2008年1月21日 星期一

Hacker Classes

Hackers can be classified into various categories based on their activity profiles.

  • Black hats
    • Individuals with extraordinary computing skill who use their skill with malicious intent for illegal purpose. This category of hacker are often associated with criminal activities and sought by law enforcement agencies.
  • White hats
    • Individuals professing hacker skill and using them for defensive purpose. Also known as "Security Analysis".
  • Grey hats
    • Individuals who work both offensively and defensively at various times. They believe in full disclosure that other people who come across information disclosed are able to make a judicious use of the information.
Ethical hacker are information security professional who are engaged in evaluating the threats to an organization from attackers. Ethical hackers can be classified into following categoris:
  • Former black hats
    • This groups comprises of former cracker who have taken to the defensive side. They are better informed about security related matters as they have no dearth of experience and have access to the right information through hacker network. However they do not earn credibility for the very same reason as they may pass along sensitive information knowingly or inadvertently to the hacker network, thereby putting the enterprise at risk.
  • White hats
    • They profess to have skill on par with the black hats. However, it remains to be seen if they can be as efficient in information gathering as black hats.
  • Consulting firm
    • This is a new trend being seen in ICT consulting services with the increasing demand for third party security evaluations. These firms boast of impressive talent and credentials. However a word of caution is necessary with regard to background checks of these individuals as they may include former black hats and even script kiddies, who take up assignment for the thrill it gives them.

沒有留言: