Internet Security Technology

‘Crackers’, the true cyber criminals

Written by Andy Prosper

Term ‘hacker’ should be attributed to those who have contributed to improving computer systems.

For very specific episodes such as that of Andres Sepulveda, accused of spying on and intercepting illegally the conversations of the negotiators of the peace process between the Government and the Farc (and that’s why he was sentenced to 10 years in prison), the term ‘hacker’ began to associate, in the wrong way, with cybercriminals.

However, authorities in the field of cybersecurity claim that its second definition: computer expert, who deals with the security of systems and develop improvement techniques, is the most successful of all.

For Miguel Angel Mendoza, security researcher for Eset Latin America, “there is a great debate about how to define hacker, we define it as a person who knows how to use computers, computer systems, networks and many times this knowledge has helped to improve technology ”

So the correct word to define the person who violates a computer system is ‘cracker’, who is in charge of using their computer knowledge producing damage to the network that has entered.

Although both a ‘cracker’ and a hacker can have the same knowledge, the main difference between them – as David Pereira, CEO of Secpro – says, “is that a hacker usually attacks a structure with authorization from the infrastructure owner, while that a cracker does not, has no authorization at all of anyone to do what he does and usually has malicious motives, that is, steal information and then ask for ransom. ”

Is a person who is a cracker a hacker? For Mendoza, it definitely is, due to the similarity of knowledge that each one has except, he says, “of the use that is given to them”.

To clarify the expert said that, for example, it was not the same to hire a person to perform security tests or simulation of an attack on a system, because this is done in order to verify what weaknesses can be found and also work on they, a person who is hired to enter other people’s networks to steal information.

That is why experts say that the correct term to explain when a person has stolen the passwords of someone’s social networks is to ‘crack’, instead of hacking.

And this happens with the entry without authorization to any computer network to use information in a beneficial way. There is also a classification for hackers according to their actions.

The first is the white hat hacker who is usually a security consultant, in charge of determining what the weaknesses may be so that a cybercriminal can attack; the hacker gray hat, says Pereira that is the offensive and / or defensive, that is to say that is specifically oriented to the defense of a system that has been attacked; the black hat hacker that is the one we know as cracker, which as it has been said before is the one who uses that knowledge to do some damage and receive a benefit for that; and finally there are the hackivists, who are social movements.

Among them are, for example, the anonymous hacker group that attacked 40 websites in 2011, which contained child pornography and revealed the name of 1,600 users.

If you believe that it is not a strong potential for cybercriminals because it is not linked to the digital, it is wrong, since from the simple fact of taking a photocopy it can represent a risk, because there is a copy in the printer that then it can be used for criminal purposes.

“This means that it is not that person alone at home in front of a computer, but rather they are very well-funded organizations, with large teams, and even companies that sell such attacks as a service,” Paixao explained.

These groups act like any organized crime, except that now they can operate from anywhere in the world and with a single click attack whoever is on the other side of the planet.

The cybercriminals acquire databases of information that later, according to Mendoza, “offer in a black market so that third parties who do not have those skills buy it and carry out their malicious activities.”

Regarding this issue, Congress created Law 1273 of 2009 in the Criminal Code on “the protection of data and information,” which is one that defines computer crimes with imprisonment of up to 120 months and fines of at least minus 1,500 minimum legal salaries in force.

For the expert David Pereira, “it is a law that lacks a lot of teeth to be able to follow an offender”, and argued that a person could mount a false page, but if nobody falls into the trap it is not a crime.

But even if there were many laws that punish this type of crime, to attribute a cyber attack to someone is almost impossible.

On the other hand, as technological capabilities develop further, the chances of becoming victims of crackers increase day by day.

Today, thanks to Machine Learning and artificial intelligence, robots have been created that can automatically create passwords quickly to attack different systems.

To avoid falling victim to a cracker, keep in mind the following basic recommendations from cybersecurity experts:

1. Always update the software we use. Manufacturers today are attentive to security problems.

2. Do not reuse passwords. It is advisable to have three or four passwords, write them down and keep them somewhere safe. The main mail, Facebook and banks should be very strong, with different symbols, numbers, uppercase and lowercase.

3. Keep an updated antivirus on our computers.

4. Open only links containing https, which is the symbol that is a secure page.

About the author

Andy Prosper