What does a white hacker do?
|
Henry Dalziel, in
How to Become an Ethical Hacker and Penetration Tester, 2015 Let us define the main categories of security
professionals that will be referred to in this book. Professional hackers (or “crackers”) will fit into one or several of the following categories: A “white hat hacker,” (that is the category that we belong to if we aim to initially become a “penetration tester”) will have permission to break security for nonmalicious reasons with the objective of patching or fixing-identified vulnerabilities. 1.2.2 Black Hat HackerOn the complete opposite end of the scale is the “black hat cracker.” Typically, a black hat hacker will try to break into a secure network to destroy data or make the network unusable. 1.2.3 Gray Hat HackerA “gray hat hacker” is a combination of a black and white hat. A gray hat hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect. They may then offer to correct the defect for a fee. Many websites such as Facebook and Ebay offer bug bounties (please refer to Chapter 3 for more information), which means that anyone who finds a vulnerability or weakness can disclose the hole and receive a reward. 1.2.4 Blue Hat HackerA “blue hat hacker” (similar to gray hat) is someone who bug-tests a system or application prior to its launch, looking for exploits to be closed. It is worth mentioning that Microsoft uses the term “blue hat” to represent a series of security briefing events. 1.2.5 Blue and Red TeamsAnother category that is relevant is “blue and red teams.” In short: a red team attacks a network or computer system, and an opposing group – the blue team – defends it. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128027226000017 Ethics and HackingThomas Wilhelm, in Professional Penetration Testing, 2010 White Hat HackersOne definition of White Hat hackers includes those individuals who perform security assessments within a contractual agreement. Although this definition works in most cases, there is no legal or ethical component associated with it. When compared to the definition of Black Hat, this omission becomes glaringly obvious. However, this is the definition that most people think of when they talk about White Hats and will work for our discussion. Just like in the movies of the Wild West, White Hat hackers are considered the good guys. They work with companies to improve their client's security posture at either the system or the network level, or finding vulnerabilities and exploits that could be used by a malicious or unauthorized user. The hope is that once a vulnerability or exploit is discovered by a White Hat, the company will mitigate the risk. There is a constant argument over the question of who's more capable – the Black Hat Hacker or the White Hat hacker. The argument goes something like this: The Black Hat hackers have the advantage because they do not have to follow any rules of engagement. Although this sounds valid, there are some issues that are ignored. The biggest one is education. It is not uncommon to find that most White Hat hackers are employed by companies with training budgets, or companies who encourage their employees to learn hacking techniques while on the job. This affords the White Hat the tremendous advantage over the Black Hat. Many of these training opportunities include the latest techniques used by malicious hackers who infiltrate corporate networks. In addition, those White Hat hackers who are employed for large organizations have access to resources that the Black Hat does not. This can include complex architectures using state-of-the-art protocols and devices, new technologies, and even research and development teams. Despite these advantages, White Hat hackers often have restrictions placed on them during their activities. Many attacks can cause system crashes or, worse, data loss. If these attacks are conducted against real-world systems, the company could easily lose revenue and customers. To prevent these kinds of losses, White Hats must be very selective of what they do and how they do it. Often, only the most delicate scans or attacks can be used against production machines, and the more aggressive scans are relegated to test networks, which often do not truly replicate the real world. This is assuming that the test network even exists. It is not uncommon to find production systems that are so costly that it is not economically feasible to make multiple purchases simply to have the test network. In those types of cases, it is very difficult for a White Hat to know the true extent of the systems vulnerability or exploitability. From a financial perspective, specializing in information security has been quite beneficial. Salaries have continued to rise because the federal requirements for auditing and security assessments have forced many companies to seek out individuals with the unique ability to conduct effective penetration tests. Long gone are the days when companies were content with basic Nessus scans, and nothing else. Today, security professionals are in demand, and companies realize that security isn't simply a firewall or an antivirus software but a life cycle involving security policies, training, compliance, risk assessments, and infrastructure. