This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
In today's society, where technology and the Internet seem to guide and control almost everything in our daily lives, a new threat has entered our consciousness. Many of us look at hackers as criminals, but only a few of us respect them. Everyone seems to know who hackers are, what they look for, and their motivations. However, there is a major misconception about the original meaning of the term "hacker" that nobody seems to pick up on.
A hacker is a skilled computer user. The term was denoted a skilled person in computer programming, with a good knowledge of the computer and its operating systems. The term hack came from the fact that a skilled person in programming could always hack any system around until he fixes its vulnirabelities. It was for the good guys (Schneier 43).
Lately, the media tends to make you believe that hackers are a major threat. On his book, Schenier says:"It used to be a compliment; then it became an insult." What people seem to assign for only the bad guys (hacking) who threaten the way of their life, has been around for decades. (Schneier 43)
In fact, and as any other profession, the term bad and good can be assigned for the same single profession. There are good hackers and bad hackers, just as there are a good electricians and bad electricians.
In this research paper, we are going to explore the dark side of hackers (the bad hackers), take a glimpse behind the curtains to present the methods they involve in their attacks, not to use them, but to get an idea how we can prevent our systems from their threats.
Attacks on companies, personal, or organizations' computer systems take many different forms; in this research we will discover seven wide-spread hacker's common methods: Trojan horse programs, back door and remote administration programs, denial of service, viruses, worms, packet sniffing, and social engineering.
Before we get into each method, I must mention that the list cannot be barely limited to those mentioned, just, because hacker's attacks are performed for unauthorized activities. For that reason, explanations or discussions about some types of attacks cannot be found.
First on my list, is the Trojan horse. Trojan horse is a harmful piece of software embedded in another trusted piece of software. The term Trojan horse comes from the Greeks history. According to the traditional story, the Greeks won the Trojan War by hiding in a huge, hollow wooden horse to sneak into the fortified city of Troy. The horse was built and filled with hidden Greek warriors before to be given as a gift to the city of Troy. Once they were inside the city, they massacred the Trojans in the night, stole their wealth, and burned the city. (Schneier 155-156)
Following that analogy, and as Cisco, one of the world's biggest technology corporations, describes, "It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems". Trojan horse programs pose as legitimate programs or files that users may recognize and want to use. Files like .jpg, .pdf or .doc are mostly used to trick victims. It is useful tool that allows hackers to remote access to a target computer system when the victim load and execute those kinds of harmful files, which facilitates unauthorized access to the user's computer system.
Trojan horses collect all useful information from the affected system, and gives, almost, a full control of the system to the attacker. Credit card information, user-names and passwords are sent to the hacker. Installation, deletion, downloading or uploading of files on the user's computer is under the hacker's control. Change the system configurations, run programs, full control on the keyboard and mouse, turn tall the connected devices on and off, and see whatever is on the server's screen are all other options.(Schneier 156) And what is left worse than crash the entire computer by a simple click?
Another form of attack is called a denial-of-service (DoS) attack. This type of attack generally consists of preventing an Internet site or service from operating efficiently or at all, temporarily or indefinitely. Hackers preparing DoS attacks typically target sites or services hosted on high-profile web servers such as banks, credit card companies, and on-line stores. The trick behind this technique is to let the system process too much data out of its capability. In a typical connection, when the user enters a website, the computer automatically sends a message to the server asking for authentication. The server returns an authentication approval to the computer. The computer receives this approval and then is allowed to access onto the server. However, in a denial of service attack, the attacker sends several authentication requests to the server, out of its capability. All of his requests have false no-existing addresses, so the server cannot find the computer when it tries to send the authentication approval back to it. The server waits, couple minutes, before closing the connection. When the server closes the connection, the attacker sends a new batch of requests, and the server begins again to send the authentications back to unfounded users, and that's what ties the server up indefinitely, so it becomes "Out of Service" (Schneier 182.)
