This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In today's society, where technology and the Internet seem to guide and control almost everything in our daily lives, a new threat has entered our consciousness. The threat is on the various company databases where our personal information are stored, and when these companies are hacked, information about us can be stolen. And yes, this happens from time to time!
Threats in the digital world may be the same as in the physical world, but the cyber space tends to be an easy landscape for criminals. Wearing a knit ski mask with a gun waiving hand and walk into a bank isn't completely a safe way anymore for criminals. Today's organized crimes tend to rely on the Internet's benefits. The hacker doesn't have to be anymore near to his victim. A hacker could be sitting on his computer in Rio de Janeiro and stole Citizen Bank's system in Los Angeles. The complexity of the Internet system makes it near impossible to define the source of the attacks, and even if they are defined, what they can do to catch hackers from out the country borders? (Shneier 20)
Cyberspace crimes mirror everything you may know in the physical world: Theft, exploitation, destruction, disturbance, fraud, etc. There is even physical harm threat: attacks against traffic signal control systems, and so on. Although the nature of attacks may look different, but attacks in the real world and digital world share the same goals. If the robberies are used to take place in the banks, where the money was, the money today is not in the bank. The world's banks make transactions on their customers' accounts by placing modification to the numbers computerized in databases (Shneier 16). In fact, the physical robbery of the banks decreases in numbers compared with the same act on the digital world. The community online is the same community offline. Whether it is analog or digital, theft is illegal. The act and the doers are the same with a little change in the nature of attacks.
In this research paper, we are going to explore the dark side of hackers, take a glimpse behind the curtains to present the methods they involve in their attacks, not to use them, but to get an idea how we can prevent our systems from their threats.
Attacks on computerized systems take many different forms; in this research we will discover seven wide-spread hackers' common methods: Trojan horse programs, back door programs, denial of service, viruses, worms, packet sniffing, and social engineering.
Before we get into each method, I must mention that the list cannot be limited to those mentioned, or any other list maybe suggested somewhere else. The reason why the hackers' methods are unlimited is because most of their activities and tools kept secret unless they are discovered by the legal authorities. So what we listed is only what we already know.
First on my list, is the Trojan horse. Trojan horse is a harmful piece of software embedded in another trusted piece of software. The term Trojan horse comes from Greek's history. According to the traditional story, the Greeks won the Trojan War by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy. The horse was built and filled with hidden Greek warriors before been given as a gift to the city of Troy. Once they were inside the city, they massacred the Trojans in the night, stole their wealth, and burned their city. (Schneier 155-156)
Following that analogy, as Cisco, one of the world's biggest technology corporations, describes, "It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems". Trojan horse programs act as legitimate programs or files that users may recognize and want to use. Files like .jpg, .pdf or .doc are mostly used to trick victims. It is useful tool that allows hackers remote access to a target computer system when the victims load and execute those kinds of harmful files, which facilitates unauthorized access to the user's computer system.
Trojan horse consists of two essential parts, a Client and a Server. A Client runs on the attacker's machine while a Server on the victim's machine. When a victim runs the Trojan horse (server part) program on his computer, he actually accepts a server on his system. Once the server is run, it sends the IP address of the computer is running on to its Client. The IP address is send via certain form of communication that the attacker established when he first made the Trojan horse, usually via email. Once a connection is established, the client can run commands on the victim's computer via the server.
Trojan horses collect all useful information from the affected system, and give almost full control of the system to the attacker. Credit card information, user-names and passwords are sent to the hacker. Installation, deletion, downloading or uploading of files on the user's computer is under the hacker's control. Changing the system configurations, running programs, controlling the keyboard and mouse, turning all the connected devices on and off, and watching whatever is on the server's screen are all other options.(Schneier 156) And what is worse than crashing the entire computer by a simple click?
Another form of attack is called a denial-of-service (DoS) attack. This type of attack generally consists of preventing an Internet site or service from operating efficiently or at all, temporarily or indefinitely. Typically, hackers preparing DoS attacks target services or sites hosted on high-profile web servers such as banks, on-line stores, and credit card companies. The trick behind this technique is to let the system process too much data out of its capability. In a typical connection, when the user enters a website, the computer automatically sends a message to the server asking for authentication. The server returns an authentication approval to the computer. The computer receives this approval and then is allowed to access onto the server. However, in a denial of service attack, the attacker sends several authentication requests to the server. All of his requests have false or inexistent addresses, so the server cannot find the computer when it tries to send the authentication approval back to it. The server waits, one to two minutes, before closing the connection. When the server closes the connection, the attacker sends a new batch of requests, and the server begins again to send the authentications back to unfounded users, and that's what ties the server up indefinitely, so it becomes "Out of Service" (Schneier 182.)
There is another advanced DoS technique that involves a Trojan horse programs. The hackers can create an "agent", victim, frequently through a Trojan horse program that runs on a compromised computer awaiting further instructions. Then, when a number of agents are under control and running on different computers, the intruder can instruct all of them to launch a denial-of-service attack on another system. Thus, the end target of the attack is not those "agents'" computers, -- they are just a convenient tool in a larger attack (Schenier 184.)
Another tool commonly used by intruders to gain remote access to someone's system is "Back door programs." On Windows computers, three programs allow intruders to this are BackOrifice, Netbus, and SubSeven. Back doors programs work in the same way as Trojan horses do with one big difference: they are not malicious programs. Back doors are mostly adopted by network administration in the internal networks; such as; schools, companies, libraries, organizations, etc. Back doors on its intended use save time, effort and energy. When the network administration in universities shut down their computers at the end of the day from one single computer, it is through the back door programs. In the negative use, these back door or remote administration programs, once installed, allow other people to access and control a computer from any point in the world. Most backdoors are a small programs that must be installed to a computer while remains hidden from casual inspection of antivirus programs. Typical backdoors can be accidentally installed by unaware users. This may be accomplished in different ways. It may be through attaching the program to e-mail messages, viruses, worms or even spyware, or being downloaded from the Internet using file sharing programs. Usually those malicious files are given unsuspicious names which leads users into opening them and excuting them in their computers (Noordergraaf.)
Like a human virus, a computer virus has the reproductive ability to spread from one point to another affecting the parts of each computer as it travels through. Computer viruses take a form of executable files that can be carried on removable media such as CD, DVD, floppy disk, or USB flash drive, or be sent over the network or the internet. Executable file, .exe, in computer science, is a kind of file that doesn't do anything unless you run them -click on the file-. This means that a virus may be in your computer but it cannot infect any part of it unless you run it. After the victim clicks on the virus, the virus becomes active to do whatever damage it is programmed for with one more thing, the reproductive ability. The virus damages maybe, but not limited to, physical damages on specific parts of the computer, deletion of files, disabling the functionality, crashing or slowing down the system, or all combined. Once the virus is active, it copies itself on all removable media connected to the infected computer, and when these removable media are plugged into another computer, the virus has just to wait to be active by the next victim. However, hackers are able to spread a computer virus, knowingly, by sharing infecting files with a given unsuspicious name or sending e-mails with viruses as attachments in the e-mail. Moreover, viruses that tend to infect files on a network file system that are used by the computer itself or also accessed by another computer tend to increase their chances of spreading, and their effects will be more devastating (Cisco)
Hackers also use worms to damage systems. By design, worms are similar to viruses. Both are created to inflict damage to the targeted systems. But unlike a virus, a worm has the ability to travel without any human action (Seeley.) Also unlike viruses, a worm is self-replicating software that doesn't hide on any other executable file, but exists by itself. Worms usually have legitimated extensions; such as, *.JPG, *.PDF, *.TXT, *.JSE, *.MP3, followed by an automatic hidden extension ".VBS" denoted to the worms files. So rather than the infected computer sending a single worm to any connected removable device, the worm replicates itself on the infected system sending out hundreds or thousands of copies to any removable device plugged on that computer, and any connected computer to it by either network or Internet. The capability of a single worm to replicate itself can make a huge devastating effect. For instance in 1988 Robert T. Morris released his famous internet worm from one computer to crash 10 percent of the Internet's computers. (Shneier 155)
Another example of worms that most of us, unconsciously, know is the one spread over the email addresses. This kind of worms send a copy of themselves to everyone listed in someone's e-mail address book. Then, the worm replicates and sends itself out to the address book of everyone in the receiver's e-mail address book, and the chain goes on. To understand to what extent worms are dangerous, in 2000, the famous worm "ILOVEYOU" attacked tens of millions of Windows computers and made different malicious changes to the victims' systems (Schneier 158.)
Packet sniffing is a stealing tool hackers use to gain sensitive information from their victims. To keep our connections in high performance, the data transferred from and to our computers are in form of "packets". Think of "packets" as slices of information sent separately and momentarily to be gathered on their final destination as a single file. In a simple local area network, where computers share an Ethernet ware, all packets that travel within this network are seen by every computer on it, but they are not received by all of them. If certain computer sends information to another specific computer, the packets have to travel through every node on that local network, then a network filter in each computer discards the packets not addressed to it, and the process goes on till the packets reach their destination. If a hacker in another computer in the same internal network tends to steal information traveling through the network, he/she turns the network card on his/her computer into promiscuous mode. In this mode the computer will receive, capture, and analyze specific or all the packets checked by that filter. To make things look normal, smart hackers who are in favor of this method use some other techniques to make the same packets received by their machines automatically copied and sent to the real destination. And whatever we said about packet sniffing on local networks is applicable on the biggest network, the Internet. The Internet is a global system that connects all local networks in the world. However, if the hacker is sniffing on the internet to hack someone's information, the hacker's computer must be in the same neighborhood of the victim (Ansari et al.)
