Professional Issues in Information System

Introduction to Cyber Issues

and Types of Hackers

Lesson 2
 Main arguments against Hacking
• Hacking is illegal, and if one accepts that the law is still one of the best
guides as to what constitutes ethical/unethical, then if an action is
criminal it is also indefensible, ethically

• Hacking can be enormously disruptive of business and communication,

using up valuable system resources that may be needed by emergency
services, security or law enforcement agencies.

• Hacking constitutes trespassing of personal/property and or invasion of

privacy

• It can be argued that public disclosure of information is not always in the

public good. Some information should remain classified.

• Hacking is unprofessional and cannot be reconciled with the codes of

conduct of any professional body in the computing field.
 Main Ethical Defenses of Hacking
• Hackers can act as public watchdogs, disclosing information which the
public has a right to know, or where the public might be in danger.

• Hackers can expose abuses of power, corruption and wrongdoing by

governments or big business.

• Hackers can provide a check against the centralization of power and

information in societies.

• Hackers can improve security, by breaching systems in order to expose

vulnerabilities and loopholes.

• Hacking can be conducted for the purposes of counter-terrorism, law

enforcement and crime detection.
 The Hacker Ethic
1. Access to computers should be unlimited and
total.
2. All information should be free.
3. Authority should be mistrusted and
decentralization promoted.
4. Hackers should be judged solely by their skills at
hacking, rather than by race, class, age, gender,
or position.
5. Computers can be used to create art and beauty.
6. Computers can change your life for the better.
 Hacking or Cracking
• Unauthorized access into or interference in a
computer system/server or information and
communication system; any access in order to
corrupt, alter, steal, or destroy the computer or
information and communications system.

• The introduction of computer viruses

P100,000.00 fine + damage incurred + mandatory
imprisonment of 6 months to 3 years.
 TYPES OF HACKERS
• Technology has evolved rapidly in the last two decades, bringing
about new innovations and tools to help us navigate our tech-
driven world. While much technological evolution has resulted in
tools that help us work, live and navigate modern life with more
ease, technology has also opened a widening window of security
vulnerabilities that cybercriminals love to exploit.

• Hackers—and the malware they use in their crimes—have seen

much evolution as well, and the methods they use to carry out their
attacks have become increasingly sophisticated.

• In fact, not all hackers are criminals—some are actually hired to

stop criminals in their tracks.
 1. Black Hat: Criminal
Hackers/Crackers
• A black hat hacker is a cybercriminal who breaks into computer systems
with malicious or criminal intent. Black hat hackers are probably what you
think of when you picture a typical hacker or cybercriminal. Their
advanced technical knowledge and ability to navigate the cyber security
landscape is what makes them so skilled in carrying out their attacks. They
go out of their way to find vulnerabilities in computer systems and
software, which they exploit for financial gain or other malicious purposes.

• These individuals can do serious harm to individuals and organizations

alike by stealing sensitive or personal data, compromising entire computer
systems, or altering critical networks.

• Motives: To profit from data breaches

• Who’s most at risk? Black hat hackers pose the most risk to organizations,
which they typically target to steal sensitive data that can compromise a
business financially.
 2. White Hat: Authorized Hackers
• Similar to black hat hackers, white hat hackers are cybersecurity
experts who use their skills to find vulnerabilities in organizational
networks and computer systems. The key difference between them,
however, is that white hat hackers are authorized to hack these
systems for the purpose of spotting security vulnerabilities before a
criminal hacker can.

• Typically hired by governments or large businesses, white hat

hackers identify and fix loopholes or weaknesses found in
organizational security systems to help prevent an external attack
or data breach.

• Motives: Help businesses prevent cyber security attacks

• Who’s most at risk? Criminal hackers
3. Grey Hat: “Just for Fun” Hackers
• A grey hat hacker is a cybersecurity expert who finds ways to hack
into computer networks and systems, but without the malicious
intent of a black hat hacker.

• Typically, they engage in hacking activities for the pure enjoyment

of finding gaps in computer systems, and they might even let the
owner know if any weak points are found. However, they don’t
always take the most ethical route when employing their hacking
activities—they may penetrate systems or networks without the
owner’s permission (even though they aren’t trying to cause any
harm).

• Motives: Personal enjoyment

• Who’s most at risk? Anyone who doesn’t want unauthorized access
to their systems and networks
4. Script Kiddies: Amateur Hackers
• Script kiddies are amateur hackers that don’t
possess the same level of skill or expertise as
more advanced hackers in the field. To make up
for this, they turn to existing malware created by
other hackers to carry out their attacks.

• Motives: To cause disruption

• Who’s most at risk? Organizations with
unsecured networks and systems
 5. Green Hat: Hackers-in-Training
• A green hat hacker is someone who is new to the
hacking world but is intently focused on increasing
their cyberattack skills. They primarily focus on gaining
knowledge on how to perform cyberattacks on the
same level as their black hat counterparts. Their main
intent is to eventually evolve into a full-fledged hacker,
so they spend their time looking for learning
opportunities from more experienced hackers.

