What's a Hacker?
"Hacker" is one of those terms that's an alternative meaning based on who uses it. Thanks to Hollywood, most people think a hacker is an individual who gains illicit usage of some type of computer and steals stuff or breaks into military networks and launches missiles for fun.
Nowadays, a hacker doesn't need to be a geek from a top university who breaks into banks and government systems. A hacker can be anyone, even a child next door.
Having an ordinary laptop, everyone can download simple software off the Internet to see anything that adopts and out of some type of computer for a passing fancy network. And individuals who do this don't always have the very best of intentions. Hire a hacker to catch cheating spouse
A Brief History of Hackers
Nowadays, the word "hacker" has become synonymous with people who sit in dark rooms, anonymously terrorizing the Internet. However it wasn't always that way. The initial hackers were benign creatures. In fact, these were students.
To anyone attending the Massachusetts Institute of Technology during the 1950s and 60s, the term "hack" simply meant an elegant or inspired treatment for any given problem. Most of the early MIT hacks tended to be practical jokes. One of the very extravagant saw a replica of a campus police car placed on top of the Institute's Great Dome.
Over time, the word became associated with the burgeoning computer programming scene at MIT and beyond. For these early pioneers, a hack was an accomplishment of programming prowess. Such activities were greatly admired because they combined expert knowledge with an innovative instinct.
Why Does a Hacker Hack?
Hackers' motivations vary. For a few, it's economic. They earn a full time income through cybercrime. Some have a political or social agenda - their aim is always to vandalize high-profile computers to make a statement. This kind of hacker is called a cracker as their main purpose is always to crack the security of high profile systems.
Others get it done for the sheer thrill. When asked by the website SafeMode.org why he defaces web servers, a cracker replied, "A high-profile deface gives me an adrenalin shot and then after a few years I need another shot, that's why I can't stop." [1]
Nowadays, we are faced with a new kind of hacker - your next door neighbor. Everyday, tens and thousands of people download simple software tools that enable them to "sniff" wifi connections. Some do this simply to eavesdrop on what others are doing online. Others do this to steal private data in an endeavor steal an identity.
The Most Common Attacks
1. SideJacking / Sniffing
Sidejacking is a web attack method in which a hacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies are usually sent back to browsers unencrypted, even though the first website log-in was protected via HTTPS. Anyone listening can steal these cookies and then use them access your authenticated web session. This recently made news just because a programmer released a Firefox plug-in called Firesheep that allows you for an intruder sitting in your area on an open network (like a public wifi hotspot) to sidejack many popular website sessions. For example, a sidejacker using Firesheep could take over your Facebook session, thereby gaining usage of all your sensitive data, and even send viral messages and wall posts to all your friends.
2. DNS Cache Poisoning
In DNS cache poisoning, data is introduced into a Domain Name System (DNS) name server's cache database that did not originate from authoritative DNS sources. It is an accidental results of a misconfiguration of a DNS cache or of a maliciously crafted attack on the name server. A DNS cache poisoning attack effectively changes entries in the victim's copy of the DNS name server, then when he or she types in the best site name, he or she is sent instead to a fraudulent page.
3. Man-In-the-Middle Attacks
A man-in-the-middle attack, bucket brigade attack, or Janus attack, is a questionnaire of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to one another over a personal connection, when in reality the entire conversation is being controlled by the attacker. The attacker must manage to intercept all messages going between the 2 victims and inject new ones. For example, an attacker within reception array of an unencrypted wifi access point can insert himself as a man-in-the-middle. Or an attacker can pose as an online bank or merchant, letting victims sign in over a SSL connection, and then a attacker can log onto the actual server using the victim's information and steal charge card numbers.
4. Smishing
Packet sniffers allow eavesdroppers to passively intercept data sent between your laptop or smartphone and other systems, such as for instance web servers on the Internet. Here is the easiest and simplest type of wireless attack. Any email, web search or file you transfer between computers or open from network locations on an unsecured wireless network can be captured by a nearby hacker using a sniffer. Sniffing tools are readily available free of charge on the net and there are at the very least 184 videos on YouTube to exhibit budding hackers how to make use of them. The only way to protect yourself against wifi sniffing generally in most public wifi hotspots is to utilize a VPN to encrypt everything sent over the air.
5. Mass Meshing
Also called mass SQL injection, this is a method whereby hackers poison websites by illegally imbedding a redirection javascript from legitimate websites previously infected and controlled by the hackers. These javascripts redirect the visitor's computer to servers which contain additional malicious programs that could attack a user's computer.
The Most Common Targets
Hackers are interested in various types of computers on the Internet. The next list describes different types of targets and their appeal to hackers. [2]
1. Corporate Networks
Corporate computers tend to be heavily fortified so hacking into you've got high cachet. Behind corporate firewalls are repositories of customer information, product information, and sometimes, in case of a software publisher, the product itself.
2. Web Servers
Web servers are computers that have websites. Though some contain customer financial information, web servers usually are targets for vandals because they may be defaced to show information the hacker chooses to the public.
3. Personal Computers
With the ever growing usage of wifi, laptops are becoming one of the very hacked devices. Everything a person visits online can come in contact with a person using software to "sniff" that connection. The internet site URL, passwords used to log into an online banking account, Facebook pictures, tweets, and an entire instant message conversation can be exposed. It is the simplest kind of hacking because it requires little skill.
4. Tablets and Palm Top devices
Tablets, cellular phones, and other mobile-ready devices are simply as popular as laptops come in wifi hotspots. A hacker in a public hotspot can easily see a mobile device, in addition to all data entering and from the jawhorse, just as easily as they can a laptop.
How You Can Protect Yourself
The simple truth is that anyone connecting to the Internet is vulnerable to being hacked. Thus, there is a need to be proactive as it pertains to protecting yourself from such attacks.
No comments:
Post a Comment