Surprisingly, social engineering is also used among hackers to trick people into giving away sensitive information such as password and ID's. Most social engineering hacks are done using the telephone calls, which makes it hard to catch the perpetrator. Hackers call people and pretend to be their network administration manager, a co-worker, or a network technician in order to get as much sensitive information as they can, or to persuade the person at the end of the other line to do what will make their attacks easier. The best example of this is the AOL hack. The hacker spoke with an AOL's tech supporter for an hour, and during the conversation he mentioned that he had a car for sale at a great price. The tech supporter was interested, and the caller sent a picture of the car attached on an e-mail to the AOL's employee. However, a back door program was embedded into the picture of the car, so when the tech supporter clicked on the picture he installed a back door program out the AOL through the firewall. The result was the confidential information of more than 200 accounts revealed to the hacker (Granger.)
Sarah Granger says:" Of course, no social engineering article is complete without mention of Kevin Mitnick". To complete the previous paragraph here is the story of this hacker. Mitnik was the most-wanted computer criminal in the United States in the 1990's. During two and half years of his hacking rampage, he broke into some of the biggest technological companies in the world. Sun Microsystems, Nokia Mobile Phones, Motorola, University of Southern California, and other big companies were all Mitnick's victims. His most famous skill was on his social engineering. (Granger.)In 2000, when Mitnik testified by the congress, he said." Companies can spend millions of dollars toward technological protections and that's wasted if somebody can basically call someone on the telephone and either convince them to do something on the computer that lowers the computer's defenses or reveals the information they were seeking."(Schneier 267.) During 3 years, starts January 21, 2000, of his supervised release, Mitnick was forbidden to use any kind of communication technology other than the landline telephone. From 2003 until today, he manages Mitnick Security Consulting LLC, a computer security consultancy.
At this point, and to make a complete picture of what already been explained, it will be helpful to briefly remind you of the differences between those methods. Trojan horse, viruses and back door programs are files embedded to a trusted one, but they are inactive without an action (click) from either the user or the attacker in the target computer. Instead, the worm stands by itself and automatically sends replicates from one system to another without anyone's interaction. Trojan horse, backdoor programs are to gain administrator-level access on the victim's computer. Viruses and worms are to damage either the system's software, hardwires or both, packet sniffing is to steal data from a neighbor, and DoS is to take a system down and make it easier to be hacked. At the end of the list, social engineering is used either to reveal sensitive information of a certain system from someone or to persuade that person to do what makes the previous techniques useful and workable.
To sum up, hacker techniques and tools are constantly and quickly developed. Hackers are continually inventing new attack techniques and strategies to gain illegal access to our systems and attack them. The quick manner these tools and techniques are evolved makes it so difficult for organizations to develop and implement the appropriate and necessary actions to prevent their attacks.
"In fact, a hacker with the right combination of skills and morals could probably take down the Internet." (Schneier 24).However, many people think that they are safe with their Windows 7 firewall, or any other paid antivirus software. They think that they are not a target for hackers, and that those bad hackers will never think of hacking them. They believe that since their system has no regarded value, no one would want to hack into it. Or because their computers have dynamically assigned IP addresses, no one would find them even. They may feel that their Windows 95 desktop has no value, but attackers still can find great benefit in their system. Their computers may be used as an intermediary for another attack. Also they may use their hard drive to store the entire stolen credit card information they have collected from their attacks. So, if you are thinking that you are completely protected on the Internet, then you need to think again.
Schneier, Bruce, Secrets & Lies: Digital Security in a networked World, New York, Wiley Computer Publishing, 2000.
Granger, Sarah," Social Engineering Fundamentals, Part I: Hacker Tactics," Security Focus, December 18, 2001. http://www.securityfocus.com/comments/infocus/1527/951
Noordergraaf , Alex, "How Hackers Do It: Tricks, Tools, and Techniques," Sun Microsystems .May 2002. http://www.sun.com/blueprints/0502/816-4816-10.pdf
Seeley, Donn, "A Tour of the Worm." University of Utah, 1988.
Ansari, Rajeev S.G. and Chandrashekar H.S. "Packet Sniffing: A Brief Introduction." University Utara MALAYSIA., DECEMBER 2002/JANUARY 2003
Weaver, Staniford and Vern, "Very Fast Containment of Scanning Worms." International Computer Science Institute, 2004. http://www.icsi.berkeley.edu/~nweaver/containment/containment.pdf