Archive 4 min read

Cybersecurity Basics #7 - Hackers & Cybercriminals

Hackers and cybercriminals are all "malicious actors". While you may not know who is attacking a system, having a better understanding of common motivations is important.

Cybersecurity Basics #7 - Hackers & Cybercriminals

Watch this episode on YouTube.

Reasonably Accurate 馃馃 Transcript

Morning everybody. How are you doing today? I hope you had a fantastic long weekend and are tackling September um with a little bit of gusto, a little bit of energy. Um Today, I wanted to continue the cybersecurity basics, um sort of segments. Uh And we're gonna talk about hackers and cyber criminals.

Now, um I am a big fan of the original meaning of hacker. Now, most people are probably saying original. What do you mean original? Isn't? It just means somebody who attacked systems a bad guy, a bad person. Um It didn't used to mean that what it used to mean and you can tell this is my definition with the, for those of you on the vlog with the, with the gray hair.

Um What he used to mean was somebody who would deconstruct or pick apart systems trying to build something new. So somebody who's trying to build something new um in a technology way, you know, or, you know, either building something new or understanding how things work by taking them apart.

So it had a positive connotation. Hackers are what built the UNIX infrastructure hackers are what built a lot of the internet. Um This is, you know, in a positive constructive way, people who have a desire or drive to understand how things work. Um Now that meaning has changed, we no longer use that in popular context.

What has changed now is that a hacker is a malicious actor? That's what you're going to hear very common is a malicious actor. Now, a hacker in the modern parlance is somebody who is using their technical knowledge to break into systems. So instead of to understand them, they're understanding them with a malicious intent, they're breaking in, they are in fact a cyber critic.

That's what term you'll hear me use more often. You'll hear the infosec community use quite regularly is a cyber criminal because breaking into systems unauthorized is a crime in most jurisdictions. So a cyber criminal is somebody who is seeking to profit in some way, shape or form from hacking activities from malicious computer activity.

So we normally see cybercriminals motivate for a number of reasons or the primary reason ends up being profit. Um But we do see other motivations like political gain. Um uh you know, things like this, but primarily we see cyber criminals motivated by money, which makes it easier to figure out what they're going to do.

Now, in a general term, we have malicious actors. Um but realistically, they're all criminals because breaking into systems that you're not authorized to access ends up being a crime. So cybercriminals is a better sort of umbrella term. So we use cybercriminals. Now, when cybercriminals is hacking, so hacking could be a verb as well.

They are normally looking for that profit. Now, we can see direct profit. So they're trying to compromise your system to directly make money from it or they're compromising your system in order to resell that resource somewhere else. So I'll give you a couple of examples. We see cyber criminals who use ransomware, which is a piece of malware, which we covered in the last episode and that locks you out of your own data and then they're going to sell you the key to get back to your own data.

Now, that's a direct profit relationship. I as a bad person have hacked your system, have locked you out of it. You need to pay me in order to gain system access back. Now. No surprise here. You probably won't be getting access back to your system, but I'll be making money.

Now, the other thing I can do is compromise your system and not let you know about it and try to use your either CPU to mine, something like Cryptocurrency, which is an online form of currency that I can then trade for real world money or for goods and services or I'm going to use the bandwidth so you internet connection to use your system to launch attacks on other people or I mean, just in general going to use your system to see what else is connected to so I can jump off and move forward.

These are all the common sort of uses that a cyber criminal has for your system. And of course, there's standard data when cyber criminal breaks into a large service, like a web service or application or a company, they're looking to sell for data that they can sell now, either back to the company in order to preserve their reputation or their business operations or to sell on the Digital Underground.

And that's where cybercriminals can meet. It's not just cybercriminals who meet in the digital Underground or the dark web if you've heard that term and we'll cover that in a few episodes, I'm sure. So cyber criminals here are profit motivated, primarily, sometimes their vengeance or politically motivated.

There can be other motivations are well, but at the end of the day now hacker has this bad connotation. You'll hear malicious actor as well, which is sort of, instead of making that pronouncement that somebody has made a crime, it's somebody with a bad intention, but more often than not, cyber criminal tends to the right term when talking about people with bad intent or mal intent towards you or your systems.

Uh I hope that clears that up. Let me know online at marknca for those of you on the vlog in the comments down below as always by email I look forward to continuing the conversation online. We'll do a few more of these cybersecurity basics.

Um Hopefully this is helping give you guys an overview of what's going on. Um Sort of the terms you're coming across. Let me know this is very much an audience driven show. Um I look forward to chatting with you online and on the show again tomorrow.

Have a good one.

Read next