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597494250000063 Ethics and HackingThomas Wilhelm, in Professional Penetration Testing (Second Edition), 2013 White Hat HackersOne definition of White Hat hackers includes those individuals who perform security assessments within a contractual agreement. Although this definition works in most cases, there is no legal or ethical component associated with it. When compared to the definition of Black Hat, this omission becomes glaringly obvious. However, this is the definition that most people think of when they talk about White Hats and will work for our discussion. Just like in the movies of the Wild West, White Hat hackers are considered the good guys. They work with companies to improve their client’s security posture at either the system or the network level, or finding vulnerabilities and exploits that could be used by a malicious or unauthorized user. The hope is that once a vulnerability or exploit is discovered by a White Hat, the company will mitigate the risk. There is a constant argument over the question of who’s more capable—the Black Hat hacker or the White Hat hacker. The argument goes something like this: The Black Hat hackers have the advantage because they do not have to follow any rules of engagement. Although this sounds valid, there are some issues that are ignored. The biggest one is education. It is not uncommon to find that most White Hat hackers are employed by companies with training budgets, or companies who encourage their employees to learn hacking techniques while on the job. This affords the White Hat the tremendous advantage over the Black Hat. Many of these training opportunities include the latest techniques used by malicious hackers who infiltrate corporate networks. In addition, those White Hat hackers who are employed for large organizations have access to resources that the Black Hat does not. This can include complex architectures using state-of-the-art protocols and devices, new technologies, and even research and development teams. Despite these advantages, White Hat hackers often have restrictions placed on them during their activities. Many attacks can cause system crashes or, worse, data loss. If these attacks are conducted against real-world systems, the company could easily lose revenue and customers. To prevent these kinds of losses, White Hats must be very selective of what they do and how they do it. Often, only the most delicate scans or attacks can be used against production machines, and the more aggressive scans are relegated to test networks, which often do not truly replicate the real world. This is assuming that the test network even exists. It is not uncommon to find production systems that are so costly that it is not economically feasible to make multiple purchases simply to have the test network. In those types of cases, it is very difficult for a White Hat to know the true extent of the systems vulnerability or exploitability. From a financial perspective, specializing in information security has been quite beneficial. Salaries have continued to rise because the federal (e.g., HIPAA) and commercial (e.g., PCI) requirements for auditing and security assessments have forced many companies to seek out individuals with the unique ability to conduct effective penetration tests. Long gone are the days when companies were content with basic Nessus scans and nothing else. Today, security professionals are in demand and companies realize that security isn’t simply a firewall or an antivirus software but a life cycle involving security policies, training, compliance, risk assessments, and infrastructure. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597499934000021 Configuring Kali LinuxJames Broad, Andrew Bindner, in Hacking with Kali, 2014 Kali Linux Default SettingsAs explained earlier, most penetration test engineers, white hat hackers, will not want their network card to announce their presence on the network as soon as the computer connects. This is just what Kali Linux will do when it is powered up and connect to a network. Care must be taken when conducting a penetration test to avoid this unneeded extra communication by disabling the network card before plugging in to the network. With custom installs including installing to a hard drive, thumb drive, or SD card, this automatic network configuration can be changed. Another way to change this is by building a custom live disk that will be configured for manual network configuration. These methods will all be discussed in Chapter 5 on customizing Kali Linux. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780124077492000045 The Modern NinjaThomas Wilhelm, Jason Andress, in Ninja Hacking, 2011 White Hats versus Black HatsIn this book, we will identify similarities between professional penetration testers and practitioners of Ninjutsu. However, we also need to understand the function of those that attack networks and systems within the realm of computer security, and distinguish between what has become a popular method of identifying “good guys” and “bad guys” – white hat hackers and black hat hackers, respectively. The concept of two types of “hats” originate from old Westerns movies, where the good guy wears a white cowboy hat and combats those with nefarious intent, who can be identified by their black cowboy hats. It would be fantastic if it was just as easy to identify the “criminal” element in computer crimes by what type of hat they wear, but reality is much more difficult to paint in colors of black and white. Many definitions of a black hat hacker try to intertwine the concept of ethics and morality with the activities of these “bad” hackers. The problem with including ethics in any definition is that ethics is a matter of perspective; hypothetically speaking, a hacker located in China who attacks government systems within the United States may be seen as one of the good guys to the Chinese government in certain circumstances, whereas that same hacker would be seen as one of the bad guys to those living in the United States. The inability to distinguish the good guy from the bad guy when incorporating