Script KiddyScript Kiddy
People calling themselves “real hackers” invented the term script kiddy. Compared to script kiddies, the inventors of this name were highly skilled in the techniques of computing environments and how to use these to gain unauthorized access. 
Script kiddies in contrast are described as people who just run scripts that they obtain from hackers.
This term spread very fast. Today’s script kiddies spend most of their time in IRC — Internet Relay Chat — and trade information and 0-day exploits. They often have no particular interest in the problems and challenges of computer security.
The targets of their attacks are not carefully selected but rather are systems that happen to be vulnerable to the particular exploit they have at hand. But you should not underestimate them. Script kiddies are by far the biggest group of attackers you are facing. They have an internal social structure and are trained in obtaining dangerous information fast.
Defending yourself against the average script kiddy is not difficult, but you have to keep in mind that script kiddies will often have access to a new exploit months before you know this exploit exists.
Script kiddies are criminals. The problem is that they do not see themselves as such. If asked, they tell you the crime they commit is like stealing chocolate in the supermarket. They feel that hacking systems is more like collecting baseball cards than attacking the heart of someone else’s business. The 17-year-old “Mafiaboy,” who became famous by being arrested for his distributed denial-of-service attacks on popular Web sites such as Amazon.com, eBay, Yahoo, and Cable News Network (CNN), was seen by his peers in IRC as a script kiddy. After he performed the attacks, he went straight into IRC and told everyone what he had just done. This fact illustrates that, despite the fact that he committed a crime and his action resulted in a substantial loss in money for the victims, he did not realize that he had committed a crime and was at risk of prosecution. If he had realized that he was now a criminal, would he go into IRC and tell everyone? Probably not. Another angle to look at in this particular case is the motivation.
Was this boy interested in blackmailing these companies? Or did he work for a competitor who was interested in taking these sites down? Did he promote a particular security product that prevented such attacks? None of these motivations seems to fit. To the best of the public’s knowledge, he did it for fun and simply “because I could do it.” This underlines the basic issue: for most script kiddies, there is no real difference between killing people or monsters in the latest ego-shooter game or taking out computer systems that run a company’s business.
Add this page to your favorite Social Bookmarking websites
