Users login

Create an account »


Users login

Home » Hacking News » The true face of a hacker

The true face of a hacker

by Nikola Strahija on February 13th, 2003 Hackers are shadowy misfits, lacking in personal skills, living nocturnal existences, shunning human contact, and are domiciled in the world's trouble spots. We all know this.... Right? ... Well, ... err no. One of the most authoritative studies on cyber attacks paints a very different picture.

Symantec's Internet Security Threat Report for the second half of 2002 makes interesting reading. Leaving aside all the technical discussion of how the threat scenario is developing, it contains a fascinating set of data about the perpetrators of cyber attacks. It reveals that a hacker is most likely to be a normal sort of guy living in the US.

Based on data collected from 400 companies operating in 30 countries along with other data from monitoring organisations, it is one of the best sources of hard information on this issue, although we have to be aware that it doesn't necessarily represent a global cross-section of Internet users. The survey is conducted every six months and so the key trends can be identified.

Let's start with the geography. Countries on the US Cyber Terrorism Watch List generated less than one percent of all attacks detected in the last six months. Within this group, Indonesia, Iran and Pakistan accounted for most of the incidents. This compares with the 35.4 percent of attacks that were launched from the US and 12.8 percent from South Korea.

South Korea is the rising star of cyber terrorism with a 62 percent increase over the previous year, although this is partially explained by the availability of broadband Internet connections. Conversely, attack activity from Israel (down 50 percent), and the middle east generally, declined significantly in 2002 - so much for the belief that politically troubled areas are the root of the problem.

Now for the timing of attacks. This takes into account the time of day in the place where the attack was launched, not where the target of the attack was located. The number of attacks on Saturdays and Sundays was 50 percent lower than on other days. Most attacks occur between 7:00 and 17:00 in the local time, slowly declining from 1600 through the evening, with little activity between midnight and 7 a.m.

Clearly our hackers have better things to do at the weekend and synchronise their lives with the people around them. We could ask whether the attackers are unemployed, retired, or working for their employer to sabotage competitors. The latter seems unlikely, particularly when we note that 75 percent of attacks were opportunistic, and only 25 percent targeted at specific weak points.

So are the hackers members of the Grey and Balding Liberation Front, or are they the young unemployed looking to fill in the hours while their friends are working? Or are they college kids? "On the Internet nobody knows you are a dog,” says the well known cartoon extolling the need for user authentication. Unfortunately, hackers do not leave a calling card. We can only guess, but my bet is that most of them are human.

Who do they like to attack? The big news is that non-profit organisations have moved heavily into the firing line with a 43 percent increase in attacks over the previous year, and now occupy second place after energy and power companies. It should be noted that Symantec's classification of non-profit organisations includes political groups and pressure groups and so maybe it is not so surprising that they are becoming targets.

There were also big increases in attacks on financial services and telecommunications companies. An appetite for attacking the physical and economic infrastructure is the one part of the stereotypical hacker that does stand up to scrutiny.

- article available at -

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »