A couple of decades ago a hacker was often a person who had malicious intent and had a solid understanding of computer systems, network security, exploits, vulnerabilities & in most cases they would know a programming language or two but the game has evolved over time. Yes these people still exist but often it is better for them to find an exploit and resell it for a quick buck vs exploit that person or company.
This has led to different types of hackers, these are the hackers that don’t actually do much “hacking” in fact most have an extremally limited technical skillset. In recent years this new type of hacker has become more prevalent called the “script kiddie.” This is a person who uses pre-made scripts, apps or tools to carry out hacking attacks, often without fully understanding how they work. They may use these tools to launch simple attacks like denial of service (DoS) attacks or to gain unauthorized access to systems. These hackers are much more scalable because any untrained person can become a script kiddie. Normally these scripts are created by a hacker and then sold as software to the script kiddie, the name comes from the fact it is so simple even a child could do it.
“Social engineering” is another type of hacking and scamming that has become popular, they rely on psychological manipulation rather than technical skills to gain access to sensitive information or systems. They may use techniques like phishing, pretexting, baiting, or scareware to trick people into divulging their passwords or other sensitive information. It’s not uncommon for them to target people over the age of 65 or target individuals that they have researched and have a little bit of information on. It’s important to note that these types of attacks can be just as effective as more technical attacks, as they rely on manipulating human behavior rather than exploiting technical vulnerabilities. We all know to not give our password out to a stranger but some of these people can be so convincing so don’t feel too bad if you do fall for their ploy.
But some times people don’t even need to use any type of software to hack, in fact every year there are data breaches from major cooperation’s that accidently leak information. Some of this information is as basic as your email address and the password you used to log into a website. If you are one of those people that uses the same password for multiple sites there is a high likelihood somebody can simply login with your credentials without you knowing it. My personal email address has been leaked over 20 times with data from different companies and we are not just talking about the small obscure website, these are major companies like Adobe, Dropbox, LinkedIn, Sony & much more. I’d encourage you to go to www.haveibeenpwned.com and put in your email address to find out if any of your personal information has been leaked by a website you have signed into in the past. This is the point where I would encourage you to look into using a good password manager if you don’t already use one.
But not all hackers are bad, in fact there are ethical hackers that have a very technical skill set but thankfully don’t have the malicious intent towards destroying people lives. An ethical hacker is someone that highlights problems in organizations to help give companies the ability to fix the vulnerability before a real hacker exploits it. Ethical hackers play a crucial role in helping to identify and fix vulnerabilities before they can be exploited by malicious actors. Many ethical hackers get paid by the companies that they hack by ways of a “bug bounty” essentially a cash prize to the first person that highlights a problem in the companies system. It is much cheaper for companies to pay a reward to an ethical hacker to find a problem than deal with the aftermath of a security breach that can often end up with bad press and in some cases fines from the government for leaking people’s data.
It is essential that we all take steps to educate ourselves and stay informed about the latest threats and best practices for protecting ourselves and our systems. By doing so, we can work towards a more secure and safe online environment for everyone. So take the time to familiarize yourself with basic cybersecurity practices, such as using strong passwords, keeping software up to date and always question just who you are talking to because some time even if it is your friend messaging you it could be a hacker using their account.
