Chapter 2.

Attackers and Risks

In order to plan and implement a good security strategy, you should first be aware of some of the

issues which determined, motivated attackers exploit to compromise systems. Before detailing these

issues, we will define the terminology used when identifying an attacker.

2.1. Hackers and Crackers

The modern meaning of the term hacker has origins dating back to the 1960s and the Massachusetts

Institute of Technology (MIT) Tech Model Railroad Club, which designed train sets of large scale

and intricate detail. Hacker was a name used for club members who discovered a clever trick or

workaround for a problem.

The term hacker has since come to describe everything from computer buffs to gifted programmers.

A common trait among most hackers is a willingness to explore in detail how computer systems and

networks function with little or no outside motivation. Open source software developers often consider

themselves and their colleagues hackers and use the word as a term of respect.

Hackers typically follow a form of the hacker ethic which dictates that the quest for information and

expertise is essential and that sharing this knowledge is the hackers duty to the community. During

this quest for knowledge, some hackers enjoy the academic challenges of circumventing security

controls on computer systems. For this reason, the press often uses the term hacker to describe those

who illicitly access systems and networks with unscrupulous, malicious, or criminal intent. The more

accurate term for this type of computer hacker is cracker   a term created by hackers in the mid 

1980s to differentiate the two communities.

2.1.1. Shades of Grey

There are levels of distinction to describe individuals who find and exploit vulnerabilities in systems

and networks. They are described by the shade of hat that they "wear" when performing their security

investigations and this shade is indicative of their intent.

The white hat hacker is one who tests networks and systems to examine their performance and de 

termine how vulnerable they are to intrusion. Usually, white hat hackers crack their own systems or

the systems of a client who has specifically employed them for the purposes of security auditing.

Academic researchers and professional security consultants are two examples of white hat hackers.

A black hat hacker is synonymous with a cracker. In general, crackers are less focused on program 

ming and the academic side of breaking into systems. They often rely on available cracking programs

and exploit well known vulnerabilities in systems to uncover sensitive information for personal gain

or to inflict damage on the target system or network.

The grey hat hacker, on the other hand, has the skills and intent of a white hat hacker in most situations

but uses his knowledge for less than noble purposes on occasion. A grey hat hacker can be thought of

as a white hat hacker who wears a black hat at times to accomplish his own agenda.

Grey hat hackers typically subscribe to another form of the hacker ethic, which says it is acceptable to

break into systems as long as the hacker does not commit theft or breach confidentiality. Some would

argue, however that the act of breaking into a system is in itself unethical.

Regardless of the intent of the intruder, it is important to know the weaknesses a cracker will likely

attempt to exploit. The remainder of the chapter will focus on these issues.