Hackers: The Good, the Bad and the Ugly

Monday, November 07, 2011

Emmett Jorgensen

8c4834b99847b9f7c9ee94b45df086f9

Article by Emmett Jorgensen

When someone mentions hacker, what is the first thought that comes to mind?  Admit it, you picture a shady criminal hacker attempting to access your private data for nefarious reasons. 

In general, hackers get a bad rep within the media.  They are portrayed as social outcasts or criminals looking to steal from or defraud the unsuspecting public.  The media frequently makes little or no distinction between hacker types; simply lumping them all together into a malevolent group. 

The truth is hackers come in all shapes and sizes.  Black hat hackers, white hat hackers, hacktivists, script kiddies, pen testers, etc.

The Good

White hat hackers (or ethical hackers) and pentesters are generally the good guys of the hacker world. Their services strengthen IT security through collaboration with organizations to test their information systems and processes. 

Pentesting generally falls into two categories: Black box, which simulates an outside attacker with no existing knowledge of the system attempting to be hacked; or White Box which simulates a possible attacker with insider knowledge of systems.  (There is also a Grey Box which resided somewhere in between.)

While pentester's generally concentrate on software and hardware systems, an ethical hacker may also encompass testing systems and personnel through phishing attempts, leaving flash drives or CD's in a parking lot, investigating for written passwords and more. 

By identifying potential vulnerabilities, organizations can then enhance their security systems and policies and train (or retrain) personnel as needed.

The Bad

Black hat hackers are the bad guys of the hacker world.  They're the ones who are stealing and selling personally identifiable information (PII), financial information, credit card numbers, and more.  This segment gets the majority of the press coverage and is responsible for incidents like the Sony Playstation hack.

Hacktivists generally fall into the bad guy category as well.  Their goals may occasionally be good, but their methods for achieving them are often questionable, mischievous and costly. Hacktivists include groups like Anonymous and the now (supposedly) defunct Lulzsec.

The Ugly

While I appreciate the efforts of white hat hackers and can sometimes understand the motivations of hacktivists, some hackers simply make no sense to me.  Worse yet, they make me question human nature. 

Take for instance, the hack of the Sesame Street Youtube account a few weeks ago.  The hackers replaced Sesame Street's Youtube content with porn.  Although it was only available for 20 minutes, who knows how many children stumbled onto this. 

The problem I have with this, beyond the obvious effect on innocent minds, is that this wasn't demonstrating a lack of security within a large corporation with massive amounts of personally identifiable information. 

It wasn't about making a political statement or bringing to light the relative lack of security of an organization thought to be secure.  This was simply for shock value and, frankly, is the worst type of hacking. 

People often aren't sympathetic when million or billion dollar corporations get hacked.  If government entities get infiltrated it is somewhat expected.  But Sesame Street?  Educational puppets, seriously? 

If they (the hackers) wanted to show their skills, they could have replaced the Sesame Street videos with something other than porn.  

Put simply, this is hacking at its ugliest.  And hackers of all types should be up in arms about this, because incidents like this are a black eye on hackers of all creeds.

Cross-posted from Kanguru Blog – Technology on the Move!

Possibly Related Articles:
14303
Network->General
Information Security
Penetration Testing Hacktivist hackers Black Hat White Hat Media
Post Rating I Like this!
Default-avatar
The Guke That was a true and good read. The problem is only responsibility with knowledge. Sadly, your general "Hacker" is always thirsting for knowledge and can/will run across info that will almost be too good to pass up.

I am a whitehat/pentester, most of what I do is with Bluetooth Security and is a vast field, however, the www blackhat hackers (I agree) are some of the worst. Porn with Sesame Strett? Really? Yeah, read about that a bit ago and just wasn't surprised at all. Even worst/more ugly is the fact that this particular hack was more of a prank and the "scare" remaains that more is possible...........and it is. What is more surprising to me is how many "Hackers" pass up what they know is possible, true there is evil, but nowhere near what it could be (I believe).

Advice to the public: If you know someone who is a bit more than computer friendly...AKA Hacker, just pick their brain for a while and see what I am talking about.
1320809887
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.