This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
On 12 January 2010, the most popular search engine in China, Baidu, was unusable for about 4 hours. This is because Baidus DNS records were hijacked by a group known as the Iranian Cyber Army. Later, a well known Chinese hacktivist group, the Honker Union of China, responded by attacking Iran websites and leaving messages.
During these several years, time and again we hear news about network hacking. But what is hacking? As a matter of fact, it is not easy to give a simple definition of hacking.
Hacking refers to the re-configuring or re-programming of a system to function in ways not facilitated by the owner, administrator, or designer. The term(s) have several related meanings in the technology and computer science fields, wherein a hack may refer to a clever or quick fix to a computer program problem, or to what may be perceived to be a clumsy or inelegant (but usually relatively quick) solution to a problem.
The original meaning of hack was born at Massachusetts Institute of Technology. It was used by mathematician John Nash as a putdown which originally meant an elegant, witty or inspired way of doing almost anything. Now the meaning has changed to become something of a portmanteau term associated with the breaking into or harming of any kind of computer or telecommunications system.
According to Wikipedia, there is a distinction between security breaking and hacking. Cracking would be a better term for security breaking. However, here I prefer to discuss the effects of hacking events rather than doing research to the meaning of these terms.
This paper will begin with the history of hacking.
When it comes to the history of network hacking, the birth of internet has to be mentioned. In 1969, Arpanet, the forerunner of the internet, was founded. At this time, there were only four nodes in Arpanet which consisted of the University of California Los Angeles, University of California Santa Barbara, the Stanford Research Institute and University of Utah.
In the 1970s, hacking was all about exploring and figuring out how the wired world worked. In this period, an early hacker, John Draper, discovered a way to make free long-distance call. He blew a precise tone into a telephone to make the phone system to connect with others. Later he earned the handle Captain Crunch. Throughout the 1970s, he was arrested repeatedly for phone tampering.
At the same time, computer virus appeared. For the first time, the Creeper virus was detected on Arpanet. Creeper was an experimental self-replicating program written by Bob Thomas at BBN Technologies in 1971. In October 1980, Arpanet came to a crashing halt because of the accidental distribution of a virus.
First National Bank of Chicago was the victim of a $70-million computer heist in 1988. Seven criminals carried out embezzlement in the First National Bank of Chicago. They transferred 70 million dollars to an account in a bank of New York, then, from there, to two banks in Vienna. They ordered these transfers by telephone. When the bank tried to call the customers to confirm the transfers, all the calls were diverted towards the residence of one of the criminals.
In 1988, Robert Morris set off an internet worm program that quickly replicates itself to over 6,000 hosts bringing almost the whole network to a halt.
In 1993, Kevin Poulsen, Ronald Austin and Justin Peterson conspired to rig a radio phone-in competition to win prizes. The trio seized control of phone lines to the radio station ensuring only their calls got through.
In 2000, there were several serious hacker attacks caused by some infamous viruses, such as Y2K bug, I Love You virus, Melissa virus, etc. These kinds of viruses were well-documented by the media and experienced directly through the rapidly growing number of casual web surfers. Some of the most popular Internet sites, like CNN, Yahoo, E-Bay and Datek, were their victims at that time.
Since 2000, viruses and attacks have become increasingly commonplace ï¿½C too many to mention. At the same time, techniques of attacks and defense developed rapidly.
Network hacking could be done by using different techniques and different ways. As to Baidu, how was it hacked? The news said that Baidu.coms DNS was hijacked. Then what is DNS hijacking?
The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. The Internet maintains two principal namespaces, the domain name hierarchy and the Internet Protocol (IP) address system. The Domain Name System maintains the domain namespace and provides translation services between these two namespaces.
DNS hijacking or DNS redirection is the practice of redirecting the resolution of Domain Name System (DNS) names to rogue DNS servers, particularly for the practice of phishing, or to direct users to the ISP's own servers.
Now I want explain the difference between normal DNS request and hijacked DNS request by using Baidu as example.
The process of handling a normal DNS request is as follows
(1) Enter http://www.baidu.com in the navigation bar of browser;
(2) Computer sends DNS request to DNS Server;
(3) DNS Server translates http://www.baidu.com to IP address 119.xxx.209.xxx;
(4) DNS sends IP address 119.xxx.209.xxx back to the request computer;
(5) The user accesses the website http://www.baidu.com normally.
If DNS is hijacked, the process is same as the one above. But the address records of Baidu in DNS record caching of Register.com has been modified by the hacker. Now in step (3) above, the IP address of Baidu is not translated to 119.xxx.209.xxx but the one which is appointed by the hacker. Consequently, the user accesses the website appointed by the hacker instead of Baidu.