ethical perspectives necessitates the need to define white and black hats differently. To complicate matters, there have been others who have suggested gray hat hackers also exist, which can be identified as hackers who fall somewhere in between the actions of white and black hats. Gray hat hackers theoretically have the benefit of additional flexibility in conducting attacks when compared with white hats, yet somehow avoid the negative social (and legal) stigma of being a black hat hacker, because they don't break the spirit of the law. The disadvantage of adding the concept of a gray hat into the mix means that it makes defining boundaries even that much more difficult when trying to distinguish differences between appropriate and inappropriate behavior. Black Hat HackersIn an effort to remove confusion and perspective from the definition of white hat and black hat hackers, we can simply center our definitions around the concept of “permissions.” If we define a white hat hacker as someone who has permission by the system owner (typically a high-level manager) to attack a computer system, and a black hat hacker as someone that does not have the necessary permissions, we reach a much clearer understanding of what the differences are between the two groups. The important part in labeling white hats and black hats is removing the concept of morality and ethics from the definition. But what does this mean in practice, then, if we are going to remove ethics from the definition, and how can we justify the use of black hats? In the reality of cyber warfare or industrial espionage, using our definition of a black hat, those individuals attacking a foreign or competitor's system would certainly be categorized as black hat hackers because they would be attacking without the approval of the system owners; however, the attackers would be motivated to conduct their attack within the belief that it benefits either family, community, homeland, or a combination of each; by framing their activities within this ethical framework, their attack would be seen as legitimate and appropriate by both the attacker and those who would benefit from the attack (such as a government entity). It seems difficult to justify the notion that black hats are potentially beneficial; however, we have already examined how ninja played a part in the development of Japan to undermine armies. To understand the need for unconventional warfare in modern times, we can also look at the need and existence of special military forces, which are designed to conduct clandestine and unconventional warfare and train insurgents in espionage and military tactics.3 An argument can be made that there is a need for clandestine operations in cyber space, just as there is a need to conduct special ground operations in foreign countries by special force teams. This forces us to accept the notion that black hats can do good, at least from a particular perspective. White Hat HackersNow that we have a better understanding of what a black hat is, and the beneficial use of unconventional tactics by clandestine teams, let's see if we can understand the role of a white hat better. When we mention professional penetration testing, or ethical hacking, we conjure up images of professional engineers conducting an attack within a predefined scope of operation. In some cases, the scope can be extremely restricted, certain hacking tools may be excluded, and certain systems designated as “off limits.” Although this may allow the system owners to better understand the risk of a specific threat, penetration testing within a defined scope that limits the actions of the penetration test engineer does not provide the system owner a true understanding of the risks that confront an organization. To identify all threats, and thus the true risks to a network or system, the penetration test engineers must be given unrestricted “movement” to conduct their attacks. The disadvantage to a comprehensive risk assessment and penetration test is often time and money, which forces a lot of organizations to tighten down the scope of the penetration test. Depending on the level of support, the black hat hackers may have significant funding, significant time, significant resources, or a combination of all three, in order to conduct their attack; white hat hackers working for the benefit of corporations rarely have this luxury. To make the most of the funds and time available, penetration testing by white hat hackers is therefore restricted within scope requirements. To ensure repeatability and cost-effectiveness, methodologies are used by the penetration test engineers. The specific methodology used may be obtained through open sources, such as the Information Systems Security Assessment Framework (ISSAF), Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), or government documents; or the methodology may be developed in-house by the penetration testers themselves by blending different methodologies and frameworks and regulatory requirements. Regardless of which method is used, the techniques and tools tend to be similar between the methodologies. The use of methodologies does provide some significant advantages, and can be used to find the threats to a system or network using well-known attack vectors. To complicate matters, those who conduct professional penetration tests under the guise of a white hat hacker are often indoctrinated in information security “best practices” when conducting assessments. This indoctrination exhibits itself in the penetration test by favoring repetitiveness over ingenuity; however, professionals who have substantial experience in penetration testing will be able to modify and adopt