visit us at www.wilber-learndev.com
Who is a Hacker?
visit us at www.wilber-learndev.com
Internationally…
visit us at www.wilber-learndev.com
The term “hacker” DOES NOT have a universally accepted legal definition, as it can refer to a variety of different activities and individuals. However, some laws define certain activities associated with hacking as illegal, such as unauthorized access to computer systems or networks.
visit us at www.wilber-learndev.com
For example, in the United States, the Computer Fraud and Abuse Act (CFAA) defines certain activities as computer crimes, including unauthorized access to a computer system or network, and intentionally causing damage to a computer system. The CFAA applies to ANYONE who “knowingly and with intent to defraud, accesses a protected computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value.” [1]
visit us at www.wilber-learndev.com
Similarly, in the United Kingdom, the Computer Misuse Act 1990 defines certain activities as criminal offenses, including unauthorized access to computer systems or networks, and the creation or distribution of malware.
visit us at www.wilber-learndev.com
It is worth noting that the terms “HACKER” and “CRACKER” are often used interchangeably in popular culture, but in the context of computer security, they have different meanings. A hacker is typically someone who uses their skills and knowledge to improve security or find vulnerabilities, whereas a cracker is someone who uses their skills to exploit vulnerabilities for malicious purposes.
visit us at www.wilber-learndev.com
Locally…
visit us at www.wilber-learndev.com
The Philippines has laws that criminalize certain activities related to hacking, but the term “hacker” is not specifically defined in the legal system.
visit us at www.wilber-learndev.com
The Cybercrime Prevention Act of 2012 (Republic Act No. 10175) criminalizes a range of activities related to computer systems and networks, including unauthorized access, data interference, and computer-related fraud. However, the law does not provide a definition of the term “hacker.”
visit us at www.wilber-learndev.com
In summary, while the Philippine legal system does not provide a specific definition for “hacker,” certain activities related to hacking are criminalized under the Cybercrime Prevention Act of 2012.
visit us at www.wilber-learndev.com
Classification of Hackers as to:
visit us at www.wilber-learndev.com
A. Philippine Jurisprudence (Disini v. Sec. of Justice): [2]
visit us at www.wilber-learndev.com
(1) Ethical hackers
visit us at www.wilber-learndev.com
– are professionals who use the same tools and techniques as criminal hackers but with the intention of evaluating the security of a target system rather than causing harm or stealing information.
visit us at www.wilber-learndev.com
– Ethical hackers are authorized by the owners of the system to test the system’s security and report back on any vulnerabilities found. Their role is similar to that of an independent auditor who verifies an organization’s bookkeeping records;
visit us at www.wilber-learndev.com
(2) Criminal hackers
visit us at www.wilber-learndev.com
– are persons or individuals who use tools and techniques to gain unauthorized access to a computer system or network, with the intention of causing harm, stealing information, or committing other criminal offenses.
visit us at www.wilber-learndev.com
– Unlike ethical hackers, criminal hackers do not have authorization to access the system they are targeting and do not report any vulnerabilities they may find. Their actions are illegal and can result in legal penalties;
visit us at www.wilber-learndev.com
B. In General and IT Jargon
visit us at www.wilber-learndev.com
Hackers fall into three general categories: black hat hackers, white hat hackers, and gray hat hackers.
visit us at www.wilber-learndev.com
Although hackers are often associated with exploiting vulnerabilities to gain unauthorized access to computers, systems, or networks, not all hacking is malicious or illegal. [3]
visit us at www.wilber-learndev.com
(1) Black hat hackers
visit us at www.wilber-learndev.com
Black hat hackers are cybercriminals that illegally crack systems with malicious intent. Seeking to gain unauthorized access to computer systems is the definition of black hat hacking. Once a black hat hacker finds a security vulnerability, they try to exploit it, often by implanting a virus or other type of malware such as a trojan. Ransomware attacks are another favored ploy that black hat hackers use to extort financial gains or breach data systems.
