Black Hat vs White Hat

A black-hat hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain.

Black-hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal". Black-hat hackers break into secure networks to destroy, modify, or steal data; or to make the network unusable for those who are authorized to use the network. A black hat hacker is an individual with extensive computer knowledge whose purpose is to breach or bypass internet security. Black hat hackers are also known as crackers or dark-side hackers. 

The general view is that, while hackers build things, crackers break things. They are computer security hackers that break into computers and networks or also create computer viruses. The term “black hat” comes from old westerns where the bad guys usually wore black hats and the good guys wore white ones.

The term was coined by Richard Stallman, to contrast the maliciousness of a criminal hacker versus the spirit of playfulness and exploration of hacker culture, or the ethos of the white-hat hacker who performs hackerly duties to identify places to repair. 

White hat hackers also identify security weaknesses; but, instead of performing malicious attacks and theft, they expose the security flaw in such a way as to alert the owner that there is a breach so they can fix it before a black hat hacker can take advantage of it. Though they often start out as black hat hackers, white hat hackers sometimes are paid consultants or actual employees of a company that needs its systems protected.

A white hat hacker is a computer security specialist who breaks into protected systems and networks to test and asses their security. White hat hackers use their skills to improve security by exposing vulnerabilities before malicious hackers (known as black hat hackers) can detect and exploit them. Although the methods used are similar, if not identical, to those employed by malicious hackers, white hat hackers have permission to employ them against the organization that has hired them. White-hat hackers may also work in teams called "sneakers", red teams, or tiger teams.

Types of Malicious Codes

Malware

Malware, short for malicious software, is a kind of software that can be installed on a computer without approval from the computer's owner. There are different kinds of malware that can hurt computers, such as viruses and spyware. These programs can steal passwords, delete files, collect personal information, or even stop a computer from working at all. Before the term malware was coined by Yisrael Radai in 1990, malicious software was referred to as computer viruses. The first category of malware propagation concerns parasitic software fragments that attach themselves to some existing executable content. The fragment may be machine code that infects some existing application, utility, or system program, or even the code used to boot a computer system.

Types of malicious codes

Viruses are a kind of malware that need a user-run program to work. They cannot copy themselves or move from one computer to another without a program to host it. Viruses are very common in pirated programs. They can harm computers in many different ways, like deleting files and stealing passwords.

Worms are a lot like viruses and can cause the same kinds of damage. However, they're able to move through the internet and copy themselves onto computers without help from a host program. This makes them more dangerous than a virus. Worms are usually found in emails and drive-by downloads.

Trojan horses are like a much more dangerous version of a virus. They need a user to agree to run a program to work and cannot copy themselves from one computer to another. However, trojan horses can make the same problems a normal virus can make. They can also allow the malware writer to control the victim's computer, install more malware, steal bank data, and more. For example, ransomware is a type of trojan horse that stops a victim from using their files until they pay the person who wrote the malware. Experts think that trojan horses are the most common type of malware in existence.

Adware is a type of malware that earns the program authors money with advertising. These programs show users ads and force them to use websites that make money for the malware writers. Adware will also find personal information about the victim (such as their age, race, and job). This is so the malware authors can sell the information to other people. A user can usually uninstall adware easier than most malware. However, this is still difficult to do without a specially-designed program.

Spyware is a more dangerous kind of adware that steals more information from a user. Spyware can steal someone's Internet traffic, account passwords, and anything they have typed into their computers. Spyware is also much harder to uninstall than adware is.

Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read. Once a malicious program is installed on a system, it is essential that it stays concealed, to avoid detection. Software packages known as rootkits allow this concealment, by modifying the host's operating system so that the malware is hidden from the user. Some malicious programs contain routines to defend against removal, not merely to hide themselves. An early example of this behavior is recorded in the Jargon File tale of a pair of programs infesting a Xerox CP-V time sharing system:

Backdoor is a method of bypassing normal authentication procedures, usually over a connection to a network such as the Internet. Once a system has been compromised, one or more backdoors may be installed in order to allow access in the future, invisibly to the user. The idea has often been suggested that computer manufacturers preinstall backdoors on their systems to provide technical support for customers, but this has never been reliably verified. It was reported in 2014 that US government agencies had been diverting computers purchased by those considered "targets" to secret workshops where software or hardware permitting remote access by the agency was installed, considered to be among the most productive operations to obtain access to networks around the world. Backdoors may be installed by Trojan horses, worms, implants, or other methods.

Cryptography

CRYPTOGRAPHY came from the Greek word “KRYPTOS” which means “hidden secret”. It is the practice and study of techniques for secure communication in the presence of third parties called adversaries.  Cryptography is about constructing and analyzing protocols that prevent third parties or the public from reading private messages; various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation are central to modern cryptography. Modern cryptography exists at the intersection of the disciplines of mathematics, computer science, and electrical engineering.

Until modern times, cryptography referred almost exclusively to encryption, which is the process of converting ordinary information (called plaintext) into unintelligible text (called ciphertext). Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext. A cipher  (or cypher) is a pair of algorithms that create the encryption and the reversing decryption. The detailed operation of a cipher is controlled both by the algorithm and in each instance by a "key". The key is a secret (ideally known only to the communicants), usually a short string of characters, which is needed to decrypt the ciphertext. 

In colloquial use, the term "code" is often used to mean any method of encryption or concealment of meaning. However, in cryptography, code has a more specific meaning. It means the replacement of a unit of plaintext with a code word.

Cryptanalysis is the term used for the study of methods for obtaining the meaning of encrypted information without access to the key normally required to do so, it is the study of how to crack encryption algorithms or their implementations. The study of characteristics of languages that have some application in cryptography or cryptology.

Before the modern era, cryptography was concerned solely with message confidentiality (i.e., encryption)— conversion of messages from a comprehensible form into an incomprehensible one and back again at the other end, rendering it unreadable by interceptors or eavesdroppers without secret knowledge (namely the key needed for decryption of that message). Encryption attempted to ensure secrecy in communications, such as those of spies, military leaders, and diplomats. In recent decades, the field has expanded beyond confidentiality concerns to include techniques for message integrity checking, sender/receiver identity authentication, digital signatures, interactive proofs and secure computation, among others.

CIA Triad

The most common type pf security model is the CIA Triad. No, not the Central Intelligence Agency but rather the Confidentiality, Integrity and Availability. This principle is applicable across the whole topic of security analysis, from its users to encrypted data across the internet.

CONFIDENTIALITY
Confidentiality is about protecting the information from disclosure to unauthorized parties. And one of the component of confidentiality is the encryption. Encryption assures that the information will only be read by the right person. One of yhe example of encryption is the SSL. The other ways to ensures information confidentiality include cryptography, file permissions and access control.

INTEGRITY
Integrity refers to protecting information from being changed by unauthorized parties and to keep it accurate. Information only has value to its users when it is correct. Aside from confidentiality cryptography also plays a major part in data integrity. The most used method to keep the integrity is by comparing the data you received with the original data.

AVAILABILITY
Availability of information refers to ensuring that authorized parties are able to access the information when needed. It is important to ensure that the information concerned is readily accessible to the authorized parties any time. Back up is the key to maintain the availability on data. Keeping back ups on important files might be appropriate especially in the times of natural disasters.

The CIA Triad is very significant principle when it comes to security. The 3 elements are important in making any security system. However, there are also other factors aside from the CIA that should be consider in certain scenarios.