During the 1960s, the word "hacker" grew to prominence describing a person with
strong computer skills, an extensive understanding of how computer programs worked,
and a driving curiosity about computer systems. Hacking, however, soon became nearly
synonymous with illegal activity. While the first incidents of hacking dealt with breaking
into phone systems, hackers also began diving into computer systems as technology
advanced.
Hacking became increasingly problematic during the 1980s. As a result, the Computer
Fraud and Abuse Act were created, imposing more severe punishments for those caught
abusing computer systems. In the early 1980s, the Federal Bureau of Investigation
(FBI) made one of its first arrests related to hacking. A Milwaukee-based group known
as the 414s was accused of breaking into 60 different computer systems including
the Memorial Sloan-Kettering Cancer Center and the Los Alamos National Laboratory.
Later that decade, the infamous Kevin Mitnick was arrested and sentenced to
one year in jail for damaging computers and stealing software. He was arrested
again in 1995 for computer fraud and put in jail for hacking Motorola Inc.,
Sun Microsystems Inc., NEC Corp., and Novell Inc. to steal software, product plans,
and data. Mitnick eventually cost the firms a total of roughly $80 million.
As negative publicity surrounding hackers continued to grow, those who considered
themselves true hackers-computer programming enthusiasts who pushed computer
systems to their limits without malicious intent and followed a hacker code of ethics-grew
weary of the media's depiction of hackers. As a result, several hacker groups coined
the term 'cracker' in 1985 to define a person who broke into computer systems and
ignored hacker ethics; however, the media continued to use the word hacker despite
the fact that although most early hackers believed technical information should be freely
available to any person, they abided by a code of ethics that looked down upon destroying,
moving, or altering information in a way could cause injury or expense.
AT&T Corp., Griffith Air Force Base, NASA, and the Korean Atomic Research Institute all
fell prey to hackers in the early 1990s. Federal World Wide Web sites, including those of
the U.S. Department of Justice, the U.S. Air Force, and the CIA, were also attacked by
hackers and defaced. During 1995 alone, U.S. Defense Department computers dealt with
250,000 hacker attacks. As technology advanced and business transactions conducted
over the Internet increased, malicious hackers became even more destructive. Popular
Web sites such as Yahoo!, America Online, eBay, and Amazon.com were hacked, costing
millions and leaving online shoppers doubtful about security on these sites; a 16-year-old
Canadian boy operating under the name Mafia boy was arrested for these attacks, as well
as for breaking into both Harvard's and Yale's university computer systems. Under the terms
of his parole, Mafia boy was not allowed to use the Internet or go into stores that sold
computers, and his computer use was limited to that which was supervised by a teacher
at school.
Types of Hacking
Hacking Types
1) Inside Jobs - Most security breeches originate inside the network that is under attack.
Inside jobs include stealing passwords (which hackers then use or sell), performing industrial
espionage, causing harm (as disgruntled employees), or committing simple misuse. Sound
policy enforcement and observant employees who guard their passwords and PCs can thwart
many of these security breeches.
2) Rogue Access Points - Rogue access points (APs) are unsecured wireless access points
that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.)
Rogue APs are most often connected by well-meaning but ignorant employees.
3) Back Doors - Hackers can gain access to a network by exploiting back doors�'
administrative shortcuts, configuration errors, easily deciphered passwords, and
unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably
find any weakness in your network.
4) Viruses and Worms - Viruses and worms are self-replicating programs or code
fragments that attach themselves to other programs (viruses) or machines (worms).
Both viruses and worms attempt to shut down networks by flooding them with massive
amounts of bogus traffic, usually through e-mail.
5) Trojan Horses - Trojan horses, which are attached to other programs, are the
leading cause of all break-ins. When a user downloads and activates a Trojan horse,
the hacked software (SW) kicks off a virus, password gobbler, or remote-control SW
that gives the hacker control of the PC.
6) Denial of Service - DoS attacks give hackers a way to bring down a network without
gaining internal access. DoS attacks work by flooding the access routers with bogus
traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).
Distributed DoSs (DDoS5) are coordinated DoS attacks from multiple sources.
A DDoS is more difficult to block because it uses multiple, changing, source IP addresses.
7) Anarchists, Crackers, and Kiddies - Who are these people, and why are they
attacking I your network?Anarchists are people who just like to break stuff.
They usually exploit any target of opportunity.Crackers are hobbyists or professionals
who break passwords and develop Trojan horses or other SW (called warez).
They either use the SW themselves (for bragging rights) or sell it for profit.
Script kiddies are hacker wannabes. They have no real hacker skills, so they
buy or download warez, which they launch.Other attackers include disgruntled
employees, terrorists, political operatives, or anyone else who feels slighted,
exploited, ripped off, or unloved.
8) Sniffing and Spoofing - Sniffing refers to the act of intercepting TCP packets.
This interception can happen through simple eavesdropping or something more sinister.
Spoofing is the act of sending an illegitimate packet with an expected acknowledgment
(ACK), which a hacker can guess, predict, or obtain by snooping.
As the cost of hacking attacks continues to rise, businesses have been forced to increase
spending on network security. However, hackers have also developed new skills that allow
them to break into more complex systems. Hacking typically involves compromising
the security of networks, breaking the security of application software, or creating malicious
programs such as viruses.
The most popular forms of network hacking are denial of service (DoS) attacks and
mail bombs. DoS attacks are designed to swamp a computer network, causing it to crash.
Mail bombs act in a similar fashion, but attack the network's mail servers. When eBay was
attacked in February 2000, its Web server was bombarded with fake requests for Web pages,
which overloaded the site and caused it to crash. Network hackers also try to break into
secure areas to find sensitive data. Once a network is hacked, files can be removed, stolen,
or erased. A group of teens in Wichita , Kansas , for example, hacked into AOL and
stole credit card numbers that they then used to buy video games.
Application hackers break security on application software-software including word
processing and graphics programs-in order to get it for free. One way they gain access
to software that requires a serial number for installation is by setting up a serial number
generator that will try millions of different combinations until a match is found.
Application hackers also sometimes attack the program itself in an attempt to remove
certain security features.
Hackers that create viruses, logic bombs, worms, and Trojan horses are involved in perhaps
the most malicious hacking activities. A virus is a program that has the potential to attack
and corrupt computer files by attaching itself to a file to replicate itself. It can also cause
a computer to crash by utilizing all of the computer's resources. For example, e-mail systems
were inundated with the "ILOVEYOU" and the "Love Bug" viruses in May of 2000, and
the damage to individuals, businesses, and institutions was estimated at roughly $10 billion.
Similar to viruses, logic bombs are designed to attack when triggered by a certain event like
a change in date. Worms attack networks in order to replicate and spread. In July of 2001,
a worm entitled "Code Red" began attacking Microsoft Internet Information Server (IIS)
systems. The worm infected servers running Windows NT 4, Windows 2000, Windows XP,
and IIS 4.0 and defaced Web sites, leaving the phrase "Welcome to www.worm.com
Hacked by Chinese!" Finally, a Trojan horse is a program that appears to do one thing,
but really does something else. While a computer system might recognize
a Trojan horse as a safe program, upon execution, it can release a virus, worm,
or logic bomb.
No comments:
Post a Comment