Evolution of the Hacker Trade

Sometimes change happens so gradually it’s easy to miss. That’s often the case in cybersecurity. We see statements like “the security landscape is evolving” or “hackers are getting smarter” that just get brushed off as the latest marketing jargon. Still, they hold some serious weight if you stop to think about it. 

We must be dedicated to studying and learning from hacker tradecraft. It is essential that we understand precisely how attackers operate so we can pick up on their tricks and tactics, and know-how to defend against them. We know that we can’t dismiss the past to prepare for the future. Below is a brief history of how hackers have evolved their tradecraft and how understanding this transition can help us better prepare for tomorrow’s threats.

Cybersecurity Supply and Demand: Then vs. Now

Looking back, the world’s approach to cybersecurity has been chiefly reactionary. We settled into “new attack, new security product” mode, where the attacks and threats themselves drove the creation of protective products.

In the 1980s, for example, virus attacks on stand-alone PCs affected all businesses—which drove the development of commercial antivirus software to protect against them. As we moved along to the mid-1990s, the internet opened the gates for the broad and rapid spread of malware, which introduced us to the firewall. 

As time went on, cyberattacks could not be effectively stopped by firewalls or antivirus products alone. Hackers learned to leverage vulnerabilities—masking their attacks in anything from resumes to picture files, behind which awaited sophisticated code that was ready to launch. All they needed was a user to open an email attachment or plug in a USB, and the attack was silently unleashed. 

In response, the IT industry boomed in the early 2000s, bringing fresh products and services to meet the needs of a hungry market. We saw new technologies emerge like signature-based detection, automation, and artificial intelligence. But all the while, hackers were watching and learning how to beat these tools.

The Modern Hacker

What began as inquisitive teenagers hacking for the sheer fun and challenge of it all has now turned into a more organized and formidable force. Hacker motives changed from recognition and notoriety to being in it for the money—turning cybercrime into a multi-billion dollar industry.

Today’s hackers have moved beyond the Hollywood stereotype of the lone hacker in a basement. Instead, they’re operating in highly organized groups (similar to the professional environments we’re all familiar with). This dynamic has introduced a more economically-focused adversary, but it has also provided a wider distribution of hacker skills and know-how.

There’s more knowledge and resources at a hacker’s fingertips than ever before. Look no further than the dark web. It’s got malicious gadgets and gizmos a-plenty, even keyloggers and wipers galore. You want a hacker for hire? There are many. 

The point is: that modern hackers know there is money to be made in cybercrime, and they’re using the dark web to source tools or skills that they might not have—and this has completely changed the way bad actors go about their attacks.

Tactics, Techniques, and Procedures Hackers Use Today

Most attackers will go for the low-hanging fruit and use the path of least resistance. Phishing is a popular choice—you can use malicious links and fake documents to lure users into clicking or opening something. 

Phishing is an effective way to gain initial access, although if the user shuts down their computer, the attacker has just lost their access. Can you imagine if the hacker would just re-phish the user any time that happened? That would be the world’s most efficient hacker!

Getting in is no longer the hard part; it’s staying in. That’s where persistence comes in handy for hackers.

How Do Hackers Use Persistence In Their Attacks?

Attackers are turning away from methods that are easy to detect and shut down. Instead, more bad actors are opting for a ​​“low-and-slow” approach, establishing persistence to lay low and maintain long-term access to their targets. Although slower, this ongoing strategy enables more covert operations. Here’s a look at how hackers are using persistence in their attacks.



At the end of the day, all cyberattacks are not created equal—nor are all cybercriminals. Some are more persistent than others, so it’s becoming increasingly important to understand our adversaries and better equip ourselves for the fight.To learn more about how to better equip your business for this battle, contact your Pendello Soluitons Team today!