hackerVS cracker_Czar

Yet again, the same topic comes up. Who is a hacker? Who is a cracker? Are they the same people with two name tags, or are they really different people? If they are different, then how? Well this has been an age old topic of discussion, and has been a part of various controversies. But still, here I am, trying to give you a little insight into this matter, and trying to clear a few of your doubts.

Google still defines a hacker as “a person who uses computers to gain unauthorized access to data”. Well isn’t this what we have known since childhood? Whenever we think of computer security, or information security, the first term that comes to our mind is “hackers”. We often faultily associate the term to everything negative related to information security. “Hacker” has become more of a pejorative expression for people these days.

The term hacker has its origins in the 1960s when phone phreaking had started laying its roots, and the students and MIT had used it in the Tech Model Railroad Club. Well at that time hackers were defined as the people who had a deep knowledge regarding the working of computer systems. Hackers were those people who could break into systems, but with a positive intention of fixing the problems. But after that the innumerable number of security breaches, and notorious activities of various communities have forced the common man to look at the hackers from a different perspective. Now, whenever we think of a hacker, we imagine a dark room filled with a cloud of smoke, and a guy sitting somewhere in there infront of a computer screen all day, who never gets out of the room. This is where we are going wrong!

Hackers are not people with malicious intentions. They break into systems, but not for criminal purposes. Hackers are the good guys. The more perfect term for them is- Ethical Hacker. They are the people who point out problems and fix them. A White Hat fits as a perfect example of a hacker. White Hats are people who are ethical hackers, and who specialize in penetration testing, and network security issues. They ensure the safety and security of the information systems of a firm or an organization, as required. Hackers are professionals or students who continuously study and research regarding hacking, and keep themselves updated regarding all new security breaches, and try to find solutions. Hackers usually have a very good knowledge in programming languages and of operating systems. They test vulnerabilities, and also engage in exploit writing. Hackers are more like the internet police, who try to think like the criminals, but to catch them, or to save others from their attacks. One of the famous hackers of this age is Jeff Moss, a computer security and network security expert, better known as The Dark Tangent, who is the founder of the BlackHat and Defcon conferences.

On the other hand there are crackers, or the bad guys. Crackers are a category of hackers which need a special mention, because they are nothing like hackers. They are people who breach into systems for criminal gain. The White Hat community claims that they are the ones who should be known as hackers, and the Black Hats should be referred to as crackers. Black Hats are those people who have extensive knowledge of computer security, and who break into information systems or bypass the security for personal or monetary gain. They can steal account numbers, credit card numbers, erase huge sectors of data, or even leave harmful viruses. Crackers also reverse engineer various softwares and modify them to serve their purposes. A cracker can harm the system integrity, or cause problems for users trying to work on a remote server. Crackers are often less skilled and so they get caught often. Except the Black Hats, there are a very few crackers who actually do have a lot of knowledge regarding computer, or information security. Eric S. Raymond, the author of The New Hacker’s Dictionary, says that the members of computer underground should be referred to as crackers. One of the famous crackers is Kevin Mitnick. Anyone who has heard about hacking must have heard his name. He was the most wanted computer hacker by the FBI in 1995, and was even suspected of wire-tapping the agents at National Security Agency, USA.

Hackers and crackers have one thing in common- their way of breaking into a system. The three initial steps that they follow in order to gain access to any system are:

1. Information gathering

2. Scanning of target

3. Gaining operating system or network level access.

The fourth step is where the main difference lies. After following this process a hacker reports the vulnerability, and/or fixes the issues and problems, while a cracker maintains access to the system using backdoors and RATs, and then tries to cover the tracks which can trace back to him. This is the most important work for a cracker because covering the tracks ensures whether a cracker will be caught or not.

In today’s world hacking has become a daily topic of discussion. Various tools and softwares have come up which a start out cracker can easily use in order to gain a certain level of access into various systems. Using proxy servers, and hacking tools have become a simple task for anyone. Along with this, even the threats are increasing, the risks are increasing, and more and more investments are being made to ensure the security and integrity of information systems. Be it a small website owner, the FBI, or a security personnel sitting behind the one-way dark glass of the NSOC NSA, everyone is working for days and nights to implement better security on the systems.

Now it is the common people who needs to be made aware of the facts. The misconceptions should be erased from their minds, and they should be let to know whom they can trust and whom they shouldn’t.

[author] [author_image timthumb=’off’]http://blog.czarsecurities.com/wp-content/uploads/2014/02/spandan.jpg[/author_image] [author_info]

Spandan Chowdhury is studying Computer Science and Engineering at NIT Durgapur. A tech enthusiast, gadget freak, and very interested in programming, networking and cyber security.

Currently a member of World Intelligence Network, various high IQ societies and NGOs. Loves psychology, quizzing, playing violin, painting, and athletics.[/author_info] [/author]