An attacker or an intruder is an individual who obtains, or who is trying to obtain, unauthorized rights or unauthorized access to the information system.
There exist many approaches on how to classify the attackers. The basic features used for the classification of the different types of attackers can be divided into the following three groups:
From the point of view of the attacker’s location, there exist two different kinds of attackers:
An Insider is, in general, a person who has access to the internal computer network, and is therefore a legitimate user, but attempts to obtain unauthorized access to the data, system resources and services or misuses any authorized data.
An Outsider is generally a person who does not have authorized access to the internal computer network and wishes to enter into that network by using any vulnerable locations or security holes.
Depending on how good the performed attack is, the attackers can be divided into these two main groups:
The group of amateurs carries out less dangerous attacks than professionals do. These attacks are in keeping with the low level of training and instrumentation of the attackers.
The group of professionals usually consists of top computer specialists, who have access to specialized resources and who are highly trained and skilled. In practice, that means they are able to generate very dangerous attacks with serious consequences for the computer systems and networks.
A very discussed matter when it comes to attackers’ classification is the division of the attackers into the following two groups:
A Hacker is a person with good or excellent IT skills who is often involved in important software projects and whose knowledge and know-how are useful in finding any vulnerabilities and security holes of the designed systems. The hacker’s activity is helpful and useful. There are even codexes on hackers which describe their behaviour.
A Cracker is someone who has the ability to defeat anti-piracy protections of computer programs and who uses their knowledge in an unethical way. However, there are more definitions of this group of attackers that emphasize the different scope of their activities.
There exist also other groups of attackers, the largest one being called scriptkiddies. This group of attackers consists of users with low IT skills. The attacks performed by these attackers exploit the scripts containing the codes aimed at misusing the vulnerabilities of the IS. The attackers apply these scripts to the IS without carrying out a deep analysis, but the harmful effects of this activity usually have serious consequences. These are the most frequent and dangerous attacks.