Script kiddie: Difference between revisions

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
← Previous edit
VisualWikitext
Use American spelling ("defense") when describing the US DoD.
imported>Nomadgeek
m Reverted edits by JoystickJamboree (talk) (HG) (3.4.14)
 
Line 2: Line 2:
{{Computer hacking}}
{{Computer hacking}}


A '''script kiddie''', '''skript kiddie''', '''skiddie''', '''kiddie''', or '''skid''' is a pejorative term used to describe an unskilled individual who uses malicious scripts or programs developed by others or [[Large_language_model|LLMs]].
A '''script kiddie''', '''skript kiddie''', '''skiddie''', '''kiddie''', or '''skid''' is a pejorative for an unskilled individual who uses malicious scripts or programs developed by others.


==Characteristics==
==Characteristics==
The term script kiddie was first used in 1988.<ref>{{Cite thesis |last=Arifgoğlu |first=Saliha Figen |title=Information security, privacy issues and an application |date=1988 |publisher=Middle East Technical University |type=Master's thesis }}</ref>
The term script kiddie was first used in 1988.<ref>{{Cite thesis |last=Arifgoğlu |first=Saliha Figen |title=Information security, privacy issues and an application |date=1988 |publisher=Middle East Technical University |type=Master's thesis }}</ref> In Brazil, the term "lammer" arose in the late 1980s and is more commonly used instead.<ref>{{cite news |last=Nascimento |first=Anderson |title=O que é um Lammer? |date=5 July 2014 |website=Canaltech |language=pt-BR |url=https://canaltech.com.br/hacker/o-que-e-um-lammer |access-date=4 September 2025 |archive-date=4 September 2025 |archive-url=https://web.archive.org/web/20250904164831/https://canaltech.com.br/hacker/o-que-e-um-lammer |url-status=live}}</ref>
 
In a Carnegie Mellon report prepared for the [[United States Department of Defense|US Department of Defense]] in 2000, script kiddies are defined as <blockquote>The more immature but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet—often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.<ref>{{cite report|publisher=[[Carnegie Mellon University]]|doi=10.1184/R1/6583673.v1|title=Security Quality Requirements Engineering (SQUARE) Methodology|author1=Mead, Nancy R.|author2=Hough, Eric|author3=Stehney, Theodore R.|date=31 October 2005|url=https://kilthub.cmu.edu/articles/journal_contribution/Security_Quality_Requirements_Engineering_SQUARE_Methodology/6583673/1}}</ref></blockquote>
In a Carnegie Mellon report prepared for the [[United States Department of Defense|US Department of Defense]] in 2000, script kiddies are defined as <blockquote>The more immature but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet—often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.<ref>{{cite report|publisher=[[Carnegie Mellon University]]|doi=10.1184/R1/6583673.v1|title=Security Quality Requirements Engineering (SQUARE) Methodology|author1=Mead, Nancy R.|author2=Hough, Eric|author3=Stehney, Theodore R.|date=31 October 2005|url=https://kilthub.cmu.edu/articles/journal_contribution/Security_Quality_Requirements_Engineering_SQUARE_Methodology/6583673/1}}</ref></blockquote>


Script kiddies typically have at least one or more effective and easily downloadable programs capable of breaching computers and networks.<ref name="zdnet">{{cite news| last=Lemos| first=Robert| date=July 12, 2000 |url=https://www.zdnet.com/article/script-kiddies-the-nets-cybergangs/ <!--http://www.zdnet.com/news/script-kiddies-the-nets-cybergangs/96163-->| work=[[ZDNet]]| title=Script kiddies: The Net's cybergangs| access-date=2007-04-24}}</ref>
Script kiddies typically have at least one or more effective and easily downloadable programs capable of breaching computers and networks.<ref name="zdnet">{{cite news| last=Lemos| first=Robert| date=July 12, 2000 |url=https://www.zdnet.com/article/script-kiddies-the-nets-cybergangs/ <!--http://www.zdnet.com/news/script-kiddies-the-nets-cybergangs/96163-->| work=[[ZDNet]]| title=Script kiddies: The Net's cybergangs| access-date=2007-04-24}}</ref>


