0
1
00:00:00,000 --> 00:00:02,190
Hackers, Crackers, and Attackers, oh my! In
1

2
00:00:02,190 --> 00:00:03,750
this lesson, we're going to start
2

3
00:00:03,750 --> 00:00:05,279
thinking like an attacker by starting to
3

4
00:00:05,279 --> 00:00:06,210
understand what are some of their
4

5
00:00:06,210 --> 00:00:08,639
different motivations. So, hackers have a
5

6
00:00:08,639 --> 00:00:10,740
very unique definition that has evolved
6

7
00:00:10,740 --> 00:00:12,570
over time. Originally hackers were just
7

8
00:00:12,570 --> 00:00:13,799
computer enthusiasts. It's people who
8

9
00:00:13,799 --> 00:00:15,599
enjoy computers and tried to learn how,
9

10
00:00:15,599 --> 00:00:17,310
what made them operate. And they would
10

11
00:00:17,310 --> 00:00:19,500
tinker with them and take them apart and
11

12
00:00:19,500 --> 00:00:20,789
try to go through the operating system and
12

13
00:00:20,789 --> 00:00:24,180
understand it in depth. Now over time,
13

14
00:00:24,180 --> 00:00:25,890
especially in the mid-80s and the late
14

15
00:00:25,890 --> 00:00:27,630
80s, we started seeing a lot of computer
15

16
00:00:27,630 --> 00:00:29,310
hackers becoming a negative connotation.
16

17
00:00:29,310 --> 00:00:32,369
You see this pop up in movies, and TV, and
17

18
00:00:32,369 --> 00:00:34,530
newspapers. And because of that, there's
18

19
00:00:34,530 --> 00:00:35,760
actually a separate term that came out
19

20
00:00:35,760 --> 00:00:37,530
called an ethical hacker, and ethical
20

21
00:00:37,530 --> 00:00:38,820
hackers are people who are hired by a
21

22
00:00:38,820 --> 00:00:40,980
company, they use the skills they learned
22

23
00:00:40,980 --> 00:00:42,570
of hacking and taking apart a computer
23

24
00:00:42,570 --> 00:00:45,329
to do security and penetration testing
24

25
00:00:45,329 --> 00:00:47,910
for those networks. Because of that, the
25

26
00:00:47,910 --> 00:00:49,680
term crackers evolved and that meant a
26

27
00:00:49,680 --> 00:00:51,449
criminal hacker, someone who is doing
27

28
00:00:51,449 --> 00:00:53,430
these hacking for a bad or malicious
28

29
00:00:53,430 --> 00:00:54,750
reason. This is the people you usually think
29

30
00:00:54,750 --> 00:00:57,360
of when you think about a movie or a
30

31
00:00:57,360 --> 00:00:59,550
television show where you have this malicious
31

32
00:00:59,550 --> 00:01:01,289
actor breaking into computers and trying
32

33
00:01:01,289 --> 00:01:03,570
to steal all the information. So hackers
33

34
00:01:03,570 --> 00:01:05,250
in general wear one of three hats. They
34

35
00:01:05,250 --> 00:01:07,110
can be either white hats, black hats, or
35

36
00:01:07,110 --> 00:01:09,150
gray hats. So white hat is your ethical
36

37
00:01:09,150 --> 00:01:10,770
hacker. He's breaking into computer
37

38
00:01:10,770 --> 00:01:12,900
systems with permission of the network
38

39
00:01:12,900 --> 00:01:14,280
owner, and the reason why they do that is
39

40
00:01:14,280 --> 00:01:16,049
just to increase the security of the network.
40

