The Guardians of the Galaxy are a ragtag group of superheroes, each with their own specialized set of skills. In the latest movie, “Guardians of the Galaxy, Vol. 2” — which I highly recommend — this motley crew of alien oddities saves the universe again by leveraging their distinctly personalized talents to defeat a celestial being bent on remaking the universe in his own image.
Like this dubious group of planetary protectors, hackers, too, have distinct talents they exploit to carry out specific types of attacks. Let’s explore the various types of blackhat hackers by comparing them to the Guardians:
Star-Lord (Peter Quill) the Script Kiddie
By the end of the second movie, Star-Lord is a force to be reckoned with. But, he wasn’t always that way. When Peter Quill was first kidnapped by Yondu, he was just a snot-nosed kid who was used for petty crime with the Ravagers. In the hacker community, script kiddies are just snot-nosed hackers working to hone basic skills. These less-savvy hackers know enough about technology to write simple scripts, and use pre-existing hacking tools, but they have not yet gained the experience and skill to write unique code or exploits. That said, snot-nosed kids grow up. Just like petty criminals can evolve into mob bosses, script kiddies can turn into skilled hackers. Though Peter Quill came from humble beginnings, he eventually became Star-Lord, a Guardian of the Galaxy. Fortunately, there is good news, while script kiddies are still learning the hacker craft, basic defenses like firewall, antivirus, and smart policies are often enough to keep them at bay.
Gamora the Nation-state Hacker
Gamora is a skilled assassin and fighter. This skill comes as little surprise considering she was trained by Thanos, a Titanian Eternal. With her elite training, Gamora developed skills that made her the deadliest woman in the galaxy. In the cyber world, Gamora represents a nation-state hacker. These hackers are deeply skilled and trained operatives who have been taught by powerful and deep-pocketed nation-states. Since they go after some of the most protected targets, they must learn sophisticated techniques to defeat basic defenses. They also have endless patience and are backed by enough finance to persistently carry on until they succeed in their operation. The only hope against sophisticated nation-state hackers are advanced kill-chain defenses.
Drax the Brute-forcer or DDoSer
Drax the Destroyer is a powerful beast who approaches every rival head on. What he lacks in brains, he makes up for with pure brawn. While he won’t defeat the smartest enemies with his direct attacks, he can barrel through weak opponents quickly. On the Internet, Drax would be a brute-forcer or DDoser. A brute force attack is one that directly leverages power rather than skill. Say you want to figure out someone’s password. A skilled hacker might learn a bit about the user and guess passwords based on that data. A brute forcer, on the other hand, just builds the most powerful computer he can and gets it to try every password combination possible until it stumbles upon the right one. DDoS stands for a Distributed Denial of Service attack. Rather than finding some specialized vulnerability to take down your target, a DDoSer just overwhelms their adversary with a deluge of network traffic. Like Drax, DDoSers and brute forcers hope to overpower their victims with pure strength. The good news is that smart defenses (like long and strong passwords) can easily put Drax-like hackers out of commission.
Rocket the Underground Vendor
Rocket is a “trash panda” from space with tons of gadgets and gizmos up his sleeve. Whatever your mission, Rocket has a tool or weapon he can sell you that will help you succeed. Today, cybercrime is supported by a vast underground black market that sells botnets, exploit kits, and other tools hackers can use to ply their trade. Need a new zero day to get past your victim’s defenses? For the right price, you can find that and many other weapons on the cyber black market. And Rocket, like hackers, might be the one to sell them to you.
Yondu the Cyber Criminal
Yondu is a leader of the Ravagers, a group of space criminals out to make a buck from the gullible weaklings of the galaxy. Some hackers hack to save their country. Others hack to make a point. However, the worst hackers do it simply to make a buck. Yondu is like a criminal hacker. He may not be the most skilled member of a group, but he’ll use any trick he learns or tool he acquires to make as much money as possible from his clueless victims.
Nebula the Hacktivist
Nebula has one mission, to defeat everything having to do with her dad, Thanos. If Thanos is the nation-state that trained Gamora, Nebula is the hacktivist that disagrees vehemently with everything about that government. She believes so strongly that Thanos is evil that she does just about anything to defeat him. Hacktivists are the same. A hacktivist is a political activist that hacks for a singular purpose. They don’t want money, or fame, but rather they want to change the world and fight against whatever wrong they happen to believe against. Unfortunately, like Nebula’s fight against her sister Gamora, a hacktivist’s fight against a perceived wrong can often carry unintended consequences and cause collateral damage.
Mantis the Social Engineer
In the second movie, we meet Mantis, an empath who can read the feelings of her victims, and use that knowledge to affect what they think or do. On the internet, Mantis would be a social engineer. Social engineers use their knowledge of psychology and human nature to trick victims into doing things they shouldn’t. Just like you might avoid the touch of Mantis, keep vigilant against social engineers trying to use your human nature against you.
Ayesha the Bot Master
The second movie also introduced a new character, Ayesha. Ayesha is the leader of a so-called superior species that leverages technology to their ultimate advantage. Rather than attack their enemies themselves, they exploit drones and robots to do their bidding for them. In the cyber landscape, Ayesha is a bot master. That’s a cybercriminal who controls a vast army of hijacked and zombified computers to do their bidding. Why attack your victim from your own computer when you can send hundreds of thousands of brainless drones against your target? Make sure to up your defenses so your computer doesn’t become part of Ayesha’s bot army.
You may have noticed I left out one of the best characters — Groot. Why? To me, Groot represents the best cyber defender more than a malicious hacker. The best defense gains strength from its many layers, in the same way Groot’s many branches protect his trunk. Good defenses also have strong roots in good security policy and culture. These roots help the defense withstand the worst attack in the same way Groot’s roots help him hold strong against the barrage of his enemies.
In the comic and movies, the Guardians are good guys — perhaps unwilling and money motivated good guys, but good guys nonetheless. I’d like to think if the Guardians existed they’ve have been whitehats trying to defend our networks from the scourge of cyber criminals. That said, it’s still fun to learn about the dark side of hacking by comparing pop culture characters to blackhat criminals.
Hopefully you’ve learned a little bit about our cyber adversaries and can use the knowledge to become the guardian of your own cyber galaxy.
