Hacking is the catch-all term for any type of misuse of a computer to break the security of another computing system to steal data, corrupt systems or files, commandeer the environment or disrupt data-related activities in any way.
Hacking can be carried out in many ways. The most common form is the phishing scam, where hackers attempt to gain login names and passwords, or introduce malware into networked computing environments, by tricking users into opening an email attachment or forwarding private information.
Some of the most serious breaches of recent years, including the Wannacry malware attack, began as phishing scams, affecting not just the target enterprise but associated partners, customers, government agencies and others.
Less common but still as dangerous is the simple code break. Software is readily available in underground sharing sites (aka, the Dark Web) that allows users to surreptitiously bombard firewalls and other security systems with alphanumeric strings until they get a hit. Once inside, they can do untold amounts of damage because most security systems do not oversee internal infrastructure.
Still another approach is the Denial of Service (DOS) attack, in which one computer attempts to launch multiple data requests at a given web site or enterprise network hoping to overload resources to take the environment off-line.
Even more serious is the Distributed Denial of Service (DDoS) attack, in which multiple computers (some hacked, some not) from around the world are trained on a single target.
Three Types of Cybercriminals
Single actors usually out to cause random damage and test their computing skills.
Often security and signals specialists working in classified settings to gather government, commercial or other data, or sometimes to wage cyber warfare.
A rarity, but one who takes the long-standing concept of corporate espionage into the digital realm.
As well, there are the so-called white, grey and black hat hackers; white being those who are authorized to hack systems in order to test resiliency and spot weakness, while black is out to cause damage. Grey occupies a middle ground in which the hacker is unauthorized but is not acting in a malicious manner.
Like all elements of computing, both hacking and anti-hacking tools are becoming more sophisticated by the day. Artificial intelligence is expected to foster a major escalation in the hacking wars going forward as both sides learn to become more adaptive in their approaches.
Quantum computing is also expected to boost security systems to the next level even as it makes longstanding defenses obsolete. As well, automated technologies like botnets and email generators will make it easier to push attacks to larger numbers of users, making hacks on smaller, less secure organizations more lucrative.
The thinking around successfully defending critical data and infrastructure has seen a change in recent years. While it was once appropriate to strive for 100 percent protection against outside threats, newer approaches stress continuity and damage minimization as well.
While it is still important to keep intruders out, it also makes sense to ensure that the inevitable breach does no serious or lasting harm.