41
00:01:16,049 --> 00:01:17,909
Now on the other side, we have the black
41

42
00:01:17,909 --> 00:01:19,320
hats. The black hats are the malicious
42

43
00:01:19,320 --> 00:01:20,909
actors. They're the criminals, they're the
43

44
00:01:20,909 --> 00:01:22,110
ones who are breaking without permission,
44

45
00:01:22,110 --> 00:01:23,220
they're trying to steal your information,
45

46
00:01:23,220 --> 00:01:25,110
and they're trying to break your systems.
46

47
00:01:25,110 --> 00:01:27,360
Now in the middle of that we have what's
47

48
00:01:27,360 --> 00:01:29,250
called a gray hat. And a gray hat is
48

49
00:01:29,250 --> 00:01:32,250
sometimes good and sometimes bad. It's
49

50
00:01:32,250 --> 00:01:34,950
kind of a gray area, if you will. One of
50

51
00:01:34,950 --> 00:01:36,030
the things that you'll see with a gray
51

52
00:01:36,030 --> 00:01:37,259
hat for instance, is somebody who does
52

53
00:01:37,259 --> 00:01:39,540
bug bounties. They might be searching
53

54
00:01:39,540 --> 00:01:41,340
software to find the hidden
54

55
00:01:41,340 --> 00:01:43,560
vulnerabilities known as bugs. Now if
55

56
00:01:43,560 --> 00:01:45,119
they turn those into the company, that
56

57
00:01:45,119 --> 00:01:47,369
would be a white hat action. If they used
57

58
00:01:47,369 --> 00:01:48,750
it for a malicious intent to steal
58

59
00:01:48,750 --> 00:01:50,369
information, that would be a black hat.
59

60
00:01:50,369 --> 00:01:52,110
Well, what would you say if they found
60

61
00:01:52,110 --> 00:01:53,700
that information and immediately posted it
61

62
00:01:53,700 --> 00:01:54,869
to the internet for everybody to know?
62

63
00:01:54,869 --> 00:01:56,460
Well we would consider that a gray
63

64
00:01:56,460 --> 00:01:57,960
action because they didn't give the
64

65
00:01:57,960 --> 00:02:00,299
company time to fix the problem, and so
65

66
00:02:00,299 --> 00:02:02,430
now good guys and bad guys have access
66

67
00:02:02,430 --> 00:02:04,110
to the information at the same time. That
67

68
00:02:04,110 --> 00:02:06,030
becomes a gray action. It's not good, it's
68

69
00:02:06,030 --> 00:02:07,350
not bad, it's kind of somewhere in the
69

70
00:02:07,350 --> 00:02:08,789
middle. Sometimes they play nice,
70

71
00:02:08,789 --> 00:02:10,649
sometimes they don't, and this is a
71

72
00:02:10,649 --> 00:02:11,760
really difficult group of people to work
72

73
00:02:11,760 --> 00:02:13,690
with because sometimes they're really helpful,
73

74
00:02:13,690 --> 00:02:16,240
and sometimes they're really not. So some
74

75
00:02:16,240 --> 00:02:17,560
other types of attackers that we want to
75

76
00:02:17,560 --> 00:02:19,150
mention here is, we're going to start
76

77
00:02:19,150 --> 00:02:21,070
with phreakers. Now phreakers are really
77

78
00:02:21,070 --> 00:02:23,050
focused on telephones and PBX systems,
78

79
00:02:23,050 --> 00:02:24,880
and the most famous of them was a
79

80
00:02:24,880 --> 00:02:26,920
gentleman known as Captain Crunch. Now
80

81
00:02:26,920 --> 00:02:28,150
the reason why he was known as Captain
81

82
00:02:28,150 --> 00:02:29,980
Crunch, is because back in the 70s when
82

83
00:02:29,980 --> 00:02:31,510
used to pay for long distance at a
83

84
00:02:31,510 --> 00:02:34,030
payphone, you'd put in a series of coins
84

85
00:02:34,030 --> 00:02:35,860
and you'd hear a beep, and there would be
85

86
00:02:35,860 --> 00:02:37,870
a whistling sound essentially that would
86

87
00:02:37,870 --> 00:02:39,340
tell the telephone company you've paid
87

88
00:02:39,340 --> 00:02:40,420
enough money to make that long-distance
88

89
00:02:40,420 --> 00:02:43,750
call. Well, this gentleman found a whistle
89

90
00:02:43,750 --> 00:02:45,790
in the Cap'n Crunch cereal box that
90

91
00:02:45,790 --> 00:02:48,250
made the right frequency, which is 2600
91

92
00:02:48,250 --> 00:02:49,930
Hertz, and if he blew it it would give
92

93
00:02:49,930 --> 00:02:51,640
you free long distance. So again, it's
93

94
00:02:51,640 --> 00:02:53,650
just learning that system, and being able
94

95
00:02:53,650 --> 00:02:55,690
to figure out where those security bugs are, in
95

96
00:02:55,690 --> 00:02:56,980
this case they're doing for malicious
96

97
00:02:56,980 --> 00:02:58,180
reasons, they want to get free long
97

98
00:02:58,180 --> 00:02:59,890
distance, but that's what a phreaker is. They're
98

