Hackers - information security awareness and training module for September

1 of 3 new poster designsBackground and scope New this month

Hacking involves finding or creating and exploiting vulnerabilities in IT systems, networks, technologies, people, processes, facilities and organizations.  There’s lots more to explore on this topic aside from simply breaking in to Internet-connected IT systems to steal credit card details.

Hackers represent the good, the bad and the ugly of information security.

  • At the good end of the scale, white-hat hackers are actively exploring and expanding IT.  Hacking, for them, is a deep fascination with technology, and a willingness to share their passion with the wider geek community.  Good hackers are generally obsessive but benevolent, at worst benign.  Good hackers are mortified if they inadvertently cause damage.
  • Bad hackers are also fascinated with technology, but more selfish in nature.  They enjoy themselves poking around in systems on the Internet, not worrying too much about any damage they cause along the way except in so far as it increases the possibility of them being caught and prosecuted.  To them, victims are “asking for it” if they don’t adequately secure their systems and information. 
  • Ugly hackers, sometimes known as crackers, are shamelessly if covertly operating on the criminal Dark Side.  They are the black-hats, overtly malicious or malevolent, earning a living by defrauding, stealing or coercing assets from individuals and organizations with no sense of guilt.  Due to the illegality of what they do, ugly hackers are extremely concerned, verging on paranoid, about staying undetected and not being apprehended by the authorities, to the extent that they have no qualms about deliberately destroying victims’ IT systems (and hence their businesses) in order to avoid leaving traces of forensic evidence (known as “scorched earth”).  These are the guys working for criminal gangs, terrorists, and most dastardly of all, “foreign superpowers”.

Learning objectives

September’s security awareness and training module:

  • Introduces hacking, providing general context and background information;
  • Describes and characterizes hackers, crackers, social engineers, fraudsters, scammers, script-kiddies, makers, penetration testers and so forth;
  • Expands on the information risks in this area and the security controls against hacking;
  • Motivates people to think - and most of all act - more securely.

Consider your learning objectives in relation to hacking.  Are there any specific issues or related concerns that are worth bringing up this month? 

Module 197 contents listing

 

As well as customizing the NoticeBored materials to suit your awareness branding and objectives, feel free to blend-in additional content.  Use the materials in the company newsletters and magazines, your intranet Security Zone, in awareness events and training courses, and for new employee induction or orientation purposes.

Home > NB this month >

Copyright © 2019 IsecT Ltd.