CircleID

There are more than just blue, black and white hat hackers. There are a few more types of folks out there that don't fit into the above categories. This article is taken from Stratfor with some commentary by myself.

Coders

Many of the hackers described in my previous post are also coders, or "writers," who create viruses, worms, Trojans, bot protocols and other destructive "malware" tools used by hackers.

Spammers who write their own viruses (to infect PCs into botnets) have an advantage over other spammers. Spammers who are coders with some background in marketing or psychology have a bigger advantage still.

Crackers

Crackers are hackers who circumvent or bypass copyright protection on software and digital media. The most prominent recent example of cracking was the "unlocking" of Apple's iPhones in order to break software-imposed restrictions on the use of GSM cellular networks other than AT&T (which made a deal with Apple to be the sole provider of iPhone service).

In anti-spam, a type of cracker might be someone who attempts to crack a spam filter. For example, some spammers will sign up for Hotmail accounts and spam themselves until something gets through. Once they do, they spam all of their Hotmail spammees.

Script Kiddies

Script kiddies represent an intermediate category of actor between regular computer user and hacker. A script kiddie is more knowledgeable about computers and the Internet than most users but has yet to develop the skills, experience and expertise to be a truly effective actor. This would be a lot like me pre-2004.

Script kiddies know just enough to get themselves in real trouble or to bring real trouble to bear on others. In my own world, I know just enough about our back end databases to be dangerous. It's really useful to be able to insert into the database, but at the same time it took me two hours to restore all the rules when I accidentally forgot to specify the rule number when I said update SpamRules set text='this is changing the spam rule'; Not including the "where rule_id=xx” really cost me some time.

After I did it a second time, I learned my lesson.

Bots and Zombies

Not all actors in cyberspace are human. This is not to classify every server and application in cyberspace as an actor. But there is a unique non-human actor in cyberspace known as a zombie, which is a computer wholly or partially controlled by a bot. A bot, for our purposes, is a parasitic program that hijacks a networked computer and uses it to carry out automated tasks on behalf of a hacker. Individual bots can be building blocks for powerful conglomerations of bots. One famous example is the conglomeration of bots infected by the Storm worm.

Once many bots and bot herders have been amassed, they can be consolidated into a collective computing network called a botnet, also called a "bot army." This allows a single hacker to wield simultaneously the computing power of many thousands of machines—or more—and accomplish tasks that would otherwise be impossible with a single computer. Mass spam campaigns are one of the uses of botnets. It makes it possible for spammers to send out piles of spam without triggering reputation filtering.

By Terry Zink, Program Manager. Visit the blog maintained by Terry Zink here.

Related topics: Malware, Security, Spam