Hacking has grown up over the last few decades. When computers were big putty-colored boxes, hackers created juvenile malware pranks that flashed “Legalize Marijuana!” or sang Yankee Doodle across the screen.
Ethical hackers (white hats) use their hacking skills to check software for security flaws and report them before criminals can exploit them. Some hack into government agencies or critical companies as a sport.
Malware
Malware refers to various dangerous programs designed to infect and damage computers. It can include everything from worm malware that spreads to devices via USB sticks or other external storage, Trojan malware that imitates legitimate applications and programs so victims unknowingly install them, and even keylogger malware that records all your keystrokes.
There are different types of hackers with differing motivations. Script kiddies, for instance, are less experienced hackers who use off-the-shelf hacking tools to launch attacks. They typically cite personal reasons, such as seeking recognition or revenge. Hackers who work for money or profit are known as white hats and generally have a better understanding of the risks involved in their exploits.
Some hackers, called blue hats, are hired to steal and sell confidential information or intellectual property. They are also known for disrupting businesses or other organizations by using denial of service (DoS) attacks and publishing a victim’s private information online to ruin their reputations.
Many malicious attacks can do damage because they rely on unsuspecting people to open emails, click links, or download files. These hacked devices are then instructed by their creators to do their evil bidding, like infecting other computers and sites with malware, displaying unwanted ads, or mining cryptocurrency on visitors’ computers without their knowledge.
Viruses
Hackers use viruses and other malware to steal your data, access your computer systems and even hijack your website. A hacked site can become an attack vector for other criminals, such as ransomware and cyber-extortion, where hackers hold your data hostage until you pay a ransom to “unlock” it. Other attacks include:
- Cookie theft.
- Stealing login credentials.
- Redirection to other sites.
- Mining cryptocurrency on visitors’ computers.
Bad actors are motivated by various motives, including financial gain (stealing credit card details, committing fraud), corporate espionage, or gaining notoriety or respect for their hacking skills. In addition, this fake hacking script may also be driven by personal reasons, such as revenge against a former employer, or political motivations, like raising awareness about a particular cause.
Some hackers are called grey hats, and this term describes people who hack in good faith but without the intention of financial gain or harming others. Others are known as blue hat hackers, and these are people who fell for the thrill of it and often take vengeance on their employer or other organizations they feel have wronged them. Finally, some hacktivists are politically motivated and leak information and raise public awareness about specific causes.
If you receive a message that you have been hacked, contact an ex-hacker who can help determine whether the threat is real. They can also teach you to recognize the warning signs and identify the attackers.
Ransomware
Unlike other types of hacking, ransomware attacks have real-world consequences. Once ransomware is installed, it encrypts data files on an infected device. A message is then displayed saying the data can only be reaccessed by ransom, often in Bitcoin. This malware has proven remarkably successful, causing significant disruption to businesses, including a reported $1 billion loss to companies affected by the attack and shutting down the company.
Cybercriminals target ransomware victims for many reasons. Some attackers pick random targets, while others use data-sifting tactics to target organizations with sensitive information, such as hospitals, law firms, or government agencies. Additionally, attackers may choose to extort higher sums from organizations in affluent regions because they believe these organizations are more likely to pay them.
Fortunately, there are ways to protect yourself against ransomware attacks. For example, implement network segmentation to reduce exposure and enforce the principle of least privilege. This helps limit the number of devices that are exposed if one of them becomes infected. Also, a solid patching strategy can help thwart malware that exploits software or operating system vulnerabilities. Finally, always keep backups of your data to recover if an attack occurs.
Denial of Service
Black hat hackers are the stereotypical cybercriminals who use ransomware, spyware, and phishing attacks to steal sensitive information to exploit or sell for profit. They also may launch denial-of-service attacks (DoS) to take websites or networks offline for extended periods.
A DoS attack involves drowning a website, network, or service with data requests. These requests exceed the available internet bandwidth, CPU, and RAM capacity. Eventually, the service becomes so slow or unavailable that legitimate users experience frustration. This can range from a minor annoyance to seeing entire websites or business services taken offline for days.
Hacktivists use white, gray, and black hacking techniques to gain unauthorized access to systems or expose government or corporation intel hidden from the public. They also wreak havoc on organizations or people who oppose their political, social, religious, or environmental values.
Hacktivists gained unauthorized access to international government networks and private companies. These hackers used their skills to cause disruptions that caused public panic, financial loss, and loss of business. They are considered state-sponsored hackers who work under orders from foreign governments. This type of hacking is referred to as cyberterrorism.
