Types of Hackers
White Hat Hackers: White hat hackers are the one who is authorized or the certified hackers who work for the government and organizations by performing penetration testing and identifying loopholes in their cybersecurity. They also ensure the protection from the malicious cyber crimes. They work under the rules and regulations provided by the government, that’s why they are called Ethical hackers or Cybersecurity experts.
Black Hat Hackers: They are often called Crackers. Black Hat Hackers can gain the unauthorized access of your system and destroy your vital data. The method of attacking they use common hacking practices they have learned earlier. They are considered to be as criminals and can be easily identified because of their malicious actions.
Gray Hat Hackers: Gray hat hackers fall somewhere in the category between white hat and black hat hackers. They are not legally authorized hackers. They work with both good and bad intentions; they can use their skills for personal gain. It all depends upon the hacker. If a gray hat hacker uses his skill for his personal gains, he/she is considered as black hat hackers.
Script Kiddies: They are the most dangerous people in terms of hackers. A Script kiddie is an unskilled person who uses scripts or downloads tools available for hacking provided by other hackers. They attempt to attack computer systems and networks and deface websites. Their main purpose is to impress their friends and society. Generally, Script Kiddies are juveniles who are unskilled about hacking.
Green Hat Hackers: They are also amateurs in the world of hacking but they are bit different from script kiddies. They care about hacking and strive to become full-blown hackers. They are inspired by the hackers and ask them few questions about. While hackers are answering their question they will listen to its novelty.
Blue Hat Hackers: They are much like the script kiddies; are beginners in the field of hacking. If anyone makes angry a script kiddie and he/she may take revenge, then they are considered as the blue hat hackers. Blue Hat hackers payback to those who have challenged them or angry them. Like the Script Kiddies, Blue hat hackers also have no desire to learn.
Red Hat Hackers: They are also known as the eagle-eyed hackers. Like white hat hackers, red hat hackers also aims to halt the black hat hackers. There is a major difference in the way they operate. They become ruthless while dealing with malware actions of the black hat hackers. Red hat hacker will keep on attacking the hacker aggressively that the hacker may know it as well have to replace the whole system.
State/Nation Sponsored Hackers: State or Nation sponsored hackers are those who are appointed by the government to provide them cybersecurity and to gain confidential information from other countries to stay at the top or to avoid any kind of danger to the country. They are highly paid government workers.
Hacktivist: These are also called the online versions of the activists. Hacktivist is a hacker or a group of anonymous hackers who gain unauthorized access to government’s computer files and networks for further social or political ends.
Malicious Insider or Whistleblower: A malicious insider or a whistleblower could be an employee of a company or a government agency with a grudge or a strategic employee who becomes aware of any illegal activities happening within the organization and can blackmail the organization for his/her personal gain.
Common types of attacks
Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
Man-in-the-middle (MitM) attack
Phishing and spear phishing attacks
Drive-by attack
Password attack
SQL injection attack
Cross-site scripting (XSS) attack
Eavesdropping attack
Birthday attack
Malware attack
Basic terminologies in cybersecurity
Cloud
A technology that allows us to access our files and/or services through the internet from anywhere in the world. Technically speaking, it’s a collection of computers with large storage capabilities that remotely serve requests.
Software
A set of programs that tell a computer to perform a task. These instructions are compiled into a package that users can install and use. For example, Microsoft Office is an application software.
Domain
A group of computers, printers and devices that are interconnected and governed as a whole. For example, your computer is usually part of a domain at your workplace.
Virtual Private Network (VPN)
A tool that allows the user to remain anonymous while using the internet by masking the location and encrypting traffic.
IP Address
An internet version of a home address for your computer, which is identified when it communicates over a network; For example, connecting to the internet (a network of networks).
Exploit
A malicious application or script that can be used to take advantage of a computer’s vulnerability.
Breach
The moment a hacker successfully exploits a vulnerability in a computer or device, and gains access to its files and network.
Firewall
A defensive technology designed to keep the bad guys out. Firewalls can be hardware or software-based.
Virus
A type of malware aimed to corrupt, erase or modify information on a computer before spreading to others. However, in more recent years, viruses like Stuxnet have caused physical damage.
Trojan horse
A piece of malware that often allows a hacker to gain remote access to a computer through a “back door”.
Worm
A piece of malware that can replicate itself in order to spread the infection to other connected computers.
Encryption
The process of encoding data to prevent theft by ensuring the data can only be accessed with a key.
BYOD (Bring Your Own Device)
Refers to a company security policy that allows for employees’ personal devices to be used in business. A BYOD policy sets limitations and restrictions on whether or not a personal phone or laptop can be connected over the corporate network.
Pen-testing
Short for “penetration testing,” this practice is a means of evaluating security using hacker tools and techniques with the aim of discovering vulnerabilities and evaluating security flaws.
Social Engineering
A technique used to manipulate and deceive people to gain sensitive and private information. Scams based on social engineering are built around how people think and act. So, once a hacker understands what motivates a person’s actions, they can usually retrieve exactly what they’re looking for – like financial data and passwords.
Specialization in cybersecurity
Architecture and Policy
The cybersecurity architect designs and implements secure architectures and translates standards, business processes, and frameworks into internal policies. In most organizations, this is an experienced engineer, typically with many years in IT, who can make complicated tradeoff decisions. In other words, they can typically think of several ways to tackle a particular problem, and then sort through those alternatives to find the best solution.
Data Loss Prevention (DLP)
These engineers deploy and manage security applications such as malware detection on endpoints and servers. Many modern anti-virus systems on PCs use an advanced client connected to services on the back-end to push out signature updates and the like. These engineers make sure the system stays up to date and troubleshoot negative interactions with new applications (that sometimes interfere with virus checkers).
Governance, Risk and Compliance (GRC)
These analysts measure and quantify risk, performs internal audits against best practices and standards, and develop plans for business continuity and disaster recovery. Risk analysis is becoming quite important because it must align with business risk. Applications and programs critical to the business need more protection than others, and it’s up to these analysts to make sure the risk has been identified and mitigated properly.
Identity and Access Management (IAM)
This team manages identification, authorization and permissions across all systems. Because of the proliferation of protocols and technologies (OAuth, SAML, etc.), they tend to be protocol experts across all platforms, from desktops and servers to smartphones and tablets. They also need to understand and enforce identification policies across the entire organization. This includes understanding roles and role-based access management for business processes.
Incident Response and Forensic Analysis
Even the best defenses are breached from time to time. This team runs the Security Operations Center (SOC) and does threat hunting and detection. They detect and analyze security events and correctly respond by taking appropriate action, whether that means disconnecting a machine, or simply sand-boxing a piece of software to determine if it is malware.
Penetration Testing
This is the most commonly outsourced specialization, but many organizations still perform some internally. This team intentionally attacks systems to expose vulnerabilities and probe weaknesses. Often called the “Red Team,” they attack systems and processes exactly as a black hat attacker would. Done correctly, they can expose weaknesses and vulnerabilities before the real attackers do
Secure DevOps
This is the hands-on team that actually manages systems in the data center (or cloud). They securely install, configure, and operate systems and software—especially dedicated security products such as firewalls, intrusion detection, and even dedicated HSMs (Hardware Security Modules) to hold sensitive keys and certificates.
Secure Software Development
Some organizations develop software to sell as a product, while others develop their own software just to use internally. In either case, this team develops and tests applications to have minimal vulnerabilities. They typically use rigorous processes and policies regarding software architecture, and then use special tools to scan software for vulnerabilities.
Reference: GFG, cybintsolutions