I think the problem is that, as The Specialist rightly says, the word 'hacker', 'cracker' usw are chucked around too much. It should be clear by now that different people criminally infiltrate computer systems for different reasons. They follow a basic pattern of

organisation reconnaissance
host enumeration
service scanning
vulnerability exploitation
establishing and defending their operational bridgehead
covering up their tracks

Although it should be said that each phase overlaps or shares elements with the others.

Because the methodology is essentially the same, you might think it difficult to determine differences between groups/individuals. But in fact their motivations and targets are different as are their levels of ability. Determining those differences requires a mixture of common sense and careful forensics. From this, a profile of the individual or group concerned can be built up.

The point is that there is no general one size fits all profile.

One highly oversimplied example:

1. A web site defacement is carried out on a hard core porn site by a group who identify themselves as 'WWJD'. They replace full frontal nudity pictures with women dressed in long flowery dresses and change all swear words to 'sugar' and replace passages of fantasy sex with biblical expositions and finally change the paypal address to a prolife charitable organisation.

2. Once the site is defaced, the 'team' post the URL and graphics around the world on various religious newsgroups, proclaiming that they have struck a blow against Satan and also upheld the rights of women who should be Stepford wives not exotic models and that they will strike against the powers of darkness again soon.

Looking at this fictional attack, we find that the so-called group did not actually deface the website. Instead they put up a spoof site and poisoned the DNS cache. Combined with the fact that the language used on the defaced site and in the email announcement shows indications of college level education, including the use of several academic terms in theology, we start to see that we are dealing with someone who may have been to or still is at a bible seminary and may also have a degree in computers or be self taught to the extent that they are skilful enough to work in the industry and one or more of them probably are doing just that.

All the pretty girls in frocks are white and in the 16 to 25 age range. This probably indicates white males in the 20 - 35 age group were responsible for the attack. Fundies have desires too.

These bubbas chose to donate to a charitable organisation in the mid west dedicated to pro life policies. This is probably a reasonable indication of their geographic location. And the newsgroups they posted to were consistently fundamentalist baptist/hard line presbyterian.

Having gleaned this information from the attack, the policing forces could probably narrow down their search to graduates belonging to hardline baptist/presbyterian churches working in the computer industry in the mid west, male, white in the 20-35 age group, probably with a college level education in computers or a reasonably senior networking job and who have been to bible college.

It's still a lot of people to trawl through but it's better than nothing.