their attacks in a way that deviates from published methodologies. New attack methods within the realm of white hats are relegated to research and development departments within universities and companies. When compared with black hat hackers, white hat penetration test engineers only improve their methodologies when someone else in the community has released a new approach, or they dedicate time to improve their own approach. It is unfortunate that many new attack vectors are developed by those considered as black hats by the information system security community – malicious hackers. To be truly effective in a professional penetration test, white hat hackers must expand their mindset to be closer to that of a black hat hacker. Ninja Hackers – or ZukinHow should we identify those individuals who attack a system with the permission of the system owner using unconventional means that are outside the boundaries of accepted methodologies? The term white hat hacker cannot work because they do not default to the use of unconventional attack methods. The term gray hat hacker cannot be used either, because the very definition of a gray hat hacker includes the use of illegal, or nonconsensual, attack methods against a target system or network. And because the attack is being done with permission, the black hat hacker moniker has to be excluded. To properly define such an individual, we need to come up with a new term; in this book, we will use the phrase “ninja hackers” and “Zukin” to identify these professionals, and investigate methods to become a ninja hacker ourselves. SHINOBI-IRI (Stealth and Entering Methods)A “Zukin” is the name for the old traditional black mask that ninja wore during certain missions. It allowed them to conceal their identity and reduce their chance of being discovered. We will be using the term “Zukin” throughout this book to denote ninja hackers – and to distinguish ourselves from the traditional black, gray, and white hat hackers. The use of unconventional methods during a professional penetration test has both disadvantages and advantages. To understand both, we need to identify exactly what we are talking about when we refer to unconventional penetration test tactics. This book breaks out numerous unconventional attack methods into different chapters and discusses disguise, infiltration, impersonation, stealthy entrance, surveillance, espionage, escape, concealment, and even sabotage – areas that are often outside traditional penetration test methods. In those rare occasions where a methodology includes an unconventional attack within a penetration test, the penetration test engineer is often still restricted on how far he or she can go and what type of “damage” he or she can do against the target system, which can be something innocuous as placing a text file on the system, or something worse such as deleting database records. Again, restrictions placed on a penetration test engineer during an assessment prevent a full understanding of the true potential of a vulnerability and effectiveness of an attack vector, resulting in misleading results. Restrictions on unconventional attack methods exist because of the fear of negatively impacting the target system, especially if the target system is mission-critical to a business unit. The system owners may be apprehensive about system crashes and other disastrous events if they allow attacks that are outside the industry's “best practice” to be performed against their assets. The types of attacks that are often conjured up by the imagination when thinking of unconventional attacks include denial-of-service attacks, and buffer overflows that crash a system; however, the traditional penetration testing attempts to produce results without doing any harm to systems and prefer to identify and demonstrate risks to administrators and management. If we are to integrate Ninpō and penetration testing into a coherent tactic, we have to acknowledge that attacks that crash a system or deny access to a system are inherently contrary to ninja hacking, because it draws attention to ourselves and our attack, which needs to be avoided at all costs, according to the traditions of Ninjutsu. One of the duties within the Togokure-ryu, as written by Toshitsugu Takamatsu, requires that the ninja2:
Therefore, the methods of a ninja hacker, using unconventional attacks, could be used against any type of system – even critical systems – because the Zukin techniques should never affect the day-to-day operations of the target under attack, yet still identify vulnerabilities that could devastate the owners of the system if the vulnerabilities were exploited by nefarious attackers. A negative side-effect of ninja hacking is that only a few potentially exploitable vulnerabilities are identified during the attack. The ability to avoid detection is threatened when multiple attacks are attempted against the target system. A Zukin needs to identify the best approach to infiltration and compromise before the attack, and carry out that attack to its (hopefully) successful conclusion. Only if unsuccessful in the initial attack would a ninja hacker attempt a second ingress (unless the second ingress was part of the attack plan, but we will get into that discussion in Chapter 3, “Strategies and Tactics”). The advantage to this method of attack is that resources are conserved and focused; the disadvantage is that only one attack vector is identified, tested, and exploited. However, this disadvantage does not invalidate a penetration test. TipWithin an effective incident-response program, an organization should be ready to deal with unplanned and unconventional events, which is exactly how a ninja