![](https://codelido.com/assets/files/2022-12-26/1672079374-214037-attacker.jpg)
Attackers
Attackers are individuals or groups who attempt to exploit vulnerability for personal or financial gain.
Amateurs
They are usually attackers with little or no skill, often using existing tools or instructions found on the Internet to launch attacks. Some of them are just curious, while others are trying to demonstrate their skills and cause harm. They may be using basic tools, but the results can still be devastating.
Hackers
This group of attackers break into computers or networks to gain access. They are classified into different types.
Types of Hackers
White Hat Hackers:
These are ethical hackers who use their programming skills for good, ethical and legal purposes. They may perform network penetration tests in an attempt to compromise networks and systems. Security vulnerabilities are reported to developers for them to fix before the vulnerabilities can be threatened.
Grey Hat Hackers:
These are individuals who commit crimes and do unethical things, but not for personal gain or to cause damage. A grey hat hacker may disclose a vulnerability to the affected organization after having compromised their network without their permission.
Black Hat Hackers:
These are unethical criminals who violate computer and network security for personal gain, or for
malicious reasons such as attacking networks. Black-hat hackers exploit vulnerabilities to compromise computer and network systems.
Internal and External Threats
Attacks can be originated from within an organization or from outside of the organization.
![](https://codelido.com/assets/files/2022-12-26/1672081981-110558-threat.png)
Internal Threats:
An internal user, such as an employee or contract partner, can accidently or intentionally:
- Mishandle confidential data
- Threaten the operations of internal servers or network infrastructure devices
- Facilitate outside attacks by connecting infected USB media into the corporate computer system
- Accidentally invite malware onto the network through malicious email or websites
These cause a greater damage than external threats as internal users have direct access to the building and devices.
External Threats:
External threats from amateurs or skilled attackers can exploit vulnerabilities in network or computing devices, or use social engineering to gain access.