In a Carnegie Mellon report prepared for the US [[United States Department of Defence (United States)Defense|US Department of DefenceDefense]] in 2000, script kiddies are defined as <blockquote>The more immature but unfortunately often just as dangerous exploiter of security lapses on the Internet. The typical script kiddy uses existing and frequently well known and easy-to-find techniques and programs or scripts to search for and exploit weaknesses in other computers on the Internet—often randomly and with little regard or perhaps even understanding of the potentially harmful consequences.<ref>{{cite report|publisher=[[Carnegie Mellon University]]|doi=10.1184/R1/6583673.v1|title=Security Quality Requirements Engineering (SQUARE) Methodology|author1=Mead, Nancy R.|author2=Hough, Eric|author3=Stehney, Theodore R.|date=31 October 2005|url=https://kilthub.cmu.edu/articles/journal_contribution/Security_Quality_Requirements_Engineering_SQUARE_Methodology/6583673/1}}</ref></blockquote>
Script kiddies typically have at least one or more effective and easily downloadable programs capable of breaching computers and networks.<ref name="zdnet">{{cite news| last=Lemos| first=Robert| date=July 12, 2000 |url=https://www.zdnet.com/article/script-kiddies-the-nets-cybergangs/ <!--http://www.zdnet.com/news/script-kiddies-the-nets-cybergangs/96163-->| work=[[ZDNet]]| title=Script kiddies: The Net's cybergangs| access-date=2007-04-24}}</ref>
