The incessant quest of the human mind has conceived almost all of the world's crucial inventions. Hacking goes back to the same human desire to know and therefore explore things. Computer hacking is a practice of peeking into the extreme technical details of any computer application, program or entire system in order to extend its capabilities or change its functionalities. People who correctly follow this hacking practice are termed as 'hackers' . A hacker's vision to solve any technical problem is undoubtedly beyond the perception of any normal computer expert. Open source coding has been very beneficial for hackers to test and invent due to their passion for programming, let's say UNIX is the best example.
Figure 1: Representational Image for Computer Hacking
This practice can be ethical or unethical. The activity where someone breaks into the system but does not violate your security and credentials is called Ethical Hacking . Ethical hackers aim to bring vulnerabilities and gaps in the system to the administrator's attention, improving robustness and security. They are pure technology geeks with immaculate programming skills and working knowledge of computer hardware and software. On the other hand, there are people who can break into systems, gain access to secure accounts, but their actions are usually unauthorized while making a backdoor entry into your system. These people (often misunderstood as hackers) are called 'crackers' . They try to crack passwords, security codes, etc. using various hacking software that are already available. These software aim to break the code using millions of tests programmed by other hackers.
Although hacking can be really useful when companies hire hackers to check the security of their network and transactions, it can be equally harmful even for an individual who operates his personal computer at home.
Footprint
What is the first step someone would take before seeking admission to a university or college? Unanimously, it must be primary research on the institute. Footprinting is an analogous step that hackers take before gaining access to any network. An organization's systematic footprint allows attackers to create a complete profile of an organization's security posture, such as system architecture, network blocks, and exposed IP addresses on the Internet. Hackers obtain target recognition by following a sequence of steps such as:
1. Open source footprint – The first step a hacker takes is to visit a potential target's website. It then looks for the contact details of administrators who can help with password guessing or Social Engineering.
two. Network Enumeration – This is the next step in obtaining information where the hacker tries to identify the domain names and network blocks of the target network.
3. Scanning – Once the network block is known, the next step is to spy on active IP addresses on the target network. The Internet Control Message Protocol (ICMP) is a good alternative for identifying active IP addresses.
4. Stack Fingerprinting – Once the hosts and port have been mapped by scanning the target network, the final footprinting step can be performed. This step is called stack fingerprinting. This is the process of determining the operating system and different versions of services running on the target hosts.
There are different ways a hacker can attack a system to gain access, which can be:
· A backdoor program entry.
· Through unauthorized executable files called viruses and worms
Phishing
· Phishing
· Password cracking
· Denial of Service (DoS) attack, or
· Fake web pages
· The TRINOO Attack
In a backdoor program entry, the hacker gains access to your programs, files, personal details, browsing details, etc. and easily makes all types of possible changes like edit, delete, copy. And unfortunately! The user whose machine is in clearing may not even realize they have been hacked. These backdoor entries are installed on the targeted machine, usually via user executable files called 'Trojan'. Well, the art of hacking is to design these malicious programs called Trojans which aim to monitor and control the target computer unofficially.
Hacking viruses and worms is pretty self-explanatory and is the most common way to infect a target machine. Viruses and worms are malicious programs that can affect the system, but there is a slight difference in the way they affect the system. A virus, like human viruses, is attached to executable files and programs and has the ability to travel from one system to another. The important feature of a virus is that it affects the system or files only if you run or open the malicious program. Whereas worm is a subcategory of viruses that can replicate and travel from one system to another with other files and data. Worms do not need any human interaction to affect your system, meaning they can affect your system even if you do not run or open the malicious program. For example, a worm could send a copy of itself to everyone listed in your email address, then replicate itself again and send it to every contact in the recipient's address book. Hence, it can affect an entire network very quickly and is a more dangerous form of virus.
Phishing
Phishing is another clever hacking technique used as a trap by hackers to steal your personal details such as name, address, passwords, credit card numbers, etc. Hackers create phishing sites with familiar logos, mottos and graphics that are fake but similar web pages to their own bank or usual browsing sites and encourage users to enter their personal details. They may even send fake messages demanding to recover your lost data. Again a trap..!! So users, be careful with these baits. Do not respond to any of these emails and check the URL for a login block before entering your personal details. Legitimate websites always use this signal to indicate a secure connection.
Password cracking is the easiest way to gain access to a system. There are two password cracking modes; online and offline. In online guessing, the attacker uses a login prompt, tries one or more legal login names, and begins trying to guess the passwords for those login names. Some UNIX systems store the encrypted version of each user's password in a world-readable file. In offline mode, the hacker uses these encrypted files to guess the password.
A denial of service attack is an attempt to make a computer or Internet resource unavailable to intended users. 'SMURF' is a well-known type of DoS attack that relies on an attacker's ability to spoof the source IP address. Any system that uses an IP address as a means of authentication can be compromised by an attack known as IP address spoofing. The attacker sends a return packet request to the broadcast address of the intermediate network. From where the request is automatically relayed to all machines on the network. These machines then respond with a return packet. However, in the original attack packet, the attacker replaces his own true address with the original victim's address. The victim's machine is therefore flooded with many such responses which in turn increase the traffic on the victim's website. Consequently, the target machine is prohibited from carrying out any useful activity.
Putting it all together : When all of the above attacks are brought together, a complete ambush is generated. One such attack is the distributed denial of service attack or DDoS . DDoS attacks render a host useless by flooding it with maliciously derived traffic from many attacking machines. These attacks have drawn a lot of media attention in the recent past when popular Internet sites like Yahoo! and eBay was temporarily shut down after this attack. Trinoo is software that creates a network of master and daemon machines to launch a DDoS attack. DDoS attacks can pose significant threats to machines connected to the Internet. This is due to the distributed nature of this attack.
The practice of hacking is not just limited to computers but also cell lines or cell phones. Hackers from all over the world have created mobile hacking software called Bluetooth Hack Software . Once this software is installed on the target phone, the hacker can gain full access to the remote phone such as access to phone book, messages, internet, make calls, restore factory settings, etc.
Current scenario
In the current scenario, at this stage talking about cyber attacks and cyber crime is completely inevitable. Any illicit activity, in which the computer is used as an instrument to commit or perpetuate the crime, is registered as a cybercrime. Since the inception of the Internet (initially known as ARPANET) in 1969, the use of computers to access the Internet has increased at an enormous rate and therefore increased the sophistication of technical hackers in relation to cybercrime. Initially, when the Internet came into force, only a small provision was made to track or trace cyber attacks for Internet security. In the case of a benign user, cryptographic authentication of the information contained in IP packets was not foreseen. But today's cyber threat environment is far beyond the Internet's original design parameters. Currently, the Internet is subject to millions of cyberattacks and crimes around the world. Some of the recent cyber attacks are listed below:
. The first industrial cyber attack (on Siemens) was discovered in July 2010 using a computer worm called Stuxnet . It was also considered the first computer malware program that contains a PLC rootkit. A rootkit is a group of utilities that assist in configuring backdoors to the rooted machine for future access and help capture internal network information.
. As reported by Google Inc, it was the victim of a cyber attack on its operations in China in 2010, which resulted in the theft of its intellectual property.
. As recently as 2011, Sony reported an unauthorized theft on Sony's Playstation Network, which stole the names, addresses and credit card details of approximately 77 million account holders on the network.
. Other cyber crimes include credit card scandals, cyber squatting, phishing, child pornography, etc.
To control the rise in cybercrimes around the world, Internet service providers are employing various techniques to strengthen security on their networks. Various tracking techniques have been introduced to trace the approximate origin of such attacks. Each technique has its own set of advantages and disadvantages. Backscatter tracing The technique is mainly useful for spoofing attacks, in which attackers use source addresses from private IP address space. Centretrack, Hop-by-Hop tracebrack, ICMP are some other techniques also used.
In addition to unauthorized access, hacking has many advantages that result from the endless efforts of computer geeks who keep exploiting the system to expand its capabilities, such as speeding up your computer by increasing the available memory through the Boost Option ready on a drive flash, cache the most visited sites for fast Internet access and much more.