Media coverage of data breaches is increasing rapidly, especially with the public's watchful eye on organizations and the vulnerable systems they work with — easy targets for exploitation. However, the less-than-dramatic truth is that the frequency and scale of data breaches hasn't really soared* in the past decade, even if people are still at great risk of having their data exposed. The media itself has brought on the hype and created a fear culture around data breaches and malicious attackers.
And who are these malicious attackers? Well, according to the media, they're the hackers. We're living in a time when the media uses the term "hacker" in a primarily derogatory sense, to describe cybercriminals, the ones we must fight against, the bad guys who put our valuable private information at risk.
Never mind that we're not likely to take the necessary steps to protect that information, but that's a different subject...
So who are the hackers? Is the term even being used correctly?
The definition of a hacker may vary depending on who you ask, but in most cases involving media coverage, they're actually talking about "crackers."
So now we need to ask, are the terms "hacker" and "cracker" that different? And if so, what are the methodologies that separate them?
To truly understand their similarities and differences, we first need to learn what hackers and crackers are. And that is precisely what we'll be discussing in today's post.
- What is a hacker?
- What is a cracker?
- Differences between hackers and crackers
What is a hacker?
If we turn to the formal definition in the Internet Users' Glossary under RFC 1392, a hacker is "A person who delights in having an intimate understanding of the internal workings of a system, computers and computer networks in particular. The term is often misused in a pejorative context, where 'cracker' would be the correct term."
In simpler terms, a hacker is someone who uses their skills and knowledge to find vulnerabilities in computer systems and helps improve and patch those vulnerabilities. The knowledge they possess about programming, various computer languages, code and general computer security is advanced and used for morally good purposes. They're normally security professionals who can be hired by organizations to try and break into their systems, to audit DNS and their networks so they can identify any flaws they may have. They're often employed as part of the red team and blue team.
When hackers find a vulnerability or a threat, they document the process and notify the organization who hired them, or the software vendor who built the system, so that the vulnerability can be fixed before being exploited by malicious actors.
We often see the term white hat, or ethical hacker, linked to these good guys who use their skills for defense purposes.
Ethical hacking is rapidly becoming one of the most in-demand security roles. With different network threats, cyber security risks and vulnerabilities, the cost of security incidents is too much for organizations to risk. This is why ethical hackers now play a part in every modern organization’s security team.
In private organizations, some of the more common roles ethical hackers are likely to take include penetration tester, network security engineer, security analyst, information security manager and the like. Ethical hackers are also bug bounty hunters and make their careers out of it. Organizations offer public and private bug bounty programs where ethical hackers can probe their systems to find vulnerabilities, report them and receive bounties for it.
While the media has a knack for talking about black hat hackers and hacktivists, there are many influential white hats among history’s more famous hackers. Some of the most notable among them are Charlie Alfred Miller, who trolled Apple while discovering major vulnerabilities in their products; Jeff Moss, known as Dark Tangent and as the founder of two of the most prominent infosec conferences in existence, Black Hat and DEFCON; Dan Kaminsky, a hacker who has an attack type named after him due to his contributions to DNS security; and Tsutomu Shimomura, the hacker on the white side in a clash with infamous cybercriminal Kevin Mitnick.
We would also like to mention some less “traditionally” famous hackers and bug bounty hunters, such as Inti De Ceukelaire, NahamSec, Hakluke, STÖK, Eric Head, and many more who have made their mark on the security community in recent years.
Hackers are those who build and create. They learn and discover different computer systems, networks and often have previous experience in programming which only adds to their extensive knowledge. They build secure environments.
The saying "know your attacker" is never truer than when talking about hackers and their work; they use the same tools, software and even techniques as crackers. Hackers know what attackers look for when they’re planning an attack, and thus can use proactive security measures to protect against them. They build software and tools that might even be the same ones that crackers use, but they use them to improve security, not break it.
The approach hackers take is also similar to the one crackers use; they get into systems and networks to find loopholes in security, but the motivation behind their actions is purely non-malicious and ethical. They work with permission from the company who owns the system they're trying to break, and who is always informed of the end results. Because of hackers, vulnerabilities can be patched and threats avoided. Hackers' practices don't involve anything illegal and don't damage any data they come in contact with; they utilize their skills for a positive benefit.
What is a cracker?
Let's now jump to the formal definition of a cracker: "A cracker is an individual who attempts to access computer systems without authorization. These individuals are often malicious, as opposed to hackers, and have many means at their disposal for breaking into a system."
Crackers are also called "black hats." They look for backdoors in programs and systems, exploit those backdoors, and steal private information for use in a malicious way.
