Black hat (computer security)

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Mairi (talk | contribs) at 06:08, 14 June 2006 (→‎See also: more meaningful link (and bypass redirect), consistant capitalization). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

The black hat is also one of Edward de Bono's Six Thinking Hats.
A black hatter is also a common term for certain groups of people who tend to wear black hats, e.g. Hasidic Jews.
For the security conference, see Black Hat Briefings

A black hat (also called a cracker or Darkside hacker) is a malicious or criminal hacker. This term is seldom used outside of the security industry and by some modern programmers. The general public use the term hacker to refer to the same thing. In computer jargon the meaning of "hacker" can be much more broad. The name comes from the opposite of White Hat hackers.

Usually a Black hat is a person who maintains knowledge of the vulnerabilities and exploits they find as secret for private advantage, not revealing them either to the general public or the manufacturer for correction. Many Black Hats promote individual freedom and accessibility over privacy and security. Black Hats may seek to expand holes in systems; any attempts made to patch software are generally to prevent others from also compromising a system they have already obtained secure control over. A Black Hat hacker may have access to 0-day exploits (private software that exploits security vulnerabilities; 0-day exploits have not been distributed to the public). In the most extreme cases, Black Hats may work to cause damage maliciously, and/or make threats to do so for blackmail purposes.

Black-hat hacking is the act of compromising the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network (the somewhat similar activity of defeating copy prevention devices in software - which may or may not be legal depending on the laws of the given country - is actually software cracking).

The term cracker was coined by Richard Stallman to provide an alternative to abusing the existing word hacker for this meaning. This term's use is limited (as well as "black hat") mostly to some areas of the computer and security field and even there is considered controversial. One group that refers to themselves as hackers consists of skilled computer enthusiasts. The other, and more common usage, refers to people who attempt to gain unauthorized access to computer systems. Many members of the first group attempt to convince people that intruders should be called crackers rather than hackers, but the common usage remains ingrained.

Techniques for breaking into systems can vary from using advanced programming skills and social engineering to using semi-automatic software developed by others without understanding how it works. Crackers who rely on the latter technique are often referred to as script kiddies (unskilled crackers are far more common than highly skilled ones). Common software weaknesses exploited include buffer overflows, integer overflow, memory corruption, format string attacks, race condition, cross-site scripting, cross-site request forgery, code injection and SQL injection bugs.

The reference to colored hats comes from Hollywood’s use of hats in old black-and-white Western movies to help an audience differentiate between the good guys (white hats) and the bad guys (black hats). The 'hat' terms do not fall under common use. Even inside the computing field they are very controversial.

A brown hat hacker is one who thinks before acting or committing a Malice or Nonmalice deed. A grey hat commonly refers to a hacker who releases information about any exploits or security holes they find openly to the public. They do so without concern for how the information is used in the end (whether for patching or exploiting).

Notable intruder and criminal hackers

Note that many of these have since turned to fully legal hacking.

  • Jonathan James (a.k.a. comrade) was most notably recognized for the unauthorized copying of software which controlled the International Space Station's life sustaining elements, as well as intercepting dozens of electronic messages relating to U.S. nuclear activities from the Department of Defense
  • Mark Abene (a.k.a. Phiber Optik) — Inspired thousands of teenagers around the country to "study" the internal workings of the United States phone system. One of the founders of the Masters of Deception group.
  • Dark Avenger — Bulgarian virus writer that popularized polymorphic code in 1992 as a mean to circumvent the type of pattern recognition used by Anti-virus software, and nowadays also intrusion detection systems.
  • Markus Hess — A West German, he hacked into United States Military sites and collected information for the KGB; he was eventually tracked down by Clifford Stoll.
  • Adrian Lamo — Lamo surrendered to federal authorities in 2003 after a brief manhunt, and was charged with nontechnical but surprisingly successful intrusions into computer systems at Microsoft, The New York Times, Lexis-Nexis, MCI WorldCom, SBC, Yahoo!, and others. His methods were controversial, and his full-disclosure-by-media practices led some to assert that he was publicity-motivated.
  • Vladimir Levin — This mathematician allegedly masterminded the Russian hacker gang that tricked Citibank's computers into spitting out $10 million. To this day, the method used is unknown.
  • Kevin Mitnick — Held in jail without bail for a long period of time. Inspired the Free Kevin movement. Once "the most wanted man in cyberspace," Mitnick went on to be a prolific public speaker, author, and media personality. Mitnick Security Consulting, LLC is a full-service information security consulting firm.
  • Robert Tappan Morris — In 1988 while a Cornell University graduate student was the writer of the first worm, Morris Worm, which used buffer overflows to propagate.
  • Nahshon Even-Chaim (a.k.a. Phoenix) — Leading member of Australian hacking group The Realm. Targeted US defence and nuclear research computer systems in late 1980s until his capture by Australian Federal Police in 1990. He and fellow Realm members Electron and Nom were the world's first computer intruders prosecuted based on evidence gathered from remote computer intercept.
  • Kevin Poulsen — In 1990 Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM to win an automobile in a call-in contest. Poulsen went on to a career in journalism, including several years as editorial director at SecurityFocus.
  • David L. Smith — In 1999 Smith launched the Melissa Worm, causing $80 million dollars worth of damage to businesses. Originally sentenced to 40 years, he eventually served only 20 months when he agreed to work undercover for the FBI.

See also

External links

Retrieved from "https://en.wikipedia.org/w/index.php?title=Black_hat_(computer_security)&oldid=58534013"