Who Are The Hackers?


Hollywood would have us believe that hackers are all young males. And to be honest, most probably are. But beyond this, the range of motivations and the backgrounds of hackers is huge.

Back when the internet started most hacking was done for fun or out of curiosity, or for bragging rights about skill & ability. These days, although the ego-trip hacking does still happen, the majority of it is for financial gain in one way or another.

Here we cover a few of the typical hacker types in terms of their motivation and ability:

'Script Kiddies'

"Script Kiddies" is a common term for describing individuals who are learning to hack, who often use ready-made tools (scripts) without necessarily understanding what's going on.

Computer code

Despite their lack of depth of knowledge, many of these Script Kiddies can still be dangerous - there's many websites that still haven't taken basic security precautions and which are vulnerable to basic attacks. In fact the 2016 attack against the UK company TalkTalk that affected thousands of customers and resulted in millions of pounds of damages was carried out by a group of relatively unskilled teenagers.

Script Kiddies generally hack for fun, although some with big egos may still try to sell their services to others, or try to justify their actions as being in the name of some populist cause (common ones being anti-capitalism or to protest at government actions).

Lone hackers

Whereas Script Kiddies generally aren't necessarily targeting anyone in particular (or at least they don't set out to, even if they eventually try to justify their actions in the name of a cause), lone hackers are individuals who are setting out to attack specific targets. They can be very dangerous and much more knowledgeable than script kiddies.

One famous case is that of Gary McKinnon, a UK individual who gained access to the US Department of Defense servers in the hunt for evidence of aliens. Individuals with a lot of skill at hacking (and not many feelings of guilt or morals) may sell their services to various groups such as organised gangs (see below) and earn an illegal living from it.

Some hackers have also been known to eventually switch sides, going on to legitimate jobs by using their knowledge and skills to help protect others from hackers.


Activists (or "Hactivists") are people who hack to make a point against whoever they perceive to have done wrong. Hactivists may act alone or they may work together in loose groups. These groups will probably never meet face to face, instead communicating via online message boards using fake names or "handles".

Recent examples of such groups include the "Syrian Electronic Army (SEA)", a group of hackers who targeted several media organisations they believed were spreading news that was hostile to the Syrian regime. Their attacks have included defacing and redirecting websites, as well as sending fake tweets after taking control of CNN's Twitter account.

Perhaps the biggest hacktivist group of recent times though are "Anonymous". This large group of hackers regularly targeted organisations in protest against various issues such as capitalism, child pornography, government surveillance, and restrictions on internet freedoms.


The last edition of the News of the World newspaper

The last edition of the News of the World

In 2012 the UK newspaper News of the World was closed down following a phone hacking scandal that saw several of its employees sent to jail. Some of its journalists had been hacking (and paying private investigators to hack) the voicemail of numerous celebrities in the search for stories.

Journalists from the UK television channel Sky News were also once caught breaking into the emails of a convicted fraudster who had faked his own death (supposedly drowning in a canoe!) to avoid his financial debts.

No one really knows how widespread hacking by journalists is, although it's not thought to be very common.


Employees of a company often have the ability to do far more damage than any outside hacker ever could. There's a level of trust placed on staff as they need access to systems to do their job, especially some IT staff with super-user access rights.

Whilst there are many precautions that companies can take against rogue staff (such as background checks before hiring new employees, deterring malicious actions by fully auditing everything staff do, or by splitting the most sensitive actions between two people), there have historically been many cases of insiders causing a lot of damage.

Motivations for people to attack their employer can vary, from disillusionment (such as a bad performance review), blackmail (where criminals are targeting the individual and threatening them into acting against their employer), or a hacker intentionally getting a job with that company in order to attack them.

Simple human mistakes - without any malicious intent - can also be classed as an insider threat.

Some recent examples include a Google engineer who allegedly stole self-driving car technology and took it to Uber, a suspended engineer with the Canadian Pacific Railroad who sabotaged their systems before he left, and the infamous Edward Snowdon who leaked hundreds of thousands of classified NSA documents.

Organised crime

Organised crime graphic

As the internet has grown, hacking has developed from something that was done for fun into something that's financially big business. Organised gangs from around the world have spotted the opportunity that the internet gives them to make money, whether that's through blackmailing companies with the threat of crashing their website, through to stealing credit card details, stealing trade secrets to order, or by plain old simple fraud.

Many of the phishing attacks we see are carried by organised crime gangs, as well as other fraud such as dating fraud, conveyancing scams, or CEO fraud.

The global nature of the internet means that gangs can be based anywhere in the world to carry out their attacks, sometimes working with relative impunity from countries which have undeveloped hacking laws or without international extradition agreements.

State sponsored

State sponsored hackers are the scariest of them all - these people have the time as well as huge resources behind them.

They're government employees - or an independent group of hackers recruited & paid by the government - who are tasked with accessing a system of a designated target. This may be done as part of law enforcement activities (such as accessing a suspected terrorists computer), or it may be much darker than that with the target being in a foreign country. These targets could be high-tech firms with lots of trade secrets (Western governments often accuse China of corporate espionage against their companies), or it could in fact be spying against the country itself - "Stuxnet" was a famous virus found in Iranian nuclear plants in 2010 and which America & Israel were accused of planting.

Another famous case was in 2007 many computers in Estonia went offline in a denial of service attack that is commonly attributed back to the Russian government. And in more recent times, the hacking of Sony Pictures was attributed by the FBI to North Korea, who objected to the then-yet-to-be-released movie "The Interview".

Have any feedback on this page? Let us know - feedback@becybersafe.com