There is another advanced DoS technique that involves even a Trojan horse programs. The hackers can create an "agent", victim, frequently through a Trojan horse program, that runs on the compromised computer awaiting further instructions. Then, when a number of agents are under control and running on different computers, the intruder can instruct all of them to launch a denial-of-service attack on another system. Thus, the end target of the attack is not those "agents'" computers, -- they are just a convenient tool in a larger attack, but the affected system by the DoS attack .(Schenier 184)
Another tool commonly used by intruders to gain remote access to someone's system is "Back door and remote administration programs". On Windows computers, three programs allow to this intruders are BackOrifice, Netbus, and SubSeven. These back door or remote administration programs, once installed, allow other people to access and control a computer from any point in the world. Most backdoors are a small malicious programs that must be installed to a computer while remain hidden from casual inspection of antivirus programs. Typical backdoors can be accidentally installed by unaware users. This may be accomplished in different ways. It may be through attaching the program to e-mail messages, viruses, worms or even spyware, or being downloaded from the Internet using file sharing programs. Usually those malicious files are given unsuspicious names which leads users into opening them and excuting them in their computers (Noordergraaf.)
Like a human virus, a computer virus has the reproductive ability to spread from one point to another affecting the parts of each as it travels through. Computer viruses take a form of executable files that can be carried on removable medium such as CD, DVD, floppy disk, or USB flash drive, or be sent over the network or the internet. Executable file, .exe, in computer science, is a kind of files that don't do anything unless you run them -click on the file-. This means that a virus may be in your computer but it cannot infect any part of it unless you run it. After the victim click on the virus, the virus becomes active to do whatever damage it is programmed for with one more thing, the reproductive ability. Once the virus is active, it copies itself on all removable mediums connected to the infected computer, and when this removable mediums are plugged into another computer, the virus has just to wait to be active by the next victim. However, hackers are able to spread a computer virus, knowingly, by sharing infecting files with a given unsuspicious name or sending e-mails with viruses as attachments in the e-mail. Schneier claims on his book, "Secrets & Lies." that," Viruses have no "cure", it's been mathematically proven that it is always possible to write a virus that any existing antivirus program can't stop."(Schneider 154)
Hackers also use worms to damage systems. By design, worms are similar to viruses. Both are created to inflict damage to the targeted systems. But unlike a virus, a worm has the ability to travel without any human action (Seeley.) Also unlike viruses, a worm is self-replicating software that doesn't hide on any other executable file, but it exists by itself. So rather than the infected computer sending a single worm to any connected removable device, the worm replicates itself on your system sending out hundreds or thousands of copies to any removable device plugged on your computer, and any connected computer to yours by either network or Internet. The capability of a single worm to replicate itself can make a huge devastating effect. For instance in 1988 Robert T. Morris released his famous internet worm from one computer to crash 10 percent of the Internet's computers. (Shneier 155)
Another example of worms that most of us, unconsciously, know is the one spread over the email addresses. This kind of worms send a copy of themselves to everyone listed in someone's e-mail address book. Then, the worm replicates and sends itself out to the address book of everyone received it, and the chain goes on. To understand to what extent worms are dangerous, in 2000, the famous worm "ILOVEYOU" attacked tens of millions of Windows computers and made different malicious changes to the victim's system (Schneier 158.)
Packet sniffing is a stealing tool hackers use to gain sensible information from their victims. To keep our connections in high performance, the data transferred from and to our computers are in form of "packets". Think of "packets" as slices of information send separately and momentarily to be gathered on its final destination as a single file. In a simple local area network, where computers share an Ethernet ware, all packets that travel within this network is seen by every computer on it, but it is not received by all of them. When computer A sends information to computer B, the packets has to travel through every node on that local network, then a network filter in each computer discards the packets not addressed to it, and the process goes on till the packets reach their destination, computer B. If a hacker in a computer C tends to steal information traveling through the network, he/she disables the network filter on his/her machine in the way the computer will receive, capture, and analyze specific or all the packets checked by that filter. Smart hackers who are in favor of this method use some other techniques to make the same packets received by their machines automatically sent to the real destination. And whatever we said about packet sniffing on local networks is applicable on the biggest network, Internet. The Internet is a global system that connects all local networks in the world. However, if the hacker is sniffing on the internet to hack someone's information, hacker's computer must be in the same neighborhood of the victim (Ansari et al.)