While hackers work to help organizations and individuals secure their systems and networks, crackers have a different objective in mind. When they break the security of a network, they do it illegally without the owner's permission and they do it for personal gain. The skills and knowledge they possess are used expressly to breach security with malicious intent. Their goal may be to steal credit card information, to get private data that can be leveraged for illegal activity, to get private data and sell it, or to simply destroy the data.
Crackers are the culprits who engage in cybercrime; they launch phishing campaigns on company employees, and crack devices ranging from routers and laptops to printers and fax machines to get into an organization's network. They often prey on companies when they're at their most vulnerable, such as during mergers and acquisitions, or they attack vendors in an organization's supply chain as they're most often the weakest link.
All attack vectors for crackers have the same final outcome: obtaining data illegally. The data can be compromised, but not always — as crackers can have different motivations behind their illegal activities.
"Cracker" as a term itself didn’t really stick, and isn’t so widely used in security circles. An equally appropriate term the community urges the media to adopt when talking about malicious hackers is “cybercriminal”, instead of using the term hacker, which is now widely reclaimed by white hats.
What motivates crackers?
Hackers create, crackers break and destroy. Crackers are often driven by financial gain: we're largely familiar with ransomware attacks where a cracker breaks into a system through phishing email and a malicious attachment, then blocks access to a computer or data and threatens the victim with exposing their private data if a ransom is not paid. Some crackers will also steal credit card information, or any other private information they can use, to access victims' bank accounts and steal money from them.
There are, of course, other motivations that push crackers to engage in illegal activity. There are cases where crackers have breached a network merely to show off and gain publicity. With so much of the media covering breaches, it's no surprise that many will want to use that to make themselves "famous", especially since some types of cybercrime don't require a high level of skill. We can also find crackers who want to break software by reverse engineering, to exploit its weaknesses. And there are also some who do it just for fun.
While hackers work to help organizations and individuals secure their systems and networks, crackers have a different objective in mind.
Yes, there are crackers out there who will break a system merely to show off their skills, without a single intention of tampering with or harming data.
Most modern organizations today operate at least a part of their business online and own and store private and sensitive data. This increases the target pool for crackers and cybercriminals. Based on different motivations and goals, crackers can be hacktivists, scammers, script kiddies, and a part of cybercrime groups.
With a variety of things that can motivate a malicious cracker, there have been many notorious cybercriminals throughout the history of the web. After all, the media and the general public love to hear stories about “bad boys” and anti-heroes, with many of them switching sides later on.
Some of history’s most infamous cybercriminals are Kevin Mitnick, now turned white hat, known for being a cracker for fun and not for profit; John Draper, aka Captain Crunch, one of the most legendary phone phreakers of the ‘70s and a true representative of the counterculture of the time; and Max Ray Butler, known as Iceman, who worked as a consultant for the FBI while at the same time working on launching an attack on the Pentagon.
Differences between hackers and crackers
By now, many differences between hackers and crackers might seem obvious, but let's review their core differences:
Hackers are the good guys, white hats who break into networks to discover loopholes, and to restore the security of corrupted networks to build a secure system. They never do it illegally and always inform their hiring organization or individual of their actions. They're a great weapon in the hunting down and catching of crackers. Crackers, however, will break into the same system for personal, financial or any other kind of gain without the knowledge or permission of the system owners, for the purpose of engaging in illegal activities.
Hackers possess the ability to create programs and software tools; they're skilled in multiple codes and languages and have advanced knowledge of various select computer languages. Crackers, on the other hand, don't need to possess a deep well of knowledge, save for the one on how to actually break a system, and we don't normally see them being skilled enough to create their own programs. Even with so few crackers skilled enough to create tools and software to help them exploit the weaknesses they discover, we should never ignore their threat.
Nothing is black and gray in IT when it comes to hackers and crackers. That's where gray hats come into play.
The easiest way to describe gray hats is that they are individuals who only act illegally with the purpose of improving the security of the system or network they've broken into. They won't have the permission of the organization or software vendor before looking for vulnerabilities, and might even report back to ask for renumeration, their fee for discovering a vulnerability. They often exploit a discovered vulnerability with the goal of raising awareness.
Even with the media painting all hackers as inherently bad and attaching negative connotations to them, we need to remember that not everything is as the media sees it, and that not all hackers and crackers are equal. The world would be a much scarier place with a lot more cybercrime if hackers weren't actively discovering vulnerabilities and stopping the threats crackers pose. And if we didn't have gray hats, we'd have to say that the world is completely presented in black and white, which we know isn't true.
Are you a hacker or are you interested in protecting yourself from crackers? Try our SurfaceBrowser™ to see all your public-facing digital landscape, ranging from IP addresses, domain names, open ports and much more. Book a demo with our sales team.