3. The Adversary of Cybersecurity: Hackers 57 3.1.3.2 Elite hackers “Kaspersky Lab’s experts can confirm they have discovered a threat actor that surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades – The Equation Group…they use tools that are very complicated and expensive to develop, in order to infect victims, retrieve data and hide activity in an outstandingly professional way, and utilize classic spying techniques to deliver malicious payloads to the victims.” - from “Equation Group: The Crown Creator of Cyber-Espionage” by Kaspersky Labs On the other end of the spectrum from script kiddies are elite hackers. Elite hackers possess an enormous amount of technical understanding and expertise. They are expert programmers and can write code in low-level programming languages such as C and assembly. They understand the minute details of computer network protocols. They are adept systems administrators and can write and modify operating systems. They are also skilled at software reverse engineering. Software reverse engineering is the skill of dissecting an executable program to determine how it works and where it may have vulnerabilities. This takes a significant amount of skill because executable programs are compiled, and machine code is not easy for humans to read and understand (see Chapter 2), although there are tools called disassemblers that help. Elite hackers discover new vulnerabilities and develop novel techniques for gaining unauthorized access to target machines. They study the technologies used by the target and figure out how to exploit weaknesses to gain access. They build tools like the ones mentioned in the prior section and use them in advanced ways. Unlike script kiddies, they use stealth so that their activities are not noticed, allowing them to obtain access and then maintain it for as long as needed to accomplish their objectives (more on this in the next chapter). When they work in teams, elite hackers are called Advanced Persistent Threats (APTs). History has shown that if an APT targets an organization, that organization is almost sure to fall victim to the attackers. One of the more well-known APT groups is called The Equation Group. This group was discovered in 2015 by Kaspersky Labs, a Russian cybersecurity research firm and antivirus provider. Kaspersky described them as the most elite cyber force in the world. While the exact identity of this group is unknown, many people believe that it is the NSA or USCYBERCOM. 3.1.4 Hacker Profile “My misdeeds were motivated by curiosity. I wanted to know as much as I could about how phone networks worked and the ins-and-outs of computer security.” - The Art of Deception by Kevin Mitnick
RkJQdWJsaXNoZXIy MTM4ODY=