99
00:02:59,890 --> 00:03:04,150
all about telephones and PBX systems. So
99

100
00:03:04,150 --> 00:03:05,470
two other types that we have here our
100

101
00:03:05,470 --> 00:03:07,870
software crackers and hackers, and system
101

102
00:03:07,870 --> 00:03:09,640
crackers and hackers. So a software
102

103
00:03:09,640 --> 00:03:11,590
cracker and hacker is looking at how to
103

104
00:03:11,590 --> 00:03:13,600
disable registration keys and
104

105
00:03:13,600 --> 00:03:16,120
essentially get software for free. This
105

106
00:03:16,120 --> 00:03:17,470
was really popular with the old
106

107
00:03:17,470 --> 00:03:19,870
Microsoft Windows, people would pirate
107

108
00:03:19,870 --> 00:03:21,190
and steal the Microsoft Windows
108

109
00:03:21,190 --> 00:03:22,989
operating system, but require that long
109

110
00:03:22,989 --> 00:03:25,600
25-character password to be able to use
110

111
00:03:25,600 --> 00:03:27,370
the software, and so they would find ways
111

112
00:03:27,370 --> 00:03:28,870
to break that registration system so
112

113
00:03:28,870 --> 00:03:30,190
they can get free access to the software.
113

114
00:03:30,190 --> 00:03:33,310
Now system hackers and crackers, they're
114

115
00:03:33,310 --> 00:03:34,750
all about figuring out what are the bugs
115

116
00:03:34,750 --> 00:03:35,980
in the operating system that they can
116

117
00:03:35,980 --> 00:03:37,480
exploit. So, for instance, I might
117

118
00:03:37,480 --> 00:03:39,489
specialize in Windows hacking, or Linux
118

119
00:03:39,489 --> 00:03:42,040
hacking, or Cisco IOS hacking if I want
119

120
00:03:42,040 --> 00:03:43,150
to go after network routers and switches.
120

121
00:03:43,150 --> 00:03:45,070
Another type of attacker is what's called a
121

