The Technical Attacker is a person with in-depth knowledge of IT, often with appropriate training.
He is able to find vulnerabilities himself and to write corresponding exploits or adapt existing exploits.
Chaining together multiple exploits into what is known as an exploit chain to completely compromise a system is within its capabilities.
He is also familiar with exploiting the human factor in order to achieve his goal. As an additional motive to those already mentioned in the script kiddie, there is now also a strong monetary interest. His abilities allow him, alone or in a group, to make his abilities available to others as a service provider or to act directly as a perpetrator.
The news about successful phishing campaigns and ransomware attacks in recent years are clear evidence of this. Technical attackers represent the broadest range of potential attackers and, thanks to their know-how, can use a variety of attack vectors to achieve their short-term or long-term goals.
If you follow common mass media such as newspapers, news broadcasts or social media these days, IT security incidents are always reported by the attackers - by the hackers or the hacker.
Unfortunately, little is differentiated between these hackers in the reporting, because there are clear differences - similar to football - according to which one can categorize them.
Different types of hackers are presented below. The classification is based on two common categories. This is done on the one hand on the basis of the know-how and the resources that are available to them and on the other hand according to their modus operandi.
The gray hat differs from the white hat in that it does not ask for permission before attacking websites or breaking into internal networks - similar to the black hat but without its malicious intentions.
Even if these actions are not approved of by companies in principle, they are sometimes tolerated because of the helpful information they provide.
Gray Hats often cite the following reasons for their actions: curiosity and enjoyment of technology and the challenge, gaining recognition and notoriety in the IT security industry, and finally the assumption of creating awareness that the Internet is a dangerous space for shops is.
A script kiddie is someone who has an affinity for IT and a rudimentary knowledge base of how systems and computer networks work. In-depth understanding of the relationships between different protocols is not yet available. A script kiddie relies on ready-made tools and exploits to carry out his deeds, but he cannot customize them himself should the need arise.
The script kiddies' motives are rarely monetary in nature, but are based on activism or gloating.
The damage he can inflict himself is very dependent on external circumstances, such as the tools at his disposal and the state of his target's infrastructure.
Even if the technical options are limited, nowadays a script kiddie can fall back on more experienced attackers who offer their skills in the form of various services and thus cause more damage, primarily indirectly.
The Technical Attacker is a person with in-depth knowledge of IT, often with appropriate training. He is able to find vulnerabilities himself and to write corresponding exploits or adapt existing exploits. The concatenation of several exploits to what is known as an exploit chain to completely compromise a system is within the scope of its capabilities. He is also familiar with exploiting the human factor in order to achieve his goal. As an additional motive to those already mentioned in the script kiddie, there is now also a strong monetary interest. His abilities allow him, alone or in a group, to make his abilities available to others as a service provider or to act directly as a perpetrator. The news about successful phishing campaigns and ransomware attacks in recent years are clear evidence of this. Technical attackers represent the broadest range of potential attackers and, thanks to their know-how, can use a variety of attack vectors to achieve their short-term or long-term goals.
These are technical attackers who not only have excellent knowledge and skills, but are also supported by additional human and material resources - either by companies or by state institutions or organizations.
Their goals are primarily long-term and do not relate to their own monetary advantage, but to gaining information and manipulation, as well as to economic damage and damage to the image of their target.
This is not limited to attack vectors based on IT, but one uses, for example, the infiltration of one's own people into the company as regular employees or as employees of a business partner or supplier in order to create further possibilities with intelligence resources.
White hats are those hired by companies to improve their IT infrastructure as part of Independently to be checked for malware and potential vulnerabilities.
In doing so, they use the same methods that a black hat would use to give companies the opportunity to protect themselves from them. However, they always remain within the framework of the law.
The gray hat differs from the white hat in that it does not ask for permission before attacking websites or breaking into internal networks - similar to the black hat but without its malicious intentions.
Even if these actions are not approved of by companies in principle, they are sometimes tolerated because of the helpful information they provide.
Gray hats often give the following reasons for their actions:
Curiosity and enjoyment of technology and the challenge, gaining recognition and notoriety in the IT security industry and lastly the assumption to create awareness that the Internet is a dangerous space for business.
The Black Hat operates outside the law and pursues its goals solely for its own benefit and to the detriment of its victims.
They are the origin of many malware and malware kits that allow others to Malware to create. They also offer their know-how and skills to other criminals as a service.
