The Evolution and Growth of Hacking: As you will see that attacks and strategies have improved and evolved over the years in ways you may not be aware of.
Attackers have constantly sought up their game with new tactics and strategies to include various types of malware such as worms, spam, spyware, adware, and even rootkits.
Although they have long known how to harass and irritate the public, in recent years they have caused ever bolder disruption by preying on our connected lifestyle.
Hackers have also started to realize that it is possible to use their skills to generate money in many interesting ways. For example, attackers have used techniques to redirect web browsers to specific pages that generate revenue for themselves.
Another example is a spammer sending out thousands upon thousands email messages that advertise a product or service.
Because sending out bulk emails costs mere pennies, it takes only a small number of purchasers to make a nice profit.
The field you are entering (or may already be working in as a security administrator or engineer) is one that changes rapidly.
In this field attacker and defender are in an ongoing struggle to gain dominance. Because attackers have become highly flexible and adaptable so must you be as an ethical hacker.
Your ability to think outside the box will serve you well as you envision new strategies and potential attacks before they are used against you.
TIP: Whenever you encounter a new technology or new situation, always try to think of different ways the situation or technology can be used.
Think, for example, how a device such as a tablet or smartphone can be used in ways different from what the designer or architect envisioned. Also keep an eye open for weaknesses or vulnerabilities that can be exploited.
Train your mind to think outside the norm and think like someone who is trying to cause harm or get away with something.
As an ethical hacker you will be expected to think along these lines but in a benevolent manner.
Making your life as a security manager even harder today is that attackers have adopted a new pack mentality that makes defensive measures and planning much harder.
In the early days the attacking person just that—one person. Nowadays groups such as Anonymous and LulzSec have shown us quite convincingly that attacking in numbers makes a difference even in the cyberworld.
The collective or hive-like mentality has reaped huge benefits for attackers who are able to employ multiple methods in a short period of time to obtain impressive results.
Such groups or packs are able to enhance their effectiveness by having a wide range of numbers, diversity, or complementary skills sets and also by can be linked to criminal or terrorist organizations.
In this article you will learn these methods and what is being used on the front lines to perpetrate increasingly complex and devastating attacks. You must be aware of how these attacks have evolved, how technology has played a part, and how the law is dealing with an ever more complicated landscape.
You will also learn more about the motivations of attackers and their mind-set. This is one of the challenges that you will have as an ethical hacker: understanding and empathizing with your attackers.
Understanding the motivations can, in some cases, yield valuable insight into why a given attack has been committed or may be committed against an asset.
For now you should keep in mind that an attacker needs three things to carry out a crime.
- Means, or the ability to carry out their goals or aims, which in essence means that they have the skill and abilities needed to complete the job.
- Motive, or the reason to be pursuing the given goal.
- Opportunity, or the opening or weakness needed to carry out the threat at a given time.