Hacker

Hacker Groups. Who are they? What are their motivations?

The story of Russia’s new cyber wepon against power grids is coming out. I am going to comment on it before the mass amounts of click baiters and etc get their hands on it.
I am not going to argue how true or false the statements made in this article are. That being said, there is something that I have been wanting to address for some time now.
Yes, I do realize how many lists my name is going to be put on because of this. To be frank, I don’t care.

Who are these “Hackers” anyway?

What we need to understand is that “hackers” is a term that is thrown around very loosely these days. The common thought is that: “Hackers” want your data. “Hackers” want your Identity. “Hackers” want pictures of your last Christmas. “Hackers” want to destroy the world as we know it.

As true as some of that may be we need to also understand who these “Hackers” are. It is true, some of them are individuals or small rogue groups.

The most common website responses to this question is that hackers are split into different groups. As wikipedia puts it:

Security hacker. People involved with circumvention of computer security.

White hats are hackers employed with the efforts of keeping data safe from other hackers by looking for loopholes and hackable areas. This type of hacker typically gets paid quite well, and receives no jail time due to the consent of the company that hired them.

Grey hats are hackers who are neither good nor bad, and often include people who hack ‘for fun’ or to ‘troll’. They may both fix and exploit, though grey hats are usually associated with black hat hackers.

Black hats or crackers are hackers with malicious intentions, and steal, exploit, and sell data. They are usually motivated by personal gain.

A cracker is like a black hat hacker [5] but is specifically someone who is very skilled and tries to make profits or to benefit from criminal gain. Crackers find exploits to systems securities and vulnerabilities but often use them to their advantage by either selling the fix to the company themselves or keeping the exploit and selling it to other black hat hackers who in turn use the information to steal information or gain royalties.

Government Employed Hackers:

We must also understand that internet hacking is a type of warfare. Which has been a building industry for the better part of a decade. The industry would pretty much say that any of these that are working for us are White Hats. On the other side people working for other nation states are blackhat, but I am personally not convinced.
 
Russia, China, USA, and other countries are building armies of “Hackers”. It is widely known that in Western countries, the industry of cyber warfare is highly an outsourced specialty to private companies. Edward Snowden is a good example of one of these employees.
 
As far as the Russian and Chinese groups go, we don’t know. Although we can assume considering their track record.

It has been proven that the NSA, and other Government agencies (both here at home and I expect abroad) have been finding exploits. Then they have been keeping them from the companies who developed the vulnerable software. Then they take these exploits and have been building tools to use them for their own means. As we also know, these tools have been getting out into the public, and have been used. The most well-known as of late of these being the recent Wannacry Ransomware outbreaks.

The bottom line is yes, the Governments are treating IT Security tools and exploits as weapons. Yes, they are building tools to take advantage of these vulnerabilities in our day to day systems. Yes, these include systems in Hospitals, Power Systems, Water, etc. No, it’s not just the small groups of blackhats that we need to worry about. Governments with seemingly limitless budgets are working on these as well.

Stay Curious. Research everything. This is just getting started.