cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Hacking For Regular IT People - Why Do We Hack?

Level 10

Previously, I discussed the origins of the word “hacking” and the motivations around it from early phone phreakers, red-boxers, and technology enthusiasts.

Today, most hackers can be boiled down to Black Hats and White Hats. The hat analogy comes from old Western movies, where the good guys wore white and the bad guys wore black. Both groups have different reasons for hacking.

Spy vs. Spy

The White Hat/Black Hat analogy always makes me think of the old Spy vs. Spy comic in Mad Magazine. These two characters—one dressed all in white, the other all in black—were rivals who constantly tried to outsmart, steal from, or kill each other. The irony was that there was no real distinction between good or evil. In any given comic, the White Spy might be trying to kill the Black Spy or vice versa, and it was impossible to tell who was supposed to be the good guy or the bad guy.

Black Hat hackers are in it to make money, pure and simple. There are billions of dollars lost every year to information breaches, malware, cryptoware, and data ransoming. Often tied to various organized crime syndicates (think Russian Mafia and Yakuza), these are obviously the “bad guys” and the folks that we, as IT professionals, are trying to protect ourselves and our organizations from.

The White Hats are the “good guys," and if we practice and partake in our own hacking, we would (hopefully) consider ourselves part of this group. Often made up of cybersecurity and other information security professionals, the goal of the White Hat is to understand, plan for, predict, and prevent the attacks from the Black Hat community.

Not Always Black or White

There does remain another group of people whose hacking motivations are not necessarily determined by profit or protection, but instead, are largely political. These would be the Gray Hats, or the hackers who blur the distinction between black and white, and whose designation as “good or bad” is subjective and often depends on your own point of view. As I mentioned, the motivation for these groups is often political, and their technical resources are frequently used to spread a specific political message, often at the expense of a group with an opposing view. They hack websites and social media accounts, and replace their victims’ political messaging with their own.

Groups like Anonymous would fall into this category, the Guy Fawkes mask-wearing activists who are heavily involved in world politics, and who justify their actions as vigilantism. Whether you think what they do is good or not depends on your own personal belief structure, and which side of the black/white spectrum they land on is up to you. It’s important to consider such groups when trying to understand motivation and purpose, if you decide to embark on your own hacking journey.

What’s in It for Us?

Because hacking has multiple meanings, which approach do we take as IT pros when we sit down for a little private hacking session? For us, it should be about learning, solving problems, and dissecting how a given technology works. Let’s face it: most of us are in this industry because we enjoy taking things apart, learning how they work, and then putting them back together. Whether that’s breaking down a piece of hardware like a PC or printer, or de-compiling some software into its fundamental bits of code, we like to understand what makes things tick, and we’re good at it. Plus, someone actually pays us to do this!

Hacking as part of our own professional development can be extremely worthwhile because it helps us gain a deep understanding of a given piece of technology. Whether it is for troubleshooting purposes, or for a deep dive into a specific protocol while working toward a certification, hacking is one more tool you can use to become better at what you do.

Techniques you use in your everyday work may already be considered “hacks." Some tools you may have at your disposal may potentially be the same tools that hackers use in their daily “work." Have you ever fired up Wireshark to do some packet capturing? Used a utility from a well-known tool compilation to change a lost Windows password? Scanned a host on your network for open ports using NMAP? All of these are common tools that can be used by the IT professional to accomplish a task, or a malicious hacker trying to compromise your environment.

As this series continues, we will look at a number of different tools—both software and hardware—that have this kind of utility, and how you can use these in a way that will improve your understanding of the technology you support, as well as developing a respect for the full spectrum of hacking that may impact your business or organization.

There are some fun toys out there, but make sure to handle them with care.

As always, "with great power comes great responsibility." Please check your local, state, county, provincial, and/or federal regulations regarding any of the methods, techniques, or equipment outlined in these articles before attempting to use any of them, and always use your own private, isolated test/lab environment.

10 Comments

People have a first impression that "hack" is unauthorized and/or a negative action.

I prefer to think of it as "discover" if it's authorized / positive, and "hack" if it's actually negative/unauthorized.

Level 20

I'm working my CEHv9 right now... I'll have to take the test pretty soon.  I love metasploit!

Level 12

We need to have a bit of everything to be knowledgeable. We need to think like hackers too, so the need to hack. Trying to be secure myself.

MVP
MVP

Years ago in a previous life we had a tool that had a canned report(web page view) that was based on database entries in the data warehouse and perl that produced a HTML report.

Well it was Cisco centric with regards to uptime of devices/networks. Well I needed one for the 5000+ vpn appliances at our stores that were not Cisco...so I hacked the perl code by inserting additional code to produce the report and resulting web page I needed.  The down side was every time you updated the base product it overwrote this one directory it had to live in.  This was further abused by the fact they changed things as well so while I could take the code pieces I had created and re-insert them, you had to re-locate the places and figure out what they did differently and adapt.

The big upside was multifaceted.  I learned a lot.  People on a higher payscale could see/get to info they wanted without me re-inventing the wheel.  I saved many hours of coding.  It got me into dynamic HTML webpages via a perl cgi interface....

MVP
MVP

personally, I prefer this definition of hacking.

Hacking within the security context is only a small part of "hacking"

Level 21

Your mention of the Spy VS Spy comic in the Mad Magazine reminded me of the old Spy VS Spy games I had for my Commodore 64 with the same characters; I loved those games!

MVP
MVP

Words mean different things to different people. If you are with a group of security professionals hacking can mean the "bad guys" trying to get into your network or what you do on the inside of your network to research what is possible and fix/mitigate what you find. However, used in general conversation with less technical people I'd guess that most of them would immediately go to the bad connotation. It's always best to keep your audience in mind when you are speaking/writing. To that end I would guess that most of us here understand the context.

Unfortunately I would imagine that many of us stay so busy that we don't do as much "hacking" as we should and that is a part of the reason that we get caught by vulnerabilities so often. (speaking in generalities) With a little research one will find that infections or intrusions often happen via exploits that have been out with patches available for many years. For example I remember an SQL issue that shut down many businesses across the country some 10 or so years ago. The patch had been published many months earlier, but at that time SQL patching seemed daunting to many so it got neglected. People were busy, etc. Fortunately patching for just about everything has gotten easier - which is a double edged sword - easy patching leads to more things being patched and kept up to date, Yeah, but it also leads to complacency in that we rely too much on the "tool" and just expect it to be working. What was that last version of ransomware? How many people got caught by that - even though the patch was released a couple of months earlier?

Point is this article highlights some things that we need to keep in mind and make sure we are diligently, and regularly checking for issues.

MVP
MVP

I have read on multiple occasions from multiple sources that the correct term is "crackers". Hacker is defined in RFC 1392: Internet Users' Glossary:

hacker

  A person who delights in having an intimate understanding of the

  internal workings of a system, computers and computer networks in

  particular. The term is often misused in a pejorative context,

  where "cracker" would be the correct term. See also: cracker.

cracker

  A cracker is an individual who attempts to access computer systems

  without authorization. These individuals are often malicious, as

  opposed to hackers, and have many means at their disposal for

  breaking into a system. See also: hacker, Computer Emergency

  Response Team, Trojan Horse, virus, worm.

Level 10

Hey tallyrich, thanks for taking the time to read and comment. I absolutely agree that the term "hacking" has various meanings for different people. I outline this in the first post of this series Hacking for Regular IT People - History and Origins. I hope you have a chance to check that one out as well and comment. Thanks for the feedback!