..hacker mind set BitB, WPA2 KRACK, SCAM with QR codes

The term hacker has become a common word in our vocabulary. Few people have never heard of the term and almost everyone believes they understand what it means. Research conducted to date into the motivations, psychological characteristics and mind set of hackers indicates that there is no ‘one size fits’ all generic hacker profile. Hackers are as diverse as any other criminal category or deviant grouping. While the underlying common denominator that separates hackers from other categories is the use and/or targeting of technology to commit some deviant or criminal act, that is where the uniqueness ends.

The motivations driving hackers to commit their crimes runs the gambit from greed, revenge, desire for notoriety, to patriotism and psychopathologies. Part of the reason for this wide continuum is the fact that hacking encompasses activities and subcategories that, according to the most recent research, evolves with the technology and society’s comfort with and use of technology. We now have subcategories of hackers that include political activists (Hacktivists), criminal organizations (e.g., organized crime, Anonymous), and state sponsored/cyber warfare (cyber operations). People now have the ability to purchase ready-made attack tools that can be customized for the target, and require nothing more than the click of a button to carry it out.

Our society is now a globally connected society with access to information 24/7, and the ability to see what people are doing almost every minute of their lives based on their social media postings. It 1 FEB-MAR 2022 is no wonder that researchers have struggled to identify common psychological profiles and motivational patterns in order to help better defend our cyber infrastructures and our own personal data. The creation of customized attack tools complicates studies that attempt to profile hackers based on real time activities, as it is uncertain whether one is measuring an automated tool or a real person.

Given the limitations of the research and the herculean task of trying to deal with all of the potential confounding variables, it would appear that hackers (other than state sponsored) are motivated primarily by greed, revenge or desire for attention. The research also indicates that with ‘lone-actor’ hackers there are usually some kind of critical path and trigger events that push the individual from thinking about attacking systems, to actually carrying out the attack. These trigger events can be unique to each individual but the event will cause a stress reaction that seems to push the individual over the proverbial edge.

The mind set of hackers that come together in groups such as Hacktivists and loose criminal organizations, centers more on revenge and/or notoriety. These groups are more methodical in their choice of targets and their targets are typically symbolic in the case of Hacktivists, or somewhat strategic in the case of the criminal organizations (e.g., rival groups, soft targets). The remaining category of state sponsored and/or cyber warfare is not a unique deviant or criminal organization.

These individuals are part of the larger espionage world or military and are operating under direct (if not indirect) orders from their country. The mind set of these individuals is better understood in terms of military doctrine and patriotism.

The goal of hackers is to squeeze out the maximum benefit at the least risk. Therefore, once they have overcome the need to successfully face challenges, they are keenly aware that they do not want to be discovered or 2 FEB-MAR 2022 get into trouble with the law. For this reason, they always attack individuals, who for them are the weakest link in the security chain. To do so, they use social engineering, which is based on four very basic principles inherent in all human beings:

1. We all want to help
2. We tend to trust people
3. It is hard to say no
4. We like to be flattered

Hackers exploit these weaknesses to get as much information from the victim as possible and create an environment of trust in which they can deceive the victim and then carry out the attack. Hackers use knowledge of how our brains work to trick us. They use techniques targeting psychological and cognitive vulnerabilities to gain access to our systems. What they know that we do not is that it is hard to hack a system (be it your email, Facebook, etc), but what is easy is to make us make a mistake that gives them access right through the front door. One of the biggest secrets of the security world is that over 90 per cent of cyber-attacks are, in fact, not simply a hacker dismantling our system remotely, but rather someone knowing how to get us to hand over the keys, and then simply gaining access. Many famous attacks involved social engineering: the best locks were in place but someone passed along the key. To protect ourselves, we need to understand the hacker's mentality, human psychology and the art of manipulation. Researchers have also identified that hackers have the following characteristics:

1. They are exposed to ICTs very early in life and therefore they have great technological skills.
2. They are intelligent and inquisitive.
3. They are especially good at adapting to all situations, which 3 FEB-MAR 2022 is closely linked to their ongoing need to overcome challenges.
4. They have an analytical mind, are able to analyze a great deal of information and draw very accurate conclusions.
5. They like to build things, it is often their hobby.
6. They do not tend to be very sociable.
7. And they usually have great self control: they like to go unnoticed and are able to keep their true feelings under wraps.

To read the full Magazine, please click here