We can see that in order to hijack Baidus DNS, the hacker need to crack into the system of Register.com first. To some extends, Register.com was hacked as well. In fact, Register.com suffered a major DDoS attack on April 1st, 2009, downing thousands of web sites. What is DDoS attack?
Distributed Denial-of-server (DDoS) attack aims at making computer or server resource unavailable to its intended users. There are another two similar kinds of attacks, DoS (denial-of-server) attack and DRDoS (Distributed Reflection Denial of Service) attack. They are implemented by either forcing the targeted computer(s) to reset, or consuming its resources so that it can no longer provide its intended service or obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately.
All of them launch attacks by using the loophole of TCP three-way handshake. The attacks do not require completion of the TCP three-way handshake and attempt to exhaust the destination SYN queue or the server bandwidth. Since the source IP addresses can be trivially spoofed, an attack could come from a limited set of sources, or may even originate from a single host.
But these three attacks are different. DoS attack is like fight one on one. Hacker uses his own machine to consume targeted machines resources. But if the target machine is too powerful, the attack would fail.
Compared to DoS, DDoS is more like mass brawl which means several computers consume the resources of the victim machine at the same time. But how can hacker make several even lots of computers to do this? DDoS occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. These systems are compromised by attackers using a variety of methods. Attacker may use Trojan to comprise others systems. Attackers can also break into systems using automated tools that exploit flaws in programs that listen for connections from remote hosts. One of the classic examples of DDoS tool is Stacheldraht. It detects and enables source address forgery automatically. It combines features of Trinoo with TFN (Tribe Flood Network), and adds encryption.
There is an interesting saying that hacking is a kind of promotion. Someone hold this opinion because hacking makes difference in some aspects.
Hacking promotes the development of information technology. Techniques of hacking have developed rapidly during these several years. In 2009, Kingsoft Internet Security detected 20,684,223 new viruses and Trojans in China. Someone has summarized 300 network attack methods of different kinds appeared between 2006 and 2009 (see reference ). From that article, it could be found that the hacking techniques is becoming more and more complicated, the speed of attacks is becoming faster and faster and the effects of attacks is becoming more and more destructive. At the same time, the defense techniques develop quickly as well. One of the convictive evidence is Cloud Security technique. Almost all the famous IT security corporations have products using Cloud Security.
Thanks to network hacking, a new industry came into being during these 20 years. Yes, it is IT Security. The firewall was invented in 1980s. The first paper about firewall was published in 1988. As to antivirus software, the first publicly documented removal of a computer virus in the wild was performed by Bernt Fix in 1987. But today, there are thousands of IT security corporations all over the world. According to Gartner, a world's famous information technology research and advisory company, the sales revenue of IT security software in the whole world in 2008 is more than $14.5 billion. Besides, this number will keep increasing by 9.1% in the next several years.
Iranian Cyber Army hacked Twitter and Baidu in order to pursuit their political views. As to this kind of hackers, they consider network hacking a way to promotes their political idea. They always leave some political messages while they are hacking some famous websites.
However, many other people regard network hacking as destruction.
First of all, some hacking events make great economy cost. In 2000, the notorious I Love You virus was estimated to have cost the global economy close to $9 billion, which made it as the most harmful hacker-created virus to date. In 2009, according to a report filed by the Internet Crime Complaint Center (IC3), online scams and other types of cybercrime cost computer users more than $559 million in losses in US. As to Baidu, the DNS hijacking made it lose more than $100 million directly within 7 hours.
Most hacking events infringe others privacy right. If a hacker breaks security of the system in a machine, then he could use this machine to do anything he wants. In this situation, the machine owner could not protect his privacy. The hacker can get all data in this machine, such as photos, personal information, etc. The hacker can also use this machine to monitor what the owner is doing or attack others machine.
Some international network attacks taint foreign relations. After Baidu was hacked, the Honker Union of China attacked Iran websites as revenge. This event causes the tension between two governments.
Different hacking events have different effects. And there are different kinds of hackers. Some are profit-driven hackers which launch attacks in order to get profits. In the eyes of law, this is cybercrime. The hacker may get profit directly or be hired to do hacking. Another kind of hackers is frame-driven hackers. They want to be famous or have other attempts. No matter which kind of hackers they are, I cannot agree with their behaviors.
But on the other hand, as a student of computer science, I can understand the excitement and sense of achievement to hack a system. It is said that hacking is an art of exploitation. To some extent, hacking is a creative problem solving. It exploits holes in sloppy programming that most programmers cannot find. In the worlds of Jon Erickson, Hackers are always pushing the boundaries, investigating the unknown, and evolving their art.
In conclusion, hacking as a kind of study or research is promotion. But it is destruction when it is abused.