When it comes to malware and black hat hackers, theyre all bad.
As much as possible, you want no interaction with them whatsoever.
Some are worse than others, though.
There is a range of reasons for this, including the specific actions they take and what motivates them.
Another important factor, though, is simply a skill.
The most skilled hackers often end up in groups referred to asAPTs or Advanced Persistent Threats.
APTs also prefer to operate stealthily, often allowing their exploits to work unnoticed for a long time.
You get the script kiddie at the opposite end of the skill tree.
Contents
What Is a Script Kiddie?
The term script kiddie may sometimes be shortened to skiddie or even skid.
Instead, it relates to a pre-written and ready-to-execute exploit or tool.
Often they will be pretty automated by the writer for ease of use.
For example, a script might launch a denial of service exploit against a chosen server.
Another script might search the computer for any databases and automatically copy the database files to the attacker.
A script kiddie also generally doesnt care to understand or cant understand how the tools they use work.
They are often treated as black boxes.
The difference is that they dont understand how its done and couldnt replicate the feat manually without the script.
However, they should not be entirely overlooked.
Lacking skills, a script kiddie will often use tools when theyre not appropriate simply because they might work.
This can even be broadly automated with bots to widespread spraying of an exploit.
While they may not get many successes, they might not be entirely unsuccessful.
Its sort of like the concept of a weapon in the hands of an unskilled fighter.
There are plenty of powerful hacking tools available online.
Some of them are paid, while many are free.
This can give a script kiddie a broad range of tools to try.
Even this level of skill certainly isnt guaranteed, though.
With just a bit of skill and awareness, a script kiddie can locate and use that information.
Countering Script Kiddies
Minimizing the threat from script kiddies is relatively easy.
They tend to use published exploits, which naturally work on known vulnerabilities.
To prevent these from working, ensure that all software is updated.
Logging and reviewing logs make it pretty easy to identify script kiddies.
Both approaches can be countered by monitoring logs and looking for requests that appear to be malicious.
Then it is relatively simple to add their IP address to a block list.
From a hacker perspective, they can also make it more difficult for script kiddies to use their tools.
A script kiddie doesnt have the skill to hack or write their tools independently.
Instead, they will exclusively use public scripts to hack.
