Monday, February 6, 2017

Myths and facts about the hacker phenomenon

A year ago, today...

The figure of the hacker has jumped into the breanch in recent times, going from being a term to define an almost mythological figure to key figure in books, movies and obviusly, the news of each day. Therefore, the time has come to review the trajectory of the term in the last year, to put a bit of order and distinguish between those who practice ethical hacking, cybersecurity professionals, those who use their skills to illicitly enrich themselves (should be considered cybercriminals) and all those interested in information security in its multiple variants.

"I admire hackers and I would like to be like them," Silvia Barreara, National Police Inspector and head of the Technical Section of the Technological Research Unit. These statements may seem surprising, but if you dig deeper into the hacker phenomenon, you will discover that once you eliminate the negative connotations of the term, a hacker (at least the type the inspector refers to in his interview) is a person with advanced knowledge of Programming and who knows in depth the internal workings of a system, in particular of computers and computer networks, someone with curiosity and desire for improvement who is always looking for the limits.

Against this positive concept of the hacker figure, there are some (increasingly) people who use their knowledge and skills for profit (cybercriminals) or to damage companies, users and institutions in order to achieve notoriety within the Community of so-called black-hat hackers, who are engaged in increasingly daring actions, such as could be introduced into hospital systems and alter vital signs that show patients' monitors.

In the hacker world the content is as important as the layout and that is why they value especially actions of breaker style, as the hackers who manipulated the Linux server to invite users to download a malicious version of the new version of the operative system, or on the other site, the hacker who manipulated the botnet of the infamous hacker group Evil Corp so that instead of infecting new users unsuspecting, send them a free antivirus.

Hackers not only work with computer systems as you can see in movies, because many are genuine social engineers who know that many times the human operator is the weakest link in the security chain of a system. Therefore, a "good" phishing campaign or the complete study of the victim's online information available is in most cases much more effective and discreet than a DDoS attack or brute force.

It is impossible to cover the entire hacker universe in just five paragraphs, but at least we hope that the reader will begin to understand the complexities of the term hacker and that it is time to pause for reflection and to abandon a simplistic version of the phenomenon, with the goal of learning to identify and distinguish those who have only desire of knowledge, those who have decided to become 'Cyber Robin Hood' that protect us (either as a profession or anonymously and altruistic), those who take advantage of their knowledge to commit crime and profit , the cyberactivists who face the system, those who only seek to go one step further and get a name in the world ... that is, the "world" of hackers is very much like the "real one", with a wide variety of profiles, typologies and motivations.



Post a Comment