bit. Let's break it down ...

Malicious hacker No. 1: Cyber criminals
Professional criminals comprise the biggest group of malicious hackers, using malware and exploits to steal money. It doesn't matter how they do it, whether they're manipulating your bank account, using your credit card numbers, faking antivirus programs, or stealing your identity or passwords. Their motivation is fast, big financial gain.

The #1 problem I have with this label is that all of the activities in the list are typically "crimes" in most jurisdictions. Therefore, people who participate in them are "criminals". And "Cyber" is an annoying word on many levels, but Joe Sixpack will associate that term with computers. I would have chosen "Petty Thieves" as a better label for this category.

Malicious hacker No. 2: Spammers and adware spreaders
Purveyors of spam and adware make their money through illegal advertising, either getting paid by a legitimate company for pushing business their way or by selling their own products. Cheap Viagra, anyone? Members of this group believe they are just "aggressive marketers." It helps them sleep at night.

I am not sure how "adware spreaders" fits for a good taxonomy name, but generally agree this is a legitimate category in and of itself.

Malicious hacker No. 3: Advanced persistent threat (APT) agents
Intruders engaging in APT-style attacks represent well-organized, well-funded groups -- often located in a "safe harbor" country -- and they're out to steal a company's intellectual property. They aren't out for quick financial gain like cyber criminals; they're in it for the long haul. Their dream assignment is to essentially duplicate their victim's best ideas and products in their own homeland, or to sell the information they've purloined to the highest bidder.

Malicious hacker No. 4: Corporate spies
Corporate spying is not new; it's just significantly easier to do, thanks to today's pervasive Internet connectivity. Corporate spies are usually interested in a particular piece of intellectual property or competitive information. They differ from APT agents in that they don't have to be located in a safe-harbor country. Corporate espionage groups aren't usually as organized as APT groups, and they are more focused on short- to midterm financial gains.

I find Category #3 ridiculously similar to Category #4. The only difference is whether they are free-lance (#3) or directly on the payroll (#4). Either way, I'd collapse these two categories into a single category.

Malicious hacker No. 5: Hacktivists
Lots of hackers are motivated by political, religious, environmental, or other personal beliefs. They are usually content with embarrassing their opponents or defacing their websites, although they can slip into corporate-espionage mode if it means they can weaken the opponent. Think WikiLeaks.

Hacktivisism may be a webism, but it's probably it's own category-- political activism through criminal operations on computer systems.

Malicious hacker No. 6: Cyber warriors
Cyber warfare is a city-state against city-state exploitation with an endgame objective of disabling an opponent's military capability. Participants may operate as APT or corporate spies at times, but everything they learn is geared toward a specific military objective. The Stuxnet worm is a great example of this attack method.

I despise the term "cyber warrior" or its parent "cyber warfare". Call it what it is: militaries and their contractors attacking each other. Criminal operations involving computers for a militaristic goal. So a much better title: Military & Military Contractors.

Malicious hacker No. 7: Rogue hackers
There are hundreds of thousands of hackers who simply want to prove their skills, brag to friends, and are thrilled to engage in unauthorized activities. They may participate in other types of hacking (crimeware), but it isn't their only objective and motivation. These are the traditional stereotyped figures popularized by the 1983 film "War Games," hacking late at night, while drinking Mountain Dew and eating Doritos. These are the petty criminals of the cyber world. They're a nuisance, but they aren't about to disrupt the Internet and business as we know it -- unlike members of the other groups.

I'm also not a big fan of this label. It could just as easily be called "Internet Graffiti".

Taxonomies are difficult-- very difficult-- to lay down on paper (or bits). If I were grading this one, I'd give it about a B- or maybe a B. It's far from grade A material, but it has its entertainment value.