When it comes to malware and black hat hackers, they’re all bad. As much as possible, you want no interaction with them whatsoever. Some are worse than others, though. There is a range of reasons for this, including the specific actions they take and what motivates them. Another important factor, though, is simply a skill. As with pretty much any head-to-head competition, especially in an asymmetrical one, the people with more skills have a significant advantage.
The most skilled hackers often end up in groups referred to as APTs or Advanced Persistent Threats. These groups are highly qualified, extremely well-funded, and generally well-motivated to carry out their targeted attacks against chosen victims. Typically, if an APT decides you’re their target, very little can be done to prevent them from achieving their goal. This is because they use their skill sets to develop new and unseen exploits which are extremely difficult to defend against. APTs also prefer to operate stealthily, often allowing their exploits to work unnoticed for a long time.
You get the script kiddie at the opposite end of the skill tree.
What Is a Script Kiddie?
A script kiddie is a pejorative term used to refer to hackers who don’t have the skills to write their own exploits and hacks and are forced to rely on public hacking scripts. The term script kiddie may sometimes be shortened to “skiddie” or even “skid.” “Script” refers to their use of scripts, while kiddie is used to emphasize the child-like skill level and often the aim to look cool. Rather than being able to write their tools, script kiddies have to use scripts written by other, more experienced hackers.
Tip: A “script,” In this case, a ” script ” doesn’t refer to a script like an actor would use. Instead, it relates to a pre-written and ready-to-execute exploit or tool. Often they will be pretty automated by the writer for ease of use. For example, a “script” might launch a denial of service exploit against a chosen server. Another script might search the computer for any databases and automatically copy the database files to the attacker.
A script kiddie also generally doesn’t care to understand or can’t understand how the tools they use work. They are often treated as black boxes. They may understand the information they need to put in, such as a target IP address, and what information they might get back if it succeeds. The difference is that they don’t understand how it’s done and couldn’t replicate the feat manually without the script.
Hackers often use the term pejoratively to refer to any hacker they feel has less skill than themselves or as an insult.
No skills Don’t Mean No Threat
It might seem relatively easy to dismiss the threat of a script kiddie. However, they should not be entirely overlooked. Lacking skills, a script kiddie will often use tools when they’re not appropriate simply because they might work. This can even be broadly automated with bots to widespread spraying of an exploit. While they may not get many successes, they might not be entirely unsuccessful. It’s sort of like the concept of a weapon in the hands of an unskilled fighter. Even if they don’t understand how to use the weapon to its most significant effect, they can still cause some damage.
There are plenty of powerful hacking tools available online. Some of them are paid, while many are free. This can give a script kiddie a broad range of tools to try. If they have a specific target they want to try to hack, they may unleash their entire arsenal of scripts to see what works, if anything.
They may also be familiar enough with some of the basics to research specific tools that work against the target. Even this level of skill certainly isn’t guaranteed, though. For example, many script kiddies who don’t know what they’re doing will launch an exploit for an Apache web server vulnerability, even if the web server actively identifies itself as running Nginx rather than Apache. With just a bit of skill and awareness, a script kiddie can locate and use that information. For example, they may be able to identify that a website uses WordPress and search specifically for WordPress exploits.
Countering Script Kiddies
Minimizing the threat from script kiddies is relatively easy. They tend to use published exploits, which naturally work on known vulnerabilities. To prevent these from working, ensure that all software is updated.
Logging and reviewing logs make it pretty easy to identify script kiddies. Their tendency to either spray and pray with a single exploit against a broad range of targets or to fire all their scripts at a single target makes them very unsubtle. Both approaches can be countered by monitoring logs and looking for requests that appear to be malicious. Then it is relatively simple to add their IP address to a block list.
From a hacker perspective, they can also make it more difficult for script kiddies to use their tools. For example, requiring a specific command line flag to run that’s only documented in the code or by not fully automating processes.
Conclusion
Script kiddie, also referred to as a skiddie or skid, is a pejorative term for unskilled hackers. A script kiddie doesn’t have the skill to hack or write their tools independently. Instead, they will exclusively use public “scripts” to hack. They are not very advanced or subtle but can often find success because people tend to be bad at applying updates, even when those updates fix known security vulnerabilities with publicly available exploits. The term may also be used as a generic hacker-to-hacker insult when trying to insinuate the other hacker is unskilled.