People, from trade magazine writers to Hollywood moviemakers, often use the words attacker, hacker, and cracker interchangeably. The phrase “we got hacked” has come to mean “we were attacked.” However, there are some strong distinctions between the three terms, and understanding the differences will help you to understand who is trying to help reinforce your security posture—and who is trying to infiltrate it.
---> An attacker is someone who looks to steal or disrupt your assets. An attacker may be technically adept or a rank amateur. An attacker best resembles a spy or a crook.
---> The original meaning of a hacker was someone with a deep understanding of computers and/or networking. Hackers are not satisfied with simply executing a program; they need to understand all the nuances of how it works. A hacker is someone who feels the need to go beyond the obvious. The art of hacking can be either positive or negative, depending on the personalities and motivations involved. Hacking has become its own subculture, with its own language and accepted social practices. It is probably human nature that motivates people outside of this subculture to identify hackers as attackers or even anarchists.
In our opinion, however, hackers are more like revolutionaries. History teems with individuals whose motivation was beyond the understanding of the mainstream culture of their time. Da Vinci, Galileo, Byron, Mozart, Tesla—all were considered quite odd and out of step with the accepted social norm. In the information age, this revolutionary role is being filled by the individuals we call hackers.
Hackers tend not to take statements at face value. For example, when a vendor claims, “Our product is 100 percent secure,” a hacker may take this statement as a personal challenge. What a hacker chooses to do with the information uncovered, however, is what determines what colour hat a particular hacker wears. To distinguish between hackers who are simply attempting to further their understanding of any information system and those who use that knowledge to illegally or unethically penetrate systems, some in the computer industry use the term cracker to refer to the latter. This was an attempt to preserve the traditional meaning of the term “hacker,” but this effort has mostly been unsuccessful. Occasionally publications still use the term.
The law, however, does not recognize the difference in intent, only the similar behaviour of unauthorized system penetration.