Welcome to the fourth part of this series. Today we will review black hats popularly known as “hackers”. We’ll make references to the first episode so check it out.
According to Thomas W. Edgar, David O. Manz, in Research Methods for Cyber Security, 2017 from Science Direct “The difference between cyber security professionals and malicious hackers can often be just the intent and ethical behavior exhibited. As the tools and techniques used by cyber security professionals can be the same as those used by malicious hackers.”
As said before, black hats are the ones we know that do things to get money without following the law. They are the ones who attack indiscriminately and can destroy your files and information.
Black hats have an advantage because they do not follow the rules of engagement that ethical hackers use. That advantage enables them to perform destructive techniques that can render their target device inoperable.
Some motivated Black Hats can fry all of the target hardware to prevent forensic experts from gathering evidence.
Origins of the Name “Black Hat”.
Most of its origin is from the 1950s western movies in which the bad cowboys always wear black colored hats.
Some Attacks Used by Black Hats.
Apart from the attacks used by white hats, they have some techniques that they use. One of these is called cross-site scripting in which someone sends a link to the victim containing a script which directs to the original website. They use this method to get name, passwords, security questions answers etc.
The above method is used by all hackers. The difference with black hats is that they revoke authorization from the original owner of the accounts they get from collecting data.
Facebook is one of the popular site that is been use in the above attacks.
Another technique used is called phishing. This method involves a person using fraudulent methods like sending fake emails to collect data, usernames, bank account details (name, account number and passwords/pins) and even to collect money. They make it look as if they are your bank, a website you use and have an account, your boss or anyone that is trustworthy.
The above attack is an example of social engineering. Social engineering is one of the places black Hats get most of their information on their targets.
Memory dumping is one of the favourite Black Hat technique. This involves them freezing the memory, collecting all metadata and storing it for usage and research.
Next time we’ll discuss some of the other hacker types. Tschüss.