Surprisingly, social engineering is also used among hackers to trick people into revealing sensitive information such as password and ID's. Most social engineering hacks are done using the telephone calls, which makes it hard to catch the preparatory. Hackers called people and pretend to be their network administration manager, co-worker, or a network technician in order to get as much sensitive information as they could, or to persuade the person at the end of the other line to do what will make their attacks easier. Best example of this is AOL hack. The hacker spoke with an AOL's tech supporter for an hour, and during the conversation he mentioned that he had a car for sale at a great price. The tech supporter was interested, and the caller sent an e-mail attachment with a picture of the car. However, what was supposed to be a picture of the car was hidden an executable file that installed a backdoor out AOL through the firewall. The result was the confidential information of more than 200 accounts revealed to the hacker (Granger.)
Sarah Granger says:" Of course, no social engineering article is complete without mention of Kevin Mitnick". To complete the previous paragraph here is the story of this hacker. Mitnik was the most-wanted computer criminal in the United States in the 1990's. During two and half year of his hacking rampage, he broke into the biggest technological company in the world. Sun Microsystems, Nokia Mobile Phones, Motorola, University of Southern California, and other big companies were all Mitnick's victims. His most famous skill was on his social engineering. (Granger.)In 2000, when Mitnik testified by the congress, he said." Companies can spend millions of dollars toward technological protections and that's wasted if somebody can basically call someone on the telephone and either convince them to do something on the computer that lowers the computer's defenses or reveals the information they were seeking."(Schneier 267.) During 3 years, started January 21, 2000, of his supervised release, Mitnick was forbidden to use any kind of communication technology other than the landline telephone. From 2003 until today, he manages Mitnick Security Consulting LLC, a computer security consultancy.
At this point, and to make a complete picture of what already been explained, it will be helpful to briefly remind you of the differences between those methods. Trojan horse, viruses and back door programs are files embedded to a trusted one, but they are inactive without an action (click) from either the user or the attacker in the target computer. Instead, the worm stands by itself and automatically sends replicates from one system to another without anyone's interaction. Trojan horse, backdoor and administration programs are to gain administrator-level access on the victim's computer. Viruses and worms are to damage either the system's software, hardwires or both, packet sniffing to steal data from a neighbor, and DoS to take a system down and make it easier to be hacked. At the end of the list, social engineering is used either to reveal sensitive information of certain system from someone or to persuade that person to do what makes the previous techniques useful and workable.
To sum up, and again, hacker techniques and tools are constantly and quickly developed. Hackers are continually inventing new attack techniques and strategies to gain illegally access to our systems and attack it. The quick manner this tools and techniques are evolved makes it so difficult for organizations to develop and implement the appropriate and necessary actions to prevent their attacks.
"In fact, a hacker with the right combination of skills and morals could probably take down the Internet." (Schneier 24).However, many people think that they are safe with their Windows 7 firewall, or any other paid antivirus software. They think that they are not a target for hackers, and that those bad hackers will never think of hacking them. They believe that since their system has no regarded value, no one would want to hack into it. Or because their computers have dynamically assigned IP address, no one would find them even. They may feel that their Windows 95 desktop has no value, but attackers still can find great benefit in their system. Their computers may be used as an intermediary for another attack. Also they may use their hard drive to store the entire stolen credit card information they have collected from their attacks. So, if you are thinking that you are completely protected on the Internet then you need to think again.
Schneier, Bruce, "Secrets & Lies: Digital Security in a networked World," Wiley Computer Publishing, 2000.
Granger, Sarah," Social Engineering Fundamentals, Part I: Hacker Tactics," Security Focus, December 18, 2001.
Noordergraaf , Alex, "How Hackers Do It: Tricks, Tools, and Techniques," Sun Microsystems .May 2002.
Seeley, Donn, "A Tour of the Worm." University of Utah, 1988.
Ansari, Rajeev S.G. and Chandrashekar H.S. "Packet Sniffing: A Brief Introduction." UNIVERSITI UTARA MALAYSIA., DECEMBER 2002/JANUARY 2003
Weaver, Staniford and Vern, "Very Fast Containment of Scanning Worms." University of California, Berkeley, 2004.
"What Is the Difference: Viruses, Worms, Trojans, and Bots?" CISCO, 2010