Distinguishing hacker myths from reality

Most of what we know about hackers draws on what we have seen in television shows and movies. Hollywood has painted this picture of a tech-savvy young man – a social outcast who operates from the basement of his parents’ house. The hacker spends most of his time hunched over the keyboard, dressed in baggy jeans and sporting an untamed beard (with Cheetos stuck on it).

His power over computers is almost magical and the average human can hardly figure out what he’s doing or saying. Well, as it turns out, the movie hacker persona is way off the mark. The reality is far different and in order to better protect your defense line, it would be wise to separate fact from fiction.

In this post, we seek to dispel some of the deep-rooted hacker myths and demystify the hacker persona.

Common myths associated with hackers

Myth 1: Hackers wreak havoc for fun

Among the top problems for companies seeking to fight cybercrime is the misconception that hackers are reckless groups breaching security for the fun of it. Nothing could be further from the truth.

By misidentifying the threat, organizations could be ghost hunting in the wrong neighborhoods, so to speak. The truth is that hacking is more or less like any other formal occupation, and the people behind high-profile attacks are mostly organized crime syndicates, and at times, nation-states.

Myth 2: All hackers are evil

We often associate the title of the hacker with criminal activity. Truth be told, criminal hackers do indeed hog the limelight. But in spite of the negative connotation associated with the word, hackers are not always the bad guys.

Ever heard of white hat hackers? These are people who get paid to stop the bad guys. The white hat hackers’ job is to look for vulnerabilities, such as analyzing source code and finding ways to exploit it. They break into websites so they can reveal to the organization the windows and doors they need to seal. Some like to call it “preventive vandalism.”

Another part of their job is to find bugs in apps and get bounties in return. For instance, Facebook claims to have paid out $1.1 million in bounties in 2018, including $50,000 to a top white hat hacker. It does pay to be one of the good guys, doesn’t it?

Myth 3: Hackers use sophisticated hardware

One look at Hollywood’s hacking paraphernalia may have you stunned. But in reality, a hacker might look just as boring as a random guy surfing the web. These days, most hackers engage in what is known as web application hacking.

In the case of white hat hackers, this is to make apps safer. For the criminals, however, it’s about finding loopholes to exploit for their nefarious goals. Neither typically rely on outlandish gizmoes to get the job done.

That’s not to say hacking doesn’t come with hardware needs. Since certain types of hacking can require a lot of computing power, serious hackers do need high end PCs.

Myth 4: Hackers are experts

The impression one gets of hackers is that they have spent their entire lives behind computer screens. They know all the ins and outs of computing and keep getting better as they age.

Admittedly, some hacks require an extraordinary skill level and advanced tactics to pull off. But some can be done by relative novices.

On the darknet, malware is offered as a service. This means that a hacker does not necessarily need to be the brains behind the operation. At times, they might not even know what they’re doing, as all they have to do is follow instructions and watch the magic happen.

Hacking does not require a doctorate degree or countless years of obsession. Little wonder the problem is so prevalent.

Myth 5: Hackers only target organizations that seem vulnerable

You may have heard it said that hackers look for easy-to-penetrate or unprotected organizations. While in some instances this could be true, it is far from the rule.

The fact is that hackers select their targets based on their objective. Regardless of whether such an organization is vulnerable or watertight, they will take their shots and hope for the best.

Are they out to damage a company’s reputation, siphon money or steal data? Depending on their goal, they seek out targets that will make it happen. At times, seeming targets might be their route to the ultimate target.

To protect your organization, think about what could be valuable from a hacker’s standpoint. If for instance, you have sensitive personal data, prioritize its protection. Are there any organizations with whom you share networks or information? Ensure that the information and networks are secure as well.

Myth 6: Hackers get in and out fast to avoid detection

The idea that hackers operate like any other category of criminals is another common fallacy. In fact, they may not be in a rush to grab what’s within reach and leave. They may prefer to move in and stay on the down-low.

Quietly maintaining access is a clever strategy to get as much value as you can.

The essence of separating fact from fiction

Knowing the truth about what hackers are, what they do and how they operate is the best form of protection. At the end of the day, your organization’s preparedness against cyberattacks depends on how well you know what hackers are looking for, and how they could get it.

Take time to research and stay up to date on the typical hacker persona and its tactics and techniques. By doing so, you can keep evolving with the times and avoid falling victim.