博客

Introduction to hackers

In computer security, a hacker is someone who focuses on security mechanisms of computer and network systems. While including those who endeavor to strengthen such mechanisms, it is more often used by the mass media and popular culture to refer to those who seek access despite these security measures. That is, the media portrays the ‘hacker’ as a villain. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. White hat is the name given to ethical computer hackers, who utilize hacking in a helpful way. White hats are becoming a necessary part of the information security field. They operate under a code, which acknowledges that breaking into other people’s computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context.

White hats are hackers employed with the efforts of keeping data safe from other hackers by looking for loopholes and hackable areas. This type of hacker typically gets paid quite well and receives no jail time due to the consent of the company that hired them.

Gray hats are hackers who are neither good nor bad, and often include people who hack ‘for fun’ or to ‘troll’. They may both fix and exploit, though gray hats are usually associated with black hat hackers.

Black hats or crackers are hackers with malicious intentions and steal, exploit, and sell data. They are usually motivated by personal gain. A cracker is someone who knows the web similar to hackers and doesn’t use the internet for gaining any extensive knowledge and are professionals in what they do but they are not the white collar heroes as security hackers are. Crackers use their skills to earn themselves profits or to benefit from criminal gain. Crackers find exploits to systems securities and vulnerabilities but often use them to their advantage by either selling the fix to the company themselves or keeping the exploit and selling it to other black hat hackers to steal information or gain royalties.

Information Security

Information security, sometimes shortened to InfoSec, is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of information. It is a general term that can be used regardless of the form the data may take (e.g. electronic, physical).

Information security threats come in many different forms. Some of the most common threats today are software attacks, theft of intellectual property, identity theft, theft of equipment or information, sabotage, and information extortion. Most people have experienced software attacks of some sort. Viruses, worms, phishing attacks, and Trojan horses are a few common examples of software attacks. The theft of intellectual property has also been an extensive issue for many businesses in the IT field. Identity theft is the attempt to act as someone else usually to obtain that person’s personal information or to take advantage of their access to vital information. Theft of equipment or information is becoming more prevalent today due to the fact that most devices today are mobile. Cell phones are prone to theft and have also become far more desirable as the amount of data capacity increases. Sabotage usually consists of the destruction of an organization′s website in an attempt to cause loss of confidence on the part of its customers. Information extortion consists of theft of a company′s property or information as an attempt to receive a payment in exchange for returning the information or property back to its owner, as with ransomware. There are many ways to help protect yourself from some of these attacks but one of the most functional precautions is user carefulness.

We should pay more attention to our information security. Here are some suggestions. Beware of suspicious emails and phone calls, avoid clicking on fishing scams. Practice good password management.