During the 1960s, the word "hacker" grew to prominence
describing a person with
strong computer skills, an extensive understanding of
how computer programs worked,
and a driving curiosity about computer systems.
Hacking, however, soon became nearly
synonymous with illegal activity. While the
first incidents of hacking dealt with breaking
into phone systems, hackers also
began diving into computer systems as technology
advanced.
Hacking became increasingly problematic during the 1980s. As a
result, the Computer
Fraud and Abuse Act were created, imposing more severe
punishments for those caught
abusing computer systems. In the early 1980s, the
Federal Bureau of Investigation
(FBI) made one of its first arrests related to
hacking. A Milwaukee-based group known
as the 414s was accused of breaking into
60 different computer systems including
the Memorial Sloan-Kettering
Cancer Center
Later that decade, the infamous Kevin
Mitnick was arrested and sentenced to
one year in jail for damaging computers
and stealing software. He was arrested
again in 1995 for computer fraud and put
in jail for hacking Motorola Inc.,
Sun Microsystems Inc., NEC Corp., and Novell
Inc. to steal software, product plans,
and data. Mitnick eventually cost the
firms a total of roughly $80 million.
As negative publicity surrounding hackers continued to grow,
those who considered
themselves true hackers-computer programming enthusiasts
who pushed computer
systems to their limits without malicious intent and
followed a hacker code of ethics-grew
weary of the media's depiction of
hackers. As a result, several hacker groups coined
the term 'cracker' in 1985
to define a person who broke into computer systems and
ignored hacker ethics;
however, the media continued to use the word hacker despite
the fact that
although most early hackers believed technical information should be freely
available to any person, they abided by a code of ethics that looked down upon
destroying,
moving, or altering information in a way could cause injury or
expense.
AT&T Corp., Griffith Air Force Base, NASA, and the Korean
Atomic Research Institute all
fell prey to hackers in the early 1990s. Federal
World Wide Web sites, including those of
the U.S. Department of Justice, the
U.S. Air Force, and the CIA, were also attacked by
hackers and defaced. During
1995 alone, U.S. Defense Department computers dealt with
250,000 hacker
attacks. As technology advanced and business transactions conducted
over the
Internet increased, malicious hackers became even more destructive. Popular
Web
sites such as Yahoo!, America Online, eBay, and Amazon.com were hacked, costing
millions and leaving online shoppers doubtful about security on these sites; a
16-year-old
Canadian boy operating under the name Mafia boy was arrested for
these attacks, as well
as for breaking into both Harvard's and Yale's
university computer systems. Under the terms
of his parole, Mafia boy was not
allowed to use the Internet or go into stores that sold
computers, and his
computer use was limited to that which was supervised by a teacher
at school.
Types of Hacking
Hacking Types
1) Inside Jobs - Most security breeches originate inside the network
that is under attack.
Inside jobs include stealing passwords (which hackers
then use or sell), performing industrial
espionage, causing harm (as
disgruntled employees), or committing simple misuse. Sound
policy enforcement
and observant employees who guard their passwords and PCs can thwart
many of
these security breeches.
2) Rogue Access
Points - Rogue access points (APs) are unsecured
wireless access points
that outsiders can easily breech. (Local hackers often
advertise rogue APs to each other.)
Rogue APs are most often connected by
well-meaning but ignorant employees.
3) Back Doors - Hackers can gain access to a network by exploiting
back doors�'
administrative shortcuts, configuration errors, easily
deciphered passwords, and
unsecured dial-ups. With the aid of computerized
searchers (bots), hackers can probably
find any weakness in your network.
4) Viruses and Worms
fragments that attach themselves to other programs (viruses) or machines
(worms).
Both viruses and worms attempt to shut down networks by flooding them
with massive
amounts of bogus traffic, usually through e-mail.
5) Trojan Horses - Trojan horses, which are attached to other programs,
are the
leading cause of all break-ins. When a user downloads and activates a
Trojan horse,
the hacked software (SW) kicks off a virus, password gobbler, or
remote-control SW
that gives the hacker control of the PC.
6) Denial of Service - DoS attacks give hackers a way to bring down a network
without
gaining internal access. DoS attacks work by flooding the access
routers with bogus
traffic (which can be e-mail or Transmission Control
Protocol, TCP, packets).
Distributed DoSs
(DDoS5) are coordinated DoS attacks from multiple sources.
A DDoS is more
difficult to block because it uses multiple, changing, source IP addresses.
7) Anarchists,
Crackers, and Kiddies - Who are these
people, and why are they
attacking I your network?Anarchists are
people who just like to break stuff.
They usually exploit any target of
opportunity.Crackers are
hobbyists or professionals
who break passwords and develop Trojan horses or
other SW (called warez).
They either use the SW themselves (for bragging
rights) or sell it for profit.
Script kiddies are
hacker wannabes. They have no real hacker skills, so they
buy or download warez, which they launch.Other attackers
include disgruntled
employees, terrorists, political operatives, or anyone else
who feels slighted,
exploited, ripped off, or unloved.
8) Sniffing and
Spoofing - Sniffing refers to
the act of intercepting TCP packets.
This interception can happen through
simple eavesdropping or something more sinister.
Spoofing is the act
of sending an illegitimate packet with an expected acknowledgment
(ACK), which
a hacker can guess, predict, or obtain by snooping.
As the cost of
hacking attacks continues to rise, businesses have been forced to increase
spending on network security. However, hackers have also developed new skills
that allow
them to break into more complex systems. Hacking typically involves
compromising
the security of networks, breaking the security of application
software, or creating malicious
programs such as viruses.
The most popular
forms of network hacking are denial of service (DoS) attacks and
mail bombs.
DoS attacks are designed to swamp a computer network, causing it to crash.
Mail
bombs act in a similar fashion, but attack the network's mail servers. When
eBay was
attacked in February 2000, its Web server was bombarded with fake
requests for Web pages,
which overloaded the site and caused it to crash.
Network hackers also try to break into
secure areas to find sensitive data.
Once a network is hacked, files can be removed, stolen,
or erased. A group of
teens in Wichita , Kansas
stole credit card numbers that they then used to buy video games.
Application hackers
break security on application software-software including word
processing and
graphics programs-in order to get it for free. One way they gain access
to
software that requires a serial number for installation is by setting up a
serial number
generator that will try millions of different combinations until
a match is found.
Application hackers also sometimes attack the program itself
in an attempt to remove
certain security features.
Hackers that create
viruses, logic bombs, worms, and Trojan horses are involved in perhaps
the most
malicious hacking activities. A virus is a program that has the potential to
attack
and corrupt computer files by attaching itself to a file to replicate
itself. It can also cause
a computer to crash by utilizing all of the
computer's resources. For example, e-mail systems
were inundated with the
"ILOVEYOU" and the "Love Bug" viruses in May of 2000, and
the damage to individuals, businesses, and institutions was estimated at
roughly $10 billion.
Similar to viruses, logic bombs are designed to attack when
triggered by a certain event like
a change in date. Worms attack networks in
order to replicate and spread. In July of 2001,
a worm entitled "Code
Red" began attacking Microsoft Internet Information Server (IIS)
systems. The worm infected servers running Windows NT 4, Windows 2000, Windows XP,
and
IIS 4.0 and defaced Web sites, leaving the phrase "Welcome to www.worm.com
Hacked by Chinese!" Finally, a Trojan horse is a program that appears to
do one thing,
but really does something else. While a computer system might
recognize
a Trojan horse as a safe program, upon execution, it can release a
virus, worm,
or logic bomb.
No comments:
Post a Comment