Black hat

From Wikipedia, the free encyclopedia

A black-hat is a term in computing for someone who compromises the security of a system without permission from an authorized party, usually with the intent of accessing computers connected to the network. The term cracker was coined by Richard Stallman to provide an alternative to using the existing word hacker for this meaning.[1] The somewhat similar activity of defeating copy prevention devices in software which may or may not be legal in a country's laws is actually software cracking.

Use of the term "cracker" is mostly limited (as is "black hat") to some areas of the computer and security field and even there is considered controversial. Until the 1980s, all people with a high level of skills at computing were known as "hackers". A group that calls themselves hackers refers to "a group that consists of skilled computer enthusiasts". The other, and presently more common usage, refers to those who attempt to gain unauthorized access to computer systems. Over time, the distinction between those perceived to use such skills with social responsibility and those who used them maliciously or criminally, became perceived as an important divide. Many members of the first group attempt to convince people that intruders should be called crackers rather than hackers, but the common usage remains ingrained. The former became known as "hackers" or (within the computer security industry) as white hats, and the latter as "crackers" or "black hats". The general public tends to use the term "hackers" for both types, a source of some conflict when the word is perceived to be used incorrectly. In computer jargon the meaning of "hacker" can be much broader.

Usually, a black hat is a person who uses their knowledge of vulnerabilities and exploits for private gain, rather than revealing them either to the general public or the manufacturer for correction. Many black hats promote individual freedom and accessibility over privacy and security[citation needed]. Black hats may seek to expand holes in systems; any attempts made to patch software are generally done to prevent others from also compromising a system they have already obtained secure control over. A black hat hacker may have access to 0-day exploits (private software that exploits security vulnerabilities; 0-day exploits have not been distributed to the public). In the most extreme cases, black hats may work to cause damage maliciously, and/or make threats to do so as blackmail.

Techniques for breaking into systems can involve advanced programming skills and social engineering, but more commonly will simply be the use of semi-automatic software, developed by others — often without understanding how the software itself works. Crackers who rely on the latter technique are often referred to as script kiddies. Common software weaknesses exploited include buffer overflow, integer overflow, memory corruption, format string attacks, race conditions, cross-site scripting, cross-site request forgery, code injection and SQL injection bugs.

The reference to colored hats comes from Hollywood’s use of hats in old black-and-white Western movies to help an audience differentiate between the good guys (white hats) and the bad guys (black hats).[citation needed] The 'hat' terms do not fall under common use. Even inside the computing field they are very controversial.

[edit] Notable intruder and criminal hackers

Note that many of these individuals have since turned to fully legal hacking.

  • Mark Zbikowski — In his senior year at Roeper, c. 1973/4, Zbikowski became known as one of the earliest computer crackers, after cracking the security system on Wayne State University's MTS (Michigan Terminal Service, developed at University of Michigan) mainframe for his own amusement. According to Zbikowski, when he offered to show the university how to fix the security leak, university officials threatened prosecution and offered him a job during the same meeting.
  • Jonathan James (also known as c0mrade) made unauthorized copies of software controlling the International Space Station's life sustaining elements, and intercepted thousands of electronic messages relating to U.S. nuclear activities from the Department of Defense. Sentenced at age 16, he was the youngest cybercriminal ever incarcerated in the United States.
  • Mark Abene (also known as Phiber Optik) — Inspired thousands of teenagers around the country to "study" the internal workings of the United States phone system. One of the founders of the Masters of Deception group.
  • Dark Avenger — Bulgarian virus writer that popularized polymorphic code in 1992 as a means to circumvent the type of pattern recognition used by Anti-virus software, and nowadays also intrusion detection systems.
  • Markus Hess — A West German, he hacked into United States Military sites and collected information for the KGB; he was eventually tracked down by Clifford Stoll.
  • Adrian Lamo — Lamo surrendered to federal authorities in 2003 after a brief manhunt, and was charged with nontechnical but surprisingly successful intrusions into computer systems at Microsoft, The New York Times, Lexis-Nexis, MCI WorldCom, SBC, Yahoo!, and others. His methods were controversial, and his full-disclosure-by-media practices led some to assert that he was publicity-motivated.
  • Vladimir Levin — This mathematician allegedly masterminded the Russian hacker gang that tricked Citibank's computers into spitting out $10 million. To this day, the method used is unknown.
  • Kevin Mitnick — Held in jail without bail for a long period of time. Inspired the Free Kevin movement. Once "the most wanted man in cyberspace", Mitnick went on to be a prolific public speaker, author, and media personality. Mitnick Security Consulting, LLC is a full-service information security consulting firm.
  • Robert Tappan Morris — In 1988 while a Cornell University graduate student was the writer of the first worm, Morris Worm, which used buffer overflows to propagate.
  • Nahshon Even-Chaim (also known as Phoenix) — Leading member of Australian hacking group The Realm. Targeted US defense and nuclear research computer systems in late 1980s until his capture by Australian Federal Police in 1990. He and fellow Realm members Electron and Nom were the world's first computer intruders prosecuted based on evidence gathered from remote computer intercept.
  • Kevin Poulsen — In 1990 Poulsen took over all telephone lines going into Los Angeles area radio station KIIS-FM to win an automobile in a call-in contest. Poulsen went on to a career in journalism, including several years as editorial director at SecurityFocus.
  • David L. Smith — In 1999 Smith launched the Melissa Worm, causing $80 million dollars worth of damage to businesses. Originally sentenced to 40 years, he eventually served only 20 months when he agreed to work undercover for the FBI.
  • Frank Lebron flooded many large P2P networks with trojans, viruses, and worms. Arrested and charged by the FBI.

[edit] See also