Here are a few of the most commonly asked questions about hacking and their answers in detail. Whether you are someone who is researching the rising cybercrime in the world or someone who is pursuing their CEH certification, these questions will help you get more clarity about the world of hacking.
Table of Contents
1. What is the difference between a hacker and a cracker?
The distinction between hackers and crackers is the same as the one between white hats and black hats. In this context, hackers are those who breach into systems with the aim of correcting the existing loopholes, whereas crackers are those who breach into systems for exploiting those loopholes.
2. What are the different types of hackers?
Hackers have been categorized into many types like:
White hat hackers: White hat hackers are those who perform a hack by taking proper authorization from the concerned organization. They do it to find security vulnerabilities so that they can be fixed by the organization.
Black hat hackers: These are the malicious hackers who hack organizations for all the wrong reasons, especially for financial gains.
Grey hat hackers: These hackers don’t take any prior permission for hacking but they don’t hack for the wrong reasons. Their motive is to breach into companies to find and expose harmful bugs so that the owners can fix them.
Hacktivists: They are those people who use their hacking skills for social and political purposes. Hacktivist groups like anonymous are counted in this category.
3. What are the different types of penetration testing?
Penetration testing can be customized according to various factors like the requirements of the target organization and the kind of threat that the organization is facing. For example, for insider threats, white box penetration testing is performed since it is believed that the hacker would be someone from within the company who knows everything about the target. Three types of penetration testing are:
White box penetration testing: Here the pentester knows everything about the target. Black box penetration testing: Here the pentester does not know anything about the target. Grey box penetration testing: Here the hacker has partial information about the target.
4. What are the different types of password attacks?
Passwords can be hacked via brute force attack, rainbow table attack, phishing, password spraying, dictionary attack, and data leaks. A few are explained below:
Brute force attack: In this, a hacker systematically enters all possible combinations of passwords to crack it.
Dictionary attack: Here the hacker uses common words, passwords, and character combinations that the target might use as a password.
Rainbow table attack: This is where a hacker uses a precomputed hash table to steal passwords.
Credential stuffing attack: It happens when a hacker uses already leaked credentials to hack other accounts of the same person (as people tend to use the same passwords for many accounts).
Password spraying attack: This is when a hacker uses a few commonly used passwords on a large number of accounts.
5. What are the different motivations behind hacking?
Hackers are motivated by different factors. Although financial gains are one of the top factors, ransom, harassment, enmity, warfare, espionage, political conflicts, and rivalry also motivate many cyber attacks.
6. What are the different certifications for ethical hacking?
Certified Ethical Hacker, Licensed Penetration Tester, Certified Penetration Testing Professional, Global Information Assurance Certification, and Offensive Security Certified Professional are some of the most common certified ethical hacking training programs. However, the LPT program is now dissolved into the CPENT program by EC-Council.
7. How many accounts are hacked in a second?
In 2018, studies indicated that more than 2.5 billion accounts were breached in a year. That means every second, around 158 accounts were hacked. With this overwhelming statistic, you can also guess how many hackers must be at work every second around the world.