visit us at www.wilber-learndev.com
(2) White hat hackers
visit us at www.wilber-learndev.com
White hat hackers are ethical security hackers who identify and fix vulnerabilities. Hacking into systems with the permission of the organizations they hack into, white hat hackers try to uncover system weaknesses in order to fix them and help strengthen a system’s overall security. Many cybersecurity leaders started out as white hat hackers, but the vital role played by ethical hacking is still widely misunderstood.
visit us at www.wilber-learndev.com
(3) Gray hat hackers
visit us at www.wilber-learndev.com
Gray hat hackers may not have the criminal or malicious intent of a black hat hacker, but they also don’t have the prior knowledge or consent of those whose systems they hack into. Nevertheless, when gray hat hackers uncover weaknesses such as zero-day vulnerabilities, they report them rather than fully exploiting them. But gray hat hackers may demand payment in exchange for providing full details of what they uncovered.
visit us at www.wilber-learndev.com
C. Other types of hackers: [4] [5]
visit us at www.wilber-learndev.com
(1) Script kiddies:
visit us at www.wilber-learndev.com
These are inexperienced hackers who use pre-existing tools and scripts to launch attacks. They often have little to no knowledge of programming or hacking techniques and are considered to be the least skilled type of hacker.
visit us at www.wilber-learndev.com
(2) State-sponsored hackers or nation-states:
visit us at www.wilber-learndev.com
These are hackers who are employed or contracted by government agencies to carry out cyber espionage, sabotage, or other cyber operations.
visit us at www.wilber-learndev.com
(3) Hacktivists:
visit us at www.wilber-learndev.com
These are hackers who use their skills to promote social or political causes. They may target websites or systems that they believe are supporting an opposing viewpoint or are otherwise harmful to their cause.
visit us at www.wilber-learndev.com
(4) Hacking Groups that work together to attack governments and companies
visit us at www.wilber-learndev.com
(5) Organized Criminal Gangs that steal data to make money
visit us at www.wilber-learndev.com
(6) Cyberweapons Dealers who sell to exploit to other hackers
visit us at www.wilber-learndev.com
(7) Insider hackers: These are employees or contractors who use their access to systems and networks to carry out attacks or steal information.
visit us at www.wilber-learndev.com
Footnotes:
[1] Legal Information Institute. (n.d.). 18 U.S. Code § 1030 – fraud and related activity in connection with computers. Legal Information Institute. Retrieved February 23, 2023, from https://www.law.cornell.edu/uscode/text/18/1030
[2] Disini v. Secretary of Justice (G.R. Nos. 203335, et al.); Petitioners of course fear that this section will jeopardize the work of ethical hackers, professionals who employ tools and techniques used by criminal hackers but would neither damage the target systems nor steal information. Ethical hackers evaluate the target system’s security and report back to the owners the vulnerabilities they found in it and give instructions for how these can be remedied. Ethical hackers are the equivalent of independent auditors who come into an organization to verify its bookkeeping records.
[3] Buxton, O. (2023, February 23). Hacker Types: Black Hat, White Hat, and Gray Hat Hackers. Hacker types: Black Hat, white hat, and Gray Hat hackers. Retrieved February 26, 2023, from https://www.avast.com/c-hacker-types#:~:text=Hackers%20fall%20into%20three%20general,hacking%20is%20malicious%20or%20illegal.
[4] Staff, M. S. B. (2017, May 22). 7 types of highly effective hackers (and what to do about them). Microsoft Security Blog. Retrieved February 26, 2023, from https://www.microsoft.com/en-us/security/blog/2017/05/22/7-types-of-highly-effective-hackers-and-what-to-do-about-them/
[5] See also: http://griffinwaldau.com/7-Habits-of-Highly-Effective-Hackers
visit us at www.wilber-learndev.com
— END OF LESSON 2 —
visit us at www.wilber-learndev.com