• Motives: Trying to learn how to become an

experienced hacker
• Who’s most at risk? No one (yet)
 6. Blue Hat: Authorized Software
Hackers
• Blue hat hackers are hired by organizations to
bug-test a new software or system network
before it’s released. Their role is to find loopholes
or security vulnerabilities in the new software
and remedy them before it launches.

• Motives: To identify vulnerabilities in new

organizational software before it’s released
• Who’s most at risk? Criminal hackers
 7. Red Hat: Government-Hired
Hackers
• Red hat hackers are hired by government agencies to spot
vulnerabilities in security systems, with a specific focus on
finding and disarming black hat hackers. They’re known to
be particularly ruthless in their hunt for black hat criminals,
and typically use any means possible to take them down.
This often looks like using the same tactics as black hat
hackers and using them against them—using the same
malware, viruses and other strategies to compromise their
machines from the inside out.

• Motives: To find and destroy black hat hackers

• Who’s most at risk? Black hat hackers
 8. State/Nation Sponsored Hackers:
International Threat Prevention
• State/nation sponsored hackers are appointed by a
country’s government to gain access to another nation’s
computer systems. Their cybersecurity skills are used to
retrieve confidential information from other countries in
preparation for a potential upcoming threat or attack, as
well as to keep a pulse on sensitive situations that could
pose a threat in the future. These types of hackers are hired
solely by government agencies.

• Motives: To monitor and prevent international threats

• Who’s most at risk? International hackers and criminals
 9. Malicious Insider: Whistleblower
Hackers
• Malicious insider hackers are individuals who employ a
cyberattack from within the organization they work for.
Also known as whistleblowers, their motivation for
attack can vary from acting on a personal grudge they
have against someone they work for to finding and
exposing illegal activity within the organization.

• Motives: To expose or exploit an organization’s

confidential information
• Who’s most at risk? Internal executives and business
leaders
 10. Hacktivists: Politically Motivated
Hackers
• A hacktivist is someone who hacks into government networks
and systems to draw attention to a political or social cause—
hence why the name “hacktivist” is a play on the word
“activist.” They use hacking as a form of protest, retrieving
sensitive government information, which is used for political
or social purposes.

• Motives: To shed light on an alarming social or political cause

(or to make a political or ideological statement)
• Who’s most at risk? Government agencies
11. Elite Hackers: The Most Advanced
Hackers
• Elite hackers are the cream of the crop in the
world of cybercriminals, and are considered to be
the highest skilled hackers in their field. They’re
often the first ones to discover cutting-edge
attack methods, and are known to be the experts
and innovators in the hacking world.

• Motives: To perform advanced cyber attacks on

organizations and individuals
• Who’s most at risk? High-revenue corporations
 12. Cryptojackers: Cryptocurrency
Mining Hackers
• Cryptojackers are known to exploit network vulnerabilities and steal
computer resources as a way to mine for cryptocurrencies. They spread
malware in a variety of ways, often by planting infectious viruses across
the web. These viruses and ransomware-like tactics are used to plant
malicious code on victims’ systems, which work quietly in the background
without the victims’ knowledge. Once the code is planted, it sends the
results back to the hacker.

• Cryptojackers are tough to spot, since the malicious code can go

undetected for a long time. Since their motive isn’t to steal victims’ data,
but rather to use their system as a vehicle for cryptocurrency mining, it’s
difficult to trace the source of the infection once it’s discovered.

• Motives: Cryptocurrency mining

• Who’s most at risk? Any individual or organization with unsecured
networks
 13. Gaming Hackers
• A gaming hacker is someone who focuses their hacking
efforts on competitors in the gaming world. With the
gaming industry booming, it’s no surprise that its own
specialized category of gaming hackers have emerged as a
result. Professional gamers might spend thousands of
dollars on high-performance hardware and gaming credits,
and hackers typically carry out their attacks in an attempt
to steal competitor’s credit caches or cause distributed
denial-of-service (DDoS) attacks to take them out of the
game.

• Motives: To compromise gaming competitors

• Who’s most at risk? High-profile gamers
 14. Botnets: Large-Scale Hackers
• Botnet hackers are malware coders who create bots to
perform high-volume attacks across as many devices as
possible, typically targeting routers, cameras and other
Internet of Things (IoT) devices. The bots operate by
looking for unsecured devices (or devices who still have
their default login credentials intact) to plant themselves in.
Botnets can be used directly by the hacker who created
them, but they’re also frequently available for purchase on
the dark web for other hackers to take advantage of.

• Motives: To compromise a high volume of network systems

• Who’s most at risk? Individuals with unsecured routers and
WiFi-connected devices
 Prelim: Activity 2
• Make a research on a Filipino Hacker with what
he/she have done.

• NOTE: There are several known Filipino Hacker,

just pick one of them to be the target for your
research.

• Include the following:

– The reason for hacking
– Year and what did he/she hacked
– Picture of the Filipino Hacker