Straightening Out the Hacker's Terminology
We've all heard of external hackers and rogue insiders. Many of us have even suffered the consequences of their criminal actions. So who are these people? And why is it important to know about them?
- Hackers (or external attackers) try to compromise computers and sensitive information for ill-gotten gains — usually from the outside — as an unauthorized user. Hackers go for almost any system they think they can compromise. Some prefer prestigious, well-protected systems, but hacking into anyone'ssystem increases their status in hacker circles.
- Rogue insiders (or internal attackers) try to compromise computers and sensitive information from the inside as authorized users. Rogue insiders go for systems they believe can be compromised for ill-gotten gains or revenge.
- Malicious attackers are, generally speaking, both hackers and rogue insiders.
- Ethical hackers (or good guys)hack a system to discover vulnerabilities for the purpose of protecting computers against illicit entry, abuse, and misuse.
Hacker has two meanings:
- Traditionally, a hacker is someone who likes to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work — both mechanically and electronically.
- In recent years, hacker has taken on a new meaning — someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack)systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable.
The good-guy (white-hat) hackers don't like being in the same category as the bad-guy (black-hat) hackers. (In case you're curious, the white-hat and black-hat terms come from Westerns in which the good guys wore white cowboy hats and the bad guys wore black cowboy hats.) There are also gray-hat hackers that are a little bit of both. Whatever the case, most people give hacker a negative connotation.
Many malicious hackers claim that they don't cause damage but instead are altruistically helping others. Yeah, right. Many malicious hackers are electronic thieves.
Defining rogue insider
Rogue insider — meaning a malicious employee, intern, or other user who abuses his or her privileges — is a term heard more and more within security circles and headlines talking about information breaches. An old statistic states that 80% of all security breaches are carried out by insiders. Whether or not this number is accurate is still questionable, but based on numerous annual surveys, there's undoubtedly an insider problem.
The issue is not necessarily users "hacking" internal systems, but rather users — from regular employees to auditors to contractors — who abuse the computer access privileges they've been given. There are cases of users ferreting through critical database systems to glean sensitive information, e-mailing confidential client information to the competition or other third parties, or deleting sensitive files from servers that they probably shouldn't have had access to in the first place. There's also the occasional "idiot insider" who's intent is not malicious but who still causes security problems nonetheless by moving, deleting, or otherwise corrupting sensitive information.
These rogue insiders are often our very worst enemies because they know exactly where to go to get the goods and don't need to be very computer-savvy in order to compromise very sensitive information.