Show informational about something


Banned User
31 May 2021
dari tanah ke tanah
Thinkpad x1
Oyen The Arrogant Cat

The cybersecurity industry is more well-informed than most, but even so, misconceptions arise and spread, helped along by the fact that the rise in cybersecurity incidents has led to substantial “pop culture” intrigue with all things cybersecurity.
One of the more harmful of these misconceptions is the conflation of “hacker” and “attacker,” terms which are treated as interchangeable.
They’re not.

Hacker vs Attacker​

“Hacker” is another name for an ethical researcher. It refers to someone who proactively explores, identifies and alerts organizations to vulnerabilities that an attacker could use for malicious purposes. They seek to disclose in good faith by alerting organizations that may or may not have vulnerability disclosure policies.
Although “hacker” is now sometimes mistakenly used to refer to an attacker, its origins are benign and complementary. The term arose to describe someone who was smart enough to “hack” their way through the security levels of a computer system or network.
An “attacker,” on the other hand, is just that. It’s someone who gains unauthorized access to someone else’s network and computers for malicious purposes. An attacker probes for vulnerabilities, but unlike a hacker, the attacker exploits them without permission or without warning the organization. This can be for monetary gain such as in ransomware attacks, cryptojacking, etc., which are costly scenarios if the victim’s computing resources are cloud-based and the attacker is racking up CPU usage fees. The attack could also focus on the theft of user data for monetization on the dark web. Alternatively, it could be for competitive advantages such as using a RAT or APT to escalate privileges and extract intellectual property or other valuable data. Rather than a direct attack, some nefarious individuals create malware decoys such as mobile apps with keyloggers and trojans that steal banking and retail account passwords, enabling account takeovers.
Attackers could also be working on behalf of hostile nation states for espionage purposes by seeking all sorts of potentially catastrophic outcomes from exfiltrating confidential data to disrupting critical infrastructure and services. No matter the reason, they all have one thing in common – their actions are harmful and can have catastrophic consequences.
What’s the best way to stay out of an attacker’s range? Forcing an attacker to move on to weaker prey by taking steps to make your organization a tougher target. Besides investing in your talent and security stacks, one of the best ways to strengthen your organization’s defenses is by working with the hacking community.