hacker conducts his or her attacks. Although only a single attack vector is identified and used, there is great benefit in conducting a penetration test that uses highly skilled engineers, capable of great creativity and understanding on how to use unconventional methods, to gain entry into a target system or network. In addition, any success can be seen as an indication that an organization's incidence response, vulnerability identification, patch management, security policy, and security training programs need additional improvements. For an organization that is truly interested in improving its security posture, any successful attack – especially those provided by highly skilled engineers versed in the use of unconventional tactics – provides a wealth of valuable information that can be used to the advantage of the organization and its stakeholders. Additional benefits and disadvantages in using ninja hackers will be discussed throughout this book, but when used correctly, the benefits can significantly outweigh the disadvantages, especially because ninja hacking is the closest an organization can come to understanding the threats and capabilities of black hat hackers. However, not every organization can immediately benefit from a professional penetration test conducted by Zukin. If an organization does not have an effective security policy, incident response team, vulnerability identification program, risk-assessment group, or an understanding of the existing threat vectors, it would be wasting its time and resources by requesting a penetration test using unconventional methods; a better alternative would be to begin with audits, risk assessments, and eventually penetration tests using traditional methodologies. Once all other efforts have been exhausted to identify vulnerabilities within an organization, only then should the management pursue more aggressive and comprehensive penetration tests, such as those used by ninja hackers. Penetration tests using traditional methodologies will identify vulnerabilities that should be expected and are well known throughout the information system security community – penetration tests using unconventional methodologies will identify those exploitable vulnerabilities nobody expects, and which pose the largest threat to an organization, primarily because they go undetected for days, months, years, or indefinitely. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597495882000020 Database SecurityJan L. Harrington, in Relational Database Design (Third Edition), 2009 Hackers and CrackersExternal threats are initiated by people known in the hacking community as crackers. Initially, the term hacker referred to someone who could write an ingenious bit of software. In fact, the phrase “a good hack” meant a particularly clever piece of programming. Outside of the hacking community, however, anyone who attempts illegal access to a computer network is called a hacker. Hacking often involves becoming intimate with the details of existing software to give the hacker the knowledge necessary to attempt an unauthorized system break-in. Nonetheless, those who adhere to the original definition of hacker wanted to differentiate themselves from those who perform illegal activities, thus the term cracker. There are many ways to classify those who break into computer systems, depending on which source you are reading. However, most lists of the types of hackers include the following (although they may be given different names): ▪White hat hackers: This group considers itself to be the “good guys.” Although white hat hackers may crack a system, they do not do it for personal gain. When they find a vulnerability in a network, they report it to the network owner, hardware vendor, or software vendor, whichever is appropriate. They do not release information about the system vulnerability to the public until the vendor has had a chance to develop and release a fix for the problem. White hat hackers might also be hired by an organization to test a network's defenses. White hat hackers are extremely knowledgeable about networking, programming, and existing vulnerabilities that have been found and fixed. They typically write their own cracking tools. ▪Script kiddies: The script kiddies are hacker “wannabes.” They have little, if any, programming skill and therefore must rely on tools written by others. Psychological profiles of script kiddies indicate that they are generally male, young (under 30), and not socially well adjusted. They are looked down upon by most other hackers. Script kiddies do not target specific networks but, instead, scan for any system that is vulnerable to attack. They might try to deface a Web site, delete files from a target system, flood network bandwidth with unauthorized packets, or in some other way commit what amounts to cyber vandalism. Script kiddies typically don't want to keep their exploits secret. In fact, many of those who are caught are trapped because they have been bragging about what they have done. ▪Black hat hackers: Black hat hackers are motivated by greed or a desire to cause harm. They target specific systems, write their own tools, and generally attempt to get in and out of a target system without being detected. Because they are very knowledgeable and their activities often undetectable, black hat hackers are among the most dangerous. ▪Cyberterrorists: Cyberterrorists are hackers who are motivated by a political, religious, or philosophical agenda. They may propagate their beliefs by defacing Web sites that support opposing positions. Given the current global political climate, there is also some fear that cyberterrorists may attempt to disable networks that handle utilities such as nuclear plants and water systems. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780123747303000176 Database SecurityJan L. Harrington, in Relational Database Design and Implementation (Fourth Edition), 2016 Hackers and CrackersExternal threats are initiated by people the general population calls “hackers.” Initially, however, the term “hacker” referred to someone who could write an ingenious bit of software. In fact, the phrase “a good hack” meant a particularly clever piece of programming. As with many technological terms, however, the meaning changed when the term entered the mainstream and therefore today anyone who attempts illegal access to a computer network is called a hacker. There are many ways to classify those who break into computer systems, depending on which source you are reading. However, most lists of the types of hackers include the following (although they may be given different names): ■White hat hackers: This group considers itself to be the “good guys.” (Whether they actually are good guys is open to question, however.) Although white hat hackers may crack a system, they do not do it for personal gain. When they find a vulnerability in a network, some hardware, or a piece of software, they report it to the network owner, hardware vendor, or software vendor, whichever is appropriate. They do not release information about the system vulnerability to the public until the vendor has had a chance to develop and release a fix for the problem. White hat hackers might also be hired by an organization to test a network’s defenses. White hat hackers are extremely knowledgeable about networking, programming, and existing vulnerabilities that have been found and fixed. They often write their own system cracking tools. ■Script kiddies: The script kiddies are hacker “wannabes.” They have little, if any, programming skill and therefore must rely on tools written by others. Psychological profiles of script kiddies indicate that they are generally male, young (under 30), and not socially well-adjusted. They are looked down upon by most other hackers. Script kiddies usually do not target specific networks, but instead scan for any system that is vulnerable to attack. They might try to deface a Web site, delete files from a target system, flood network bandwidth with unauthorized packets, or in some other way commit what amounts to cyber vandalism. Script kiddies typically don’t want to keep their exploits secret. In fact, many of those that are caught are trapped because they have been bragging about what they have done. ■Black hat hackers: Black hat hackers are motivated by greed or a desire to cause harm. They target specific systems, write their own tools, and generally attempt to get in and out of a target system without being detected. Because they are very knowledgeable, and their activities often undetectable, black hat hackers are among the most dangerous. ■Cyberterrorists: Cyberterrorists are hackers who are motivated by a political, religious, or philosophical agenda. They may propagate their beliefs by defacing Web sites that support opposing positions. Given the current global political climate, there is also a reasonable fear that cyberterrorists may attempt to disable networks that handle utilities such as nuclear plants and water systems. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128043998000235 Security in embedded systems*J. Rosenberg, in Rugged Embedded Systems, 2017 Pace makersPacemakers from several manufacturers can be commanded to deliver a deadly, 830-V shock from someone on a laptop up to 50 ft away, the result of poor software programming by medical device companies. This was first reported by well-known white hat hacker Barnaby Jack6 of security vendor IOActive, known for his analysis of other medical equipment such as insulin-delivering devices. The flaw lies with the programming of the wireless transmitters used to give instructions to pacemakers and implantable cardioverter-defibrillators (ICDs), which detect irregular heart contractions and deliver an electric shock to avert a heart attack. A successful attack using the flaw could definitely result in fatalities. Jack made a video demonstration showing how he could remotely cause a pacemaker to deliver an 830-V shock, which could be heard with a crisp audible pop. As many as 4.6 million pacemakers and ICDs were sold between 2006 and 2011 in the United States alone. In the past, pacemakers and ICDs were reprogrammed by medical staff using a wand that had to pass within a couple of meters of a patient who had one of the devices installed. The wand flips a software switch that would allow it to accept new instructions. But the trend is now to go wireless. Several medical manufacturers are now selling bedside transmitters that replace the wand and have a wireless range of up to 30–50 ft. In 2006, the US Food and Drug Administration approved full radio-frequency-based implantable devices operating in the 400 MHz range. With that wide transmitting range, remote attacks against the software become more feasible. Jack found the devices would give up their model and serial number after he wirelessly contacted one with a special command. With the serial and model numbers, Jack could then reprogram the firmware of a transmitter, which in turn allowed reprogramming of a pacemaker or ICD in a person’s body. Other problems found with the devices included the fact they often contain personal data about patients, such as their name and their doctor and access to remote servers used to develop the software. It is possible to upload specially crafted firmware to a company’s servers that would infect multiple pacemakers and