This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
A hacker is a person who infiltrates an organizations system through unauthorized means, or someone who harms the organization's systems. To define a hacker is not necessarily to define a specific person, but rather a culture of individuals. A hacker could be a person with a malicious intent or simply a person trying to prove his or her technical prowess. Some attackers are disgruntled employees and others are people who do it for personal gain, seeking fame or money.
Many hackers have achieved fame, and some have become computer consultants for security systems. The hacker is simply someone who attacks systems, sometimes for illegal gain. The hacker personality differs, and attacks are made on systems for different reasons. The purpose of some attacks is to shut down a competitor's Web site. Attacks that are seen at government Web sites are often similar to graffiti on a wall, where hackers might write "This page has been hacked" across the screen. Just as there are many different personalities that make up thehacker, there are many types of hacks.
LOOKING FOR THE HACK
Anytime information is cached in memory, transmitted through a network, or stored in a computer, that information is susceptible to being read, written, or redirected. The same hacking principles apply just as much to redirecting keyboard input as to data being transmitted through the Internet since a commonhacker attack is to sniff communication lines for usernames and passwords.
GRABBING AND TRANSMITTING KEYS
If the attacker wants to capture the keystrokes from a computer, he simply needs to store the keystrokes in a log file and transmit them when the computer connects to the Internet. Any password or username, credit card number, or company information typed into the computer could have been saved to a log. The unnamed operating system that I used was one from ten years ago, but the concept applies today. Ahacker could use the same technique to read keyboard entries and send the entries to a log file on a temporary machine. The hacker can use a temporary machine to avoid being traced and pick up the keystroke file when the access seems safe. The log can contain everything that a user entered on the keyboard, including passwords.
A keyboard sniffer is a common hacking routine. Some commercial products even use similar routines to keep tabs on employees or children to check their activities. The keyboard sniffer could masquerade as a driver or library. All ahacker needs is a chance to install the program on the computer.
There are several things that a hacker has to do to read the keyboard entries from a computer. First, a program has to be installed on the local machine with privileges to read the keyboard; and second, the program must transmit the information to the hacker's location. If the key log is transmitted to the hacker's site, the log can be used by the hacker for a replay attack.
The privilege to read from the keyboard has changed over the years in most operating systems. To read a keyboard, the process or program needs the same access that a device driver would have, which is the system-level privilege. A system-level privilege is the access that a "root" administrator is granted when logging in to the computer. The program would have to be installed by an administrator user. So the attacker would also have to have administrator privileges to install such a program. Thehacker would normally need a key logging utility to get the administrator password in the first place.
Social engineering is the ability to gain access to systems by social interaction. The interaction may be formal or informal in nature. A renowned tactic is to call in as a senior officer's wife or secretary to the IT department and complain that a password isn't working. The next step is to convince the IT department to perform the reset password process. IT departments and customer service centers could be a weak link unless they strengthen their authentication process. Some centers have employed techniques like requesting a mother's maiden name and other weak passwords before they regenerate a password. Once this is done, they will only send the password by e-mail, which further weakens the process.
Some of the biggest cracks into computers stem from people acquiring information in a social environment. Understanding an organization's systems can best be gained by being good friends with the people who install or maintain them.
CRACK IN THE SYSTEM
Monitoring a secure system might not do much good unless there is a crack in the security of the system. A crack is a way to break a system. Just like someone who wants to rob a house and not get caught, thehacker must establish a plan for entering the system, grabbing assets, and covering his or her tracks. The difference between robbing a house and grabbing resources from anorganization is that a hacker can leave digital fingerprints that can be erased after the crime. There is still the risk of getting caught, so the hacker usually has a motivation worth getting into trouble for if he is ever caught. For example, if an organization advertises the distribution of new software that will make a lot of money, a hacker is likely to go after that resource. A hacker will case the place or, in other words, monitor the traffic going in and out of the organization for security vulnerabilities.
The hacker might even attach a program to act as a listener, or sniffer, to discover security vulnerabilities. The sniffer can save the information to a log and send the information to the hacker's secure system. After the place looks safe and the hacker has sufficient knowledge to accomplish the hack, the hacker will perform the hack. The hack may involve further penetration into the system such as creating a backdoor (a login that bypasses security mechanisms), or grabbing a new program, or placing an e-mail monitoring device on a CIO's computer system. When the break in occurs, like any other professional, thehacker is going to have tools (in this case software tools) that are used to thwart security defenses.
Some attacks are not planned. For example, a hacker may FTP into a company site and accidentally find the company's source code open to the world and take it. Granted, the company source should be protected, but if it is not someone is bound to take it.
Other hackers may be a little more physical, such as stealing a laptop from the organization so that they can scan the hard disk; there are tools that can be used to scan the physical hard disk without login. They could then use the information found on the laptop. These resources could be bank account numbers, credit card numbers, passwords, computer programs, or anything else of value.
DIFFERENT TYPES OF HACKS
Most hacks seek an entry point to the system. The entry point could be reading the network packets or social engineering the person who has a password. The entry point is important because of its potential to expose the security leak.
A passive hack attack is one in which nothing is changed or harmed on the system. Both of the previous examples, keystroke monitoring and replay attacks, are examples of passive attacks. The other type of hack is an active hack attack. During an active hack programs are changed and corrupted. An example of an active hack is changing the organization's Web pages.
THE PASSIVE HACK ATTACK
The passive hack is merely observing information without corrupting or changing the information. The passive hack includes:
ââ‚¬Â¢ Sniffing the network
ââ‚¬Â¢ Probing the programs that are running
ââ‚¬Â¢ Scanning the memory of the computer
ââ‚¬Â¢ Scanning the files of the system
THE ACTIVE HACK ATTACK
The purpose of the active hack attack is inherently different than the passive one; the active hack not only infiltrates but also corrupts the organization's systems for the hacker's use. The active hack may involve viruses, worms, backdoors, impersonators, and redirectors. An example of an active hack is a corrupted site or Web page. Another active attack is the denial of service attack.
The denial of service attack prevents users from accessing system resources. For example, some servers will not allow users to fail a login more than a specified number of times, so a hacker will try to log in until a user's account is disabled and the user no longer has access to the server.
The motivation behind active and passive attacks is different. The passive attack is similar to spying to retrieve information. The active attack is motivated by the need to destroy the organization's computer. A disgruntled employee or a competing company could motivate the active attack. The passive attack hides the attack by not showing signs that anyone has been on the system. The active attack hides the attack by destroying enough of the system so that no digital fingerprints are left on the system. The active and passive attack can be used in combination to both read information and cover the tracks of the hacker. The passive attack, while not destroying the systems, can also do harm to the overall organization. The hacker who gets information from the passive attack can use it for insider trading, to publish derogatory information about the organization, or to publish the organization's trade secrets.
Attacks are not only described as active and passive, but can be organized by the system or subsystem that is attacked and the style in which it is attacked. The type of the attack could be a worm, virus, impersonator, redirector, or sniffer. The systems that can be attacked are networks, the computer system, or the enterprise system.
III year -cse