Script kiddies vandalize websites both for the thrill of it and to increase their reputation among their peers.<ref name="zdnet"/>  Some more malicious script kiddies have used virus toolkits to create and propagate the [[Anna Kournikova (computer virus)|Anna Kournikova]] and [[ILOVEYOU|Love Bug]] viruses.<ref name="Reg01">{{cite web|author=Leyden, John|date=February 21, 2001|url=https://www.theregister.co.uk/2001/02/21/virus_toolkits_are_skiddie_menace/|title=Virus toolkits are s'kiddie menace |website=[[The Register]]}}</ref>
Script kiddies vandalize websites both for the thrill of it and to increase their reputation among their peers.<ref name="zdnet"/>  Some more malicious script kiddies have used virus toolkits to create and propagate the [[Anna Kournikova (computer virus)|Anna Kournikova]] and [[ILOVEYOU|Love Bug]] viruses.<ref name="Reg01">{{cite web|author=Leyden, John|date=February 21, 2001|url=https://www.theregister.co.uk/2001/02/21/virus_toolkits_are_skiddie_menace/|title=Virus toolkits are s'kiddie menace |website=[[The Register]]}}</ref> Script kiddies lack, or are only developing, programming skills sufficient to understand the effects and side effects of their actions. As a result, they leave significant traces which lead to their detection, or directly attack companies which have detection and countermeasures already in place. For example, they may report crashes they cause while developing malware on their system, unintentionally sending their [[source code]] to [[Microsoft]].<ref>{{cite web|author=Taylor, Josh |date=August 26, 2010|url=https://www.zdnet.com/article/hackers-accidentally-give-microsoft-their-code/ |title=Hackers accidentally give Microsoft their code|publisher=ZDNet.com.au|archive-url=https://web.archive.org/web/20120120160424/http://www.zdnet.com.au/hackers-accidentally-give-microsoft-their-code-339305548.htm?omnRef=NULL |archive-date=January 20, 2012 |url-status=live}}</ref><ref>{{cite web|author=Ms. Smith|date=August 28, 2010|url=http://www.networkworld.com/community/node/65571 |title=Error Reporting Oops: Microsoft, Meter Maids and Malicious Code|work=Privacy and Security Fanatic|publisher=[[Network World]]|url-status=dead|archive-url=https://web.archive.org/web/20220816064753/https://www.csoonline.com/article/2227020/error-reporting-oops--microsoft--meter-maids-and-malicious-code.html|archive-date=August 16, 2022}}</ref>
Script kiddies lack, or are only developing, programming skills sufficient to understand the effects and side effects of their actions. As a result, they leave significant traces which lead to their detection, or directly attack companies which have detection and countermeasures already in place, or in some cases, leave automatic crash reporting turned on.<ref>{{cite web|author=Taylor, Josh |date=August 26, 2010|url=https://www.zdnet.com/article/hackers-accidentally-give-microsoft-their-code/ |title=Hackers accidentally give Microsoft their code|publisher=ZDNet.com.au|archive-url=https://web.archive.org/web/20120120160424/http://www.zdnet.com.au/hackers-accidentally-give-microsoft-their-code-339305548.htm?omnRef=NULL |archive-date=January 20, 2012 |url-status=live}}</ref><ref>{{cite web|author=Ms. Smith|date=August 28, 2010|url=http://www.networkworld.com/community/node/65571 |title=Error Reporting Oops: Microsoft, Meter Maids and Malicious Code|work=Privacy and Security Fanatic|publisher=[[Network World]]|url-status=dead|archive-url=https://web.archive.org/web/20220816064753/https://www.csoonline.com/article/2227020/error-reporting-oops--microsoft--meter-maids-and-malicious-code.html|archive-date=August 16, 2022}}</ref>
 
Although script kiddie attacks might become increasingly more effective in the future, researchers have noted that other models, like the language model, can also be used to enhance protection against the improved script kiddie attacks. This continuous back and forth improvement suggests that the competition between cyber attackers and defenders will continue to increase.<ref>{{Citation |last1=Moskal |first1=Stephen |title=LLMs Killed the Script Kiddie: How Agents Supported by Large Language Models Change the Landscape of Network Threat Testing |date=2023-10-10 |arxiv=2310.06936 |last2=Laney |first2=Sam |last3=Hemberg |first3=Erik |last4=O'Reilly |first4=Una-May}}</ref>


==See also==
==See also==

Latest revision as of 04:50, 18 November 2025

Template:Short description Template:Computer hacking

A script kiddie, skript kiddie, skiddie, kiddie, or skid is a pejorative for an unskilled individual who uses malicious scripts or programs developed by others.

Characteristics

The term script kiddie was first used in 1988.[1] In Brazil, the term "lammer" arose in the late 1980s and is more commonly used instead.[2]

In a Carnegie Mellon report prepared for the US Department of Defense in 2000, script kiddies are defined as

The more immature but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet—often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.[3]

Script kiddies typically have at least one or more effective and easily downloadable programs capable of breaching computers and networks.[4]

Script kiddies vandalize websites both for the thrill of it and to increase their reputation among their peers.[4] Some more malicious script kiddies have used virus toolkits to create and propagate the Anna Kournikova and Love Bug viruses.[5] Script kiddies lack, or are only developing, programming skills sufficient to understand the effects and side effects of their actions. As a result, they leave significant traces which lead to their detection, or directly attack companies which have detection and countermeasures already in place. For example, they may report crashes they cause while developing malware on their system, unintentionally sending their source code to Microsoft.[6][7]

See also

References

Template:Reflist

Further reading

  • Script error: No such module "Citation/CS1".
  • Script error: No such module "citation/CS1".
  • The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers (2005) Template:ISBN

External links

  1. Template:Cite thesis
  2. Script error: No such module "citation/CS1".
  3. Template:Cite report
  4. a b Script error: No such module "citation/CS1".
  5. Script error: No such module "citation/CS1".
  6. Script error: No such module "citation/CS1".
  7. Script error: No such module "citation/CS1".
Retrieved from "http://debianws.lexgopc.com/wiki143/index.php?title=Script_kiddie&oldid=3139787"