ICDs, spreading through their systems like a real virus. Jack painted a doomsday scenario saying, “We are potentially looking at a worm with the ability to commit mass murder.” Ironically, both the implants and the wireless transmitters are capable of using AES (advance encryption standard) encryption, but it was not enabled. The devices also were built with “backdoors,” or ways that programmers can get access to them without the standard authentication using a serial and model number. There is a legitimate medical need for a backdoor since without one, you might have to perform otherwise unnecessary surgery. It is vital when designing a backdoor that extreme care be taken. In this case, it has to be embedded deep inside the ICD core. Ultimately the flaws in the pacemaker could mean an attacker could perform a fairly anonymous assassination from 50 ft away turning a simple laptop into a murder weapon. And it doesn’t take a professional highly advanced hacker like Barnaby Jack to construct these attacks. A University of Alabama group showed that a pacemaker or insulin pump attack can be done by a student with basic information technology and computer science background. The student attackers had no penetration testing skills, but successfully launched brute force and DoS attacks as well as attacks on security controls of a pacemaker. Their attacks included a DoS attack using HPING3 and using Reaver for a brute force attack against Wi-Fi Protected Setup register PIN numbers. In the students second attempt, they were able to crack the pacemaker’s passphrase in 9528 s or 2 h 38 min and 48 s. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128024591000063 Domain 1Eric Conrad, ... Joshua Feldman, in CISSP Study Guide (Second Edition), 2012 Black hats and white hatsBlack hat hackers are malicious hackers, sometimes called crackers. Black hats lack ethics, sometimes violate laws, and break into computer systems with malicious intent, and they may violate the confidentiality, integrity, or availability of an organization's systems and data. White hat hackers are the good guys, who include professional penetration testers who break into systems with permission, malware researchers who study malicious code to provide better understanding and to disclose vulnerabilities to vendors, etc. White hat hackers are also known as ethical hackers; they follow a code of ethics and obey laws. Finally, gray hat hackers (sometimes spelled with the British “grey,” even outside of the United Kingdom) fall somewhere between black and white hats. According to searchsecurity.com, “Gray hat describes a cracker (or, if you prefer, hacker) who exploits a security weakness in a computer system or product in order to bring the weakness to the attention of the owners. Unlike a black hat, a gray hat acts without malicious intent. The goal of a gray hat is to improve system and network security. However, by publicizing a vulnerability, the gray hat may give other crackers the opportunity to exploit it. This differs from the white hat who alerts system owners and vendors of a vulnerability without actually exploiting it in public.” [26] Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9781597499613000029 Scientific EthicsThomas W. Edgar, David O. Manz, in Research Methods for Cyber Security, 2017 Cyber Security Expert ClassificationThe difference between cyber security professionals and malicious hackers can often be just the intent and ethical behavior exhibited. As the tools and techniques used by cyber security professionals can be the same as those used by malicious hackers. In the early days of cyber security becoming a profession, there was a negative perspective due to the shared techniques. In order to handle this, different classifications were defined by cyber security professionals based on their ethical and legal perspectives. These classifications were defined to make clear distinctions between ethical and unethical security professionals and malicious hackers. Black Hat: A black hat hacker is someone with objectives of studying and using cyber security techniques and tools for personal or private gain through malicious or threat activity. Did You Know? Richard Stallman, the famed software freedom stalwart, coined the terms black and white hat hackers. As the original term for hacker meant someone with a desire to understand and tinker with technology, it came at odds with the popular meaning of hacker which mean a cyber criminal. Therefore, Stallman coined the term black hat to represent a criminal hacker as opposed to the benevolent hacker termed white hat. Stallman based these terms on traditions in old Western films where the good guys wore white hats and the bad guys wore black hats. White Hat: White hat hackers are security professionals who follow ethical and legal behavior. Their objective is to help improve security. Grey Hat: A grey hat hacker has the intent of improving security but will do things that are unethical such as unauthorized hacking or doing full disclosure of vulnerabilities without providing lead time to vendors. Read full chapter URL: https://www.sciencedirect.com/science/article/pii/B9780128053492000157 What is the goal of a white hat hacker?White Hat: White hat hackers are security professionals who follow ethical and legal behavior. Their objective is to help improve security.
Can white hat hackers be trusted?A white hat hacker can be a fantastic asset for identifying vulnerabilities in your security systems, but these partnerships should be made carefully. A whitehat hacker is being trusted with the security of your organization and, as such, should have strong experience and certifications under their belt.
|
