The Seven Types of Hackers

Roger Grimes posted on Infoworld a taxonomy of Hackers: “Your guide to the seven types of malicious hackers. – Knowing the difference between a spammer, a corporate spy, and a cyber warrior can better help you defend your systems”. The seven types he discerns are:

  1. Cyber criminals
  2. Spammers and adware spreaders
  3. Advanced persistent threat (APT) agents
  4. Corporate spies
  5. Hactivists
  6. Cyber warriors
  7. Rogue hackers

Boring, but Bruce Schneier more or less reposted it and, probably because he has a certain reputation as a security expert, now it attracted a lot of readers (including me) and thus generated some comments, as usual more interesting than the original post. So let’s summarize.
The first issue is, of course, what exactly is a hacker? I’ve written about this before, here on this weblog, and there is, of course the hackers/crackers-dichotomy. Someone claimed that we should not use these labels anymore, but distinguish between “White Hat”, “Gray Hat” and “Black Hat”.
I like the definition “A hacker is someone who unlocks currently hidden functionality”, and Schneier said something like this (using more words) in a 2006 – post on his blog:

A hacker is someone who thinks outside the box. It’s someone who discards conventional wisdom, and does something else instead. It’s someone who looks at the edge and wonders what’s beyond. It’s someone who sees a set of rules and wonders what happens if you don’t follow them. A hacker is someone who experiments with the limitations of systems for intellectual curiosity.

Brett Keith Watson posted a link to his recently published PhD thesis “Network Protocol Design with Machiavellian Robustness“, where his taxonomy of security threats is in chapter two:

  1. Intrusion
  2. Disruption
  3. Exploitation
  4. Co-opting
  5. Probing
  6. Nuisance

That makes more sense to me than Grimes’ taxonomy, so I downloaded the book and loaded it into my e-reader (it’s free, and I am Dutch, so: why not? – I just have to find some time to read it, but that problem will be dealt with by employing some Life-Hacking techniques!)


Finally some jokes;
By Chelloveck:

There are 10 types of hackers: Those who understand binary, and those who don’t. (Script kiddies tend to fall into the latter group…)

and by Dick Praet:

script kiddie = Snotnose missing the physical skills to be good at sports, the technical skills to play an instrument and the social skills to get a girlfriend. Aspires to fall into one of these seven categories once he starts understanding computers.

Leave a Reply

  • The Aesthetics and Beauty of Knowledge

    Shih was the opposite of facts and raw information; shih was the elegance of knowledge, the insight and skill to organize knowledge into meaningful patterns. As an artist chooses colours or light to make her pictures, a master of shih chooses textures of knowledge – various ideas, myths, abstractions, and theories – to create a way of seeing the world. The aesthetics and beauty of knowledge – this was shih.

    – David Zindell, The Broken God, 1993

  • Geek Attitude

    The attitude thing is about flexibility, portability, creativity, sociability and jamming (ran out of suitable “ity” words!). It’s about improvising – in the practical and musical senses of the word; not getting tangled in boundaries and the “right” way to do things.
    Definitely the only way to travel.
    Martin Delaney – “Laptop Music”.