Script Kiddies is a term that refers to inexperienced hackers who lack experience, as well as have a low understanding of hacking and the tools used to do it. They make use of already existing hacking tools and scripts, without understanding the underlying vulnerabilities that are being exploited. The word “kiddie”, usually used to refer to a small child, is instead used to represent their lack of sophistication.
Script kiddies are usually opportunistic in their targeting, and often hack just for the sake of hacking, rather than achieving some premeditated objective. However, this lack of planning or high-level motivation doesn’t mean script kiddies are harmless!
Modern hacking tools are easy to acquire, configure, and use, and the vast majority of vulnerabilities that get exploited in real-world scenarios are known vulnerabilities for which exploits have been developed and distributed.
Script kiddies are almost always external threats, with low sophistication and resources. They often have minimal or no funding, and only freely available resources. Their goals can vary, but they usually operate opportunistically and don’t have a great deal of motivation. Once a script kiddie has been stopped by security measures, they’re likely to move on to an easier target.