How dangerous is a bored high school student armed with a keyboard and an attraction to hacking? Well, it depends. Generally speaking, the run of the mill high school student probably has all he/she needs in order to carry out a simple cyber-attack on an unsecure server. The only question is: which target will they choose?
The truth is that anyone can become a hacker in just a few minutes. With a little help from other cyber-threat actors, anyone can get the latest hacking tutorials that explain step-by-step, how to use penetration tools. Taking it a bit further, upon request and payment, the amateur can receive private guidance from a professional hacker.
Cyber-threat channels (such as those on the deep and dark web) provide amateurs not only the tutorials, but also the tools themselves. For example, if the amateur is looking for a DDoS tool, many different channels can offer the latest updates for known attack execution tools. An even more severe example would be the unprecedented malware distributor presence on these channels. Nowadays, the amateur hacker can easily contact malware vendors and get the latest malicious programs on demand. In most cases, the vendor will also provide some guidance and help make sure the buyer uses the program correctly.
Cyber-threat channels do not obligate one to become an actual hacker in order to pose a serious threat. To distribute sensitive breached databases or hacked corporate accounts and cause real damage, one does not need to have any hacking knowledge. Professional hackers and vendors of stolen information can simply provide this data to the amateurs who themselves decide how to use it (spread it, resell it, use it as a launching point for a different cyber attack, etc.)
Cyber-threat channels are the ultimate way for potential attackers to obtain the needed walk-through and tools. The deep and dark web, as well as other sources, are perhaps the most significant places where the connections between beginners and professionals take place. They serve as fertile ground for future, dangerous cyber-attacks.
For more information on Sixgill's Dark-i Threat Intelligence Platform or to see a demo of the system, click here: