What is a hacker?
“Hacker” is one of those terms that has a different meaning depending on who uses it. Thanks to Hollywood, most people think of a hacker as a person who gains illicit access to a computer and steals things or breaks into military networks and launches missiles for fun.
These days, a hacker doesn’t have to be a top college geek breaking into banks and government systems. A hacker can be anyone, even the guy next door.
With a normal laptop, anyone can download simple software from the Internet to see everything that goes in and out of a computer on the same network. And the people who do this don’t always have the best of intentions.
A brief history of hackers
Today, the word “hacker” has become synonymous with people sitting in dark rooms, anonymously terrorizing the Internet. But it was not always like this. The original hackers were benign creatures. In fact, they were students.
To anyone attending the Massachusetts Institute of Technology during the 1950s and 1960s, the term “hacking” simply meant an elegant or inspired solution to any given problem. Many of the early MIT tricks tended to be practical jokes. One of the most outrageous saw a replica of a campus police car on top of the Institute’s Great Dome.
Over time, the word became associated with the burgeoning computer programming scene at MIT and beyond. For these pioneers, a trick was a feat of programming prowess. These activities were highly admired because they combined expert knowledge with a creative instinct.
Why does a hacker hack?
The motivations of hackers vary. For some, it is inexpensive. They earn their living through cybercrime. Some have a political or social agenda – their goal is to smash high-profile computers to make a statement. This type of hacker is called a cracker as its main objective is to break the security of high-profile systems.
Others do it out of sheer emotion. When asked by the SafeMode.org website why it defaces web servers, a hacker replied, “High-profile defacement gives me an adrenaline rush and then after a while I need another chance so I can’t stop.” . [1]
These days, we are faced with a new kind of hacker – your next door neighbor. Every day thousands of people download simple software tools that allow them to “sniff out” Wi-Fi connections. Some do this just to eavesdrop on what others are doing online. Others do this to steal personal data in an attempt to steal an identity.
The most common attacks
1. SideJacking / Sniffing
Side hijacking is a web attack method in which a hacker uses packet tracking to steal a session cookie from a website you just visited. These cookies are generally sent back to browsers unencrypted, even if the original website login was protected via HTTPS. Anyone listening can steal these cookies and then use them to access your authenticated web session. This made headlines recently because a developer released a Firefox add-on called Firesheep that makes it easy for an intruder sitting near you on an open network (such as a public Wi-Fi hotspot) to take advantage of many popular website sessions. For example, a hijacker using Firesheep could take over your Facebook session, thus gaining access to all of your confidential data and even sending viral messages and wall posts to all of your friends.
2. DNS cache poisoning
In DNS cache poisoning, data is entered into the Domain Name System (DNS) name server cache database that did not originate from authoritative DNS sources. It is an unintended result of a misconfiguration of a DNS cache or a malicious attack on the name server. A DNS cache poisoning attack effectively changes the entries in the victim’s copy of the DNS name server, so when you type in a legitimate site name, you are sent to a scam page.
3. Man-in-the-middle attacks
A man-in-the-middle attack, a bucket brigade attack, or a Janus attack, is a form of active listening in which the attacker establishes independent connections with victims and relays messages between them, leading them to believe that they are speaking directly to each. others through a private connection, when in fact the entire conversation is being controlled by the attacker. The attacker must be able to intercept all messages that are transmitted between the two victims and inject new ones. For example, an attacker within reception range of an unencrypted Wi-Fi access point can insert himself as an intermediary. Or an attacker can impersonate an online bank or merchant, allowing victims to log in through an SSL connection, and then the attacker can log into the real server using the victim’s information and steal credit card numbers. credit.
4. Smishing
Packet sniffers allow spies to passively intercept data sent between your laptop or smartphone and other systems, such as web servers on the Internet. This is the simplest and most basic type of wireless attack. Any email, web search, or file that you transfer between computers or open from network locations on an unsecured wireless network can be captured by a nearby hacker using a tracker. The tracking tools are available for free on the web and there are at least 184 videos on YouTube to show budding hackers how to use them. The only way to protect against Wi-Fi tracking on most public Wi-Fi hotspots is to use a VPN to encrypt everything sent over the air.
5. Massive meshing
Also known as bulk SQL injection, this is a method by which hackers poison websites by illegally embedding a redirect javascript from previously infected and hacker-controlled legitimate websites. These javascripts redirect the visitor’s computer to servers that contain additional malicious programs that can attack a user’s computer.
The most common goals
Hackers are interested in many types of computers on the Internet. The following list describes different types of targets and their appeal to hackers. [2]
1. Corporate networks
Corporate computers are often heavily fortified, so hacking one has a high prestige. Behind corporate firewalls are repositories of customer information, product information, and sometimes, in the case of a software publisher, the product itself.
2. Web servers
Web servers are computers that contain websites. While some contain financial information about customers, web servers are often targeted by vandals because they can be defaced to show the public the information the hacker chooses.
3. Personal computers
With the increasing use of Wi-Fi, laptops are becoming one of the most hacked devices. Everything that a person visits online can be exposed to a person using software to “sniff out” that connection. Website URL, passwords used to log into an online bank account, Facebook images, tweets, and a full IM conversation can be exposed. It is the easiest way to hack as it requires little skill.
4. Palm Top tablets and devices
Tablets, cell phones and other mobile devices are as popular as laptops in Wi-Fi hotspots. A hacker at a public hotspot can view a mobile device, as well as all the data going in and out of it, just as easily as a laptop.
How can you protect yourself
The simple truth is that anyone who connects to the Internet is vulnerable to being hacked. Therefore, you need to be proactive when it comes to protecting yourself from these attacks.
Tracking attacks are the most dangerous, as firewalls and antivirus software cannot help. Only a personal VPN can protect a person from a tracker. The potential victim, if connected to a personal VPN, has all of their data routed through a secure server, making it impossible for the hacker to sniff it out. A user who has a secure VPN can browse as if it were invisible to hackers. PRIVATE WiFi provides such a VPN service.
Reference:
1. cs.utah.edu/~elb/folklore/afs-paper/node3.html
2.informit.com/articles/article.aspx?p=425380