122
00:03:45,070 --> 00:03:47,140
suicide hacker. Now these are people that
122

123
00:03:47,140 --> 00:03:48,610
know that they may get caught and they
123

124
00:03:48,610 --> 00:03:50,380
may go to jail for what they're doing,
124

125
00:03:50,380 --> 00:03:51,220
but they don't care and they're going to
125

126
00:03:51,220 --> 00:03:52,360
do it anyway. That's why we call them a
126

127
00:03:52,360 --> 00:03:53,920
suicide hacker, a lot like a suicide
127

128
00:03:53,920 --> 00:03:56,860
bomber in the terrorist world. The one at
128

129
00:03:56,860 --> 00:03:58,420
the bottom of the screen here is really
129

130
00:03:58,420 --> 00:03:59,739
important to understand, especially from
130

131
00:03:59,739 --> 00:04:01,030
a cyber security perspective, and that's
131

132
00:04:01,030 --> 00:04:02,500
your disgruntled employees and your
132

133
00:04:02,500 --> 00:04:04,660
insider threat. Now, why is that so
133

134
00:04:04,660 --> 00:04:07,030
important? Well, these people may not be
134

135
00:04:07,030 --> 00:04:09,489
technically savvy. They may just be your
135

136
00:04:09,489 --> 00:04:12,100
receptionist or your sales clerk, but if
136

137
00:04:12,100 --> 00:04:14,050
they have a beef with you, they can use
137

138
00:04:14,050 --> 00:04:15,700
their privilege, their authorized
138

139
00:04:15,700 --> 00:04:17,200
user access that they already have, their
139

140
00:04:17,200 --> 00:04:18,850
usernames and passwords, to get on your
140

141
00:04:18,850 --> 00:04:20,620
system and take information with them.
141

142
00:04:20,620 --> 00:04:22,870
Probably the most famous
142

143
00:04:22,870 --> 00:04:24,120
example of this is Edward Snowden
143

144
00:04:24,120 --> 00:04:26,610
with the NSA, but there's tons of
144

145
00:04:26,610 --> 00:04:28,410
examples throughout history of insider
145

146
00:04:28,410 --> 00:04:29,280
threats where they steal your
146

147
00:04:29,280 --> 00:04:31,440
information and they either sell it for
147

148
00:04:31,440 --> 00:04:33,210
gain or put it out in the public domain.
148

149
00:04:33,210 --> 00:04:36,000
Another type of attack that we have is
149

150
00:04:36,000 --> 00:04:37,979
what we call script kiddies. Now, script
150

151
00:04:37,979 --> 00:04:39,479
kiddies think they're hackers, but really
151

152
00:04:39,479 --> 00:04:40,830
what they do is they download other
152

153
00:04:40,830 --> 00:04:43,020
people's tools. So, they might go onto a
153

154
00:04:43,020 --> 00:04:44,729
website, download a tool, like for
154

155
00:04:44,729 --> 00:04:46,290
instance the ion cannon that was very
155

156
00:04:46,290 --> 00:04:48,270
popular with hacktivists for a while. And
156

157
00:04:48,270 --> 00:04:49,680
you would essentially just download this
157

158
00:04:49,680 --> 00:04:51,510
piece of software, plug-in a website name,
158

159
00:04:51,510 --> 00:04:53,130
hit go, and it would start doing a denial
159

160
00:04:53,130 --> 00:04:55,020
of service attack. There was no skill
160

161
00:04:55,020 --> 00:04:56,550
involved. There was no coding of their
161

162
00:04:56,550 --> 00:04:58,289
own tools. It was just taking tools that were
162

163
00:04:58,289 --> 00:04:59,970
readily available. Now, a lot of the
163

164
00:04:59,970 --> 00:05:01,080
ethical hacker tools that are out there
164

165
00:05:01,080 --> 00:05:03,120
are freely available and open source, and
165

166
00:05:03,120 --> 00:05:04,410
so a lot of script kiddies will take those
166

167
00:05:04,410 --> 00:05:06,810
tools and use those as a way to hack
167

168
00:05:06,810 --> 00:05:10,110
into networks, but again there's no level
168

169
00:05:10,110 --> 00:05:11,880
of skill in this, it's just very very
169

170
00:05:11,880 --> 00:05:14,310
primitive. They grab the tool and they go.
170

171
00:05:14,310 --> 00:05:16,380
Now, the problem is there's a lot more of
171

172
00:05:16,380 --> 00:05:17,370
these tools available than there used to
172

173
00:05:17,370 --> 00:05:19,214
be. And so as these tools keep increasing
173

174
00:05:19,214 --> 00:05:20,699
in number, we start seeing a lot more
174

175
00:05:20,699 --> 00:05:22,740
script kiddies in action. Another type of
175

176
00:05:22,740 --> 00:05:23,940
hacker we have is a cyber-terrorist,
176

177
00:05:23,940 --> 00:05:27,870
cyber criminals, or hacktivists. Now, cyber
177

178
00:05:27,870 --> 00:05:29,520
terrorists, and cyber criminals and
178

179
00:05:29,520 --> 00:05:31,050
hacktivists are a group that kind of get lumped
179

180
00:05:31,050 --> 00:05:32,370
in together a lot. So if you start
180

181
00:05:32,370 --> 00:05:34,680
thinking of things like LulzSec and
181

182
00:05:34,680 --> 00:05:36,810
Anonymous, these are hacker groups and
182

183
00:05:36,810 --> 00:05:38,490
some of them are very skilled, and some
183

184
00:05:38,490 --> 00:05:39,900
of them are very unskilled, it depends on
184

185
00:05:39,900 --> 00:05:41,340
who is in this group. They're very
185

186
00:05:41,340 --> 00:05:43,500
loosely affiliated and they all try to
186

187
00:05:43,500 --> 00:05:45,660
serve a common purpose. With hacktivism,
187

188
00:05:45,660 --> 00:05:47,520
you're doing it as a political
188

189
00:05:47,520 --> 00:05:49,680
motivation. With cyber criminals, it's
189

190
00:05:49,680 --> 00:05:51,750
usually a money motivation. And with
190

191
00:05:51,750 --> 00:05:56,010
cyber terrorists, it's usually an ideological motivation. And finally we
191

192
00:05:56,010 --> 00:05:57,449
have the good guys, the ethical hackers.
192

193
00:05:57,449 --> 00:05:59,940
These are folks who are hired by a firm
193

194
00:05:59,940 --> 00:06:02,340
to come in and test those networks. They
194

195
00:06:02,340 --> 00:06:04,410
have permission, they don't want to harm
195

196
00:06:04,410 --> 00:06:06,000
the networks, and anything they do is
196

197
00:06:06,000 --> 00:06:08,039
reversible. So, anything that they do in
197

198
00:06:08,039 --> 00:06:09,360
their hacking and penetration testing,
198

199
00:06:09,360 --> 00:06:11,370
they then create a report and give that
199

200
00:06:11,370 --> 00:06:12,389
to your organization so the
200

201
00:06:12,389 --> 00:06:14,250
organization can get better and do a
201

202
00:06:14,250 --> 00:06:17,810
better job of securing their networks.