If you’re only starting your journey to understanding cybersecurity and all the actors that are involved in it, it can be difficult to figure out all the terms and specifics when it comes to bad actors in security. You can often hear the blanket term “hacker” used to describe all rogue actors, but it’s too vague and inaccurate, so here’s our guide to bad actors in cybersecurity:
Black hat hackers – the stereotypical bad actor
If you’ve ever seen a hacker in a movie, it was probably a black hat – a hacker that acts alone or with a small group of other black hats. These bad actors often act to further their own agenda or to complete an order for someone who’s willing to pay for their hacking services. Black hats can attack everything from industrial plants to banks and retail giants, the only caveats are the level of security of the object and the skills of the given black hat.
Script kiddies – novice hackers
You won’t find a single cuber actor who wants to be classified as a script kiddie since this term is reserved for inexperienced amateur hackers who don’t yet have the skills and experience of black hats or other bad actors. However, this doesn’t mean that script kiddies are not dangerous – since they need to hack as much as possible in order to learn, they are willing to attack any computer and system they can.
Hacktivists – security actors who aim to use their powers for good
If you haven’t lived under a rock in the past few years, you’ve definitely heard of hacktivists. Some of the most well-known hacktivist organizations include WikiLeaks and Anonymous and their general goal is to use their skills to uncover and draw public attention to things they find wrong. Hacktivists often leak private and government information, including classified documents, altering and hacking websites, and exposing information that governments, companies or other entities are trying to conceal from the general public.
Organized crime hackers
The entire world has incorporated cyber technology in pretty much all aspects of its day-to-day lives, so it should come as any surprise that traditional organized crime has also started to use bad actors for their goals. For instance, in Belgium an international drug trafficking ring used the services of hackers to hack the port of Antwerp and mark containers that contained drugs as those that have gone through customs, effectively helping them to avoid detection.
Insider actors gone rogue
The last type of bad actors is an insider threat. This is typically a current or former employee that has access to applications, networks or information and decides to use this access with ill intent or makes a mistake that causes a security breach.