Malicious hacker No. 7: Rogue hackers
There are hundreds of thousands of hackers who simply want to prove their skills, brag to friends, and are thrilled to engage in unauthorized activities. They may participate in other types of hacking (crimeware), but it isn't their only objective and motivation. These are the traditional stereotyped figures popularized by the 1983 film "War Games," hacking late at night, while drinking Mountain Dew and eating Doritos. These are the petty criminals of the cyber world. They're a nuisance, but they aren't about to disrupt the Internet and business as we know it -- unlike members of the other groups.
Know thine cyber enemy
It's important to know your enemy in order to defend against them. If you think simply having a buffer overflow, fully patched systems, and antivirus will defend against all hackers no matter their objectives, you're wrong.
For instance, APT agents usually take over the entire corporate environment: They control hundreds of computers, know every password, and are able to listen in on every conversation, including the ones discussing how to get rid of them. APT is very hard to vanquish. The "advanced" part of "advanced persistent threat" doesn't refer to their tactics; it refers to their high level of organization. They are strategic, and a strategic defense is necessary to minimize their threat. If you want to get rid of an APT, you have to slow down and figure which tactics to take when.
Combating cyber warfare is easier. To defeat the Stuxnet worm, for example, all you have to do is patch four holes and disable USB ports -- done. If a hacker's motivation is purely pushing adware, then you don't need to format your machine and begin all over again when you find an adware malware program. However, the exact opposite is true of a crimeware program. When you find crimeware, the only defense is to flatten and rebuild, along with closing the hole through which it entered.
Using honeypots is a dependable way to gauge which sort of intruder you're dealing with; plus, they make great early-warning systems and serve as alerts to the low and slow threats. For example, I'll set up a honeypot full of popular games, another that appears to hold highly confidential company data, and a third that appears to hold military secrets. The intruder breaking into the gaming server has different objectives than the perpetrator who concentrates on the other two.
When you come across intruders or malware make sure you understand the attacker's motivation. Without that, you're being prematurely reactive.
This story, "Your guide to the seven types of malicious hackers," was originally published at InfoWorld.com. Keep up on the latest developments in network security and read more of Roger Grimes' Security Adviser blog at InfoWorld.com. For the latest business technology news, follow InfoWorld.com on Twitter.