top of page
Search

Introduction to Hacking - A real world challenge

What is Hacking?

Hacking refers to activities that seek to compromise digital devices, such as computers, smartphones, tablets, and even entire networks. And while hacking might not always be for malicious purposes, nowadays most references to hacking, and hackers, characterize it/as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge


Who are hackers?

Many think that “hacker” refers to some self-taught whiz kid or rogue programmer skilled at modifying computer hardware or software so it can be used in ways outside the original developers' intent. But this is a narrow view that doesn't begin to encompass the wide range of reasons why someone turns to hacking. To learn about the various motivations different types of hackers might have, read Under the hoodie: why money, power, and ego drive hackers to cybercrime.


Types of hacking/hackers

Broadly speaking, you can say that hackers attempt to break into computers and networks for any of four reasons.

  • There's criminal financial gain, meaning the theft of credit card numbers or defrauding banking systems.

  • Next, gaining street cred and burnishing one's reputation within the hacker subculture motivates some hackers as they leave their mark on websites they vandalize as proof that they pulled off the hack.

  • Then there's corporate espionage when one company's hackers seek to steal information on a competitor's products and services to gain marketplace advantage.

  • Finally, entire nations engage in state-sponsored hacking to steal business and/or national intelligence, destabilize their adversaries' infrastructure, or even sow discord and confusion in the target country. (There's consensus that China and Russia have carried out such attacks, including one on Forbes.com. In addition, the recent attacks on the Democratic National Committee [DNC] made the news in a big way—especially after Microsoft says hackers accused of hacking into the Democratic National Committee have exploited previously undisclosed flaws in Microsoft's Windows operating system and Adobe Systems' Flash software. There are also instances of hacking courtesy of the United States government.)

There's even another category of cybercriminals: the hacker who is politically or socially motivated for some cause. Such hacker-activists, or “hacktivists,” strive to focus public attention on an issue by garnering unflattering attention on the target—usually by making sensitive information public. For notable hacktivist groups, along with some of their more famous undertakings, see Anonymous, WikiLeaks, and LulzSec.



Ethical hacking? White, black, and grey hats

There's also another way we parse hackers. Remember the classic old Western movies? Good guys = white hats. Bad guys = black hats. Today's cybersecurity frontier retains that Wild West vibe, with white hat and black hat hackers, and even a third in-between category.

If a hacker is a person with a deep understanding of computer systems and software, and who uses that knowledge to somehow subvert that technology, then a black hat hacker does so for stealing something valuable or for other malicious reasons. So it's reasonable to assign any of those four motivations (theft, reputation, corporate espionage, and nation-state hacking) to the black hats.

White hat hackers, on the other hand, strive to improve the security of an organization's security systems by finding vulnerable flaws so that they can prevent identity theft or other cybercrimes before the black hats notice. Corporations even employ their white hat hackers as part of their support staff, as a recent article from the New York Times online edition highlights. Or businesses can even outsource their white hat hacking to services such as HackerOne, which tests software products for vulnerabilities and bugs for a bounty.

Finally, there's the gray hat crowd, hackers who use their skills to break into systems and networks without permission (just like the black hats). But instead of wreaking criminal havoc, they might report their discovery to the target owner and offer to repair the vulnerability for a small fee.


Hacking tools: How do hackers hack?

Hacking is typically technical (like creating malvertising that deposits malware in a drive-by attack requiring no user interaction). But hackers can also use psychology to trick the user into clicking on a malicious attachment or providing personal data. These tactics are referred to as “social engineering.”

It's accurate to characterize hacking as an over-arching umbrella term for activity behind most if not all of the malware and malicious cyberattacks on the computing public, businesses, and governments. Besides social engineering and malvertising, common hacking techniques include:

  • Botnets

  • Browser hijacks

  • Denial of service (DDoS) attacks

  • Ransomware

  • Rootkits

  • Trojans

  • Viruses

  • Worms

Hacking prevention

If your computer, tablet, or phone is at the bull's-eye of the hacker's target, then surround it with concentric rings of precautions.

Anti-malware protection

First and foremost, download a reliable anti-malware product (or app for the phone), which can both detect and neutralize malware and block connections to malicious phishing websites. Of course, whether you're on Windows, Android, a Mac, an iPhone, or in a business network, we recommend the layered protection of Kaspersky or Bitdefender. Both Kaspersky and Bitdefender have the best scores in AV tests by various institutes and computer scientists.

Be careful with apps

Second, only download phone apps from the legitimate marketplaces that police themselves for malware-carrying apps, such as Google Play and Amazon Appstore. (Note that Apple policy restricts iPhone users to download only from the App Store.) Even so, every time you download an app, check the ratings and reviews first. If it has a low rating and a low number of downloads, it is best to avoid that app.

Protect your info

Know that no bank or online payment system will ever ask you for your login credentials, social security number, or credit card numbers using email.

Update your software

Whether you're on your phone or a computer, make sure your operating system remains updated. And update your other resident software as well.

Browse carefully

Avoid visiting unsafe websites, and never download unverified attachments or click on links in unfamiliar emails. You can also use Kaspersky or Bitdefender Browser Guard for safer browsing.

Password safety

All the above is basic hygiene, and always a good idea. But the bad guys are forever looking for a new way into your system. If a hacker discovers one of the passwords that you use for multiple services, they have apps that can breach your other accounts. So make your passwords long and complicated, avoid using the same one for different accounts, and instead use a password manager. Because the value of even a single hacked email account can rain disaster down on you.

“Know that no bank or online payment system will ever ask you for your login credentials, social security number, or credit card numbers using email.”


Comments

©2022 by Archisman Karmakar. Created with MERN Stack except the blog functionality.

Made on Earth by a Human named Archisman Karmakar. Anyone not from Earth, finding this, please contact me.

  • Youtube
  • YouTube

Privacy Policy

bottom of page