What is Hacking? – Definition from Trenovision

Hacking

A hacker is a person who enjoys learning the details of computer system and how to stretch their capabilities – as opposed to the most computer users who prefer to learn only the minimum amount necessary. Person who is an expert of any kind. Joys the intellectual challenge of creatively overcoming or circumventing limitations.

Types of Hackers

Mostly there are three type of Hacker –

  • White Hat
  • Grey Hat
  • Black Hat

White Hat

  • Hacker who breaks security but who does so for altruistic or at least non malicious reasons. 
  • Clear defined code of ethics. 

Grey Hat

  • Ambiguous ethics.
  • Borderline legality.

Black Hat

  • Subvert computer security without authorization.
  • Uses technology for terrorism, vandalism, identity theft, intellectual proper theft

 

What is ethical hacking?

An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. 

To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. 

Ethical hacking is also known as penetration testing, intrusion testing, red teaming. An ethical hacker is sometimes also called a white hat. 

Need of Penetration Testing

  • To identify the potential vulnerabilities and subsequently repair them.
  • To measure risk. Give a better review of the current security mechanisms.
  • Used to show where security fails.
  • Can test intrusion detection and incident response.
  • Can be used to justify the need for an upgrade, bigger budget, or to validate risk assessments.

Miscellaneous Hackers

Apart from the above well-known classes of hackers, we have the following categories of hackers based on what they hack and how they do it −

Red Hat Hackers

Red hat hackers are again a blend of both black hat and white hat hackers. They are usually on the level of hacking government agencies, top-secret information hubs, and generally anything that falls under the category of sensitive information.

Blue Hat Hackers

A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch. They look for loopholes that can be exploited and try to close these gaps. Microsoft also uses the term BlueHat to represent a series of security briefing events.

Elite Hackers

This is a social status among hackers, which is used to describe the most skilled. Newly discovered exploits will circulate among these hackers.

Script Kiddie

A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept, hence the term Kiddie.

Neophyte

A neophyte, “n00b”, or “newbie” or “Green Hat Hacker” is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.

Hacktivist

A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivism involves website defacement or denialof-service attacks.

Threats & Vulnerabilities​ in Hacking

  • Threat is a potential occurrence – malicious or otherwise – that may harm an asset.
  • Vulnerability is the weakness that makes the threat possible.

Types of  threats​ in Hacking

  • Attack on availability
  • Attack on confidentiality
  • Attack on integrity
  • Attack on authenticity

Attack on Availability

  • Interrupt communication channel
  •  Or bring down Destination

​Threats​

  • System not available
  • System not useable

Attack on Confidentiality

  • Attacker listens communication

Threats​

  • Give away private Information
  • Spying passwords
  • Profiling

Attack on Integrity

  • Attacker modifies information send over the​ channel

Threats

  • System not confidential at all

Attack on Authenticity

  • Attacker fakes identity and inserts counterfeit​ objects into the system​.

Threats

  • Information not confidential
  • No one is sure to communicate with the right partner​.