HACKING

AREAS

Hacking may refer to:

 Computer security hacking

 Hacking taxicab

 Joke thievery

 Raising a bird of prey (in artificial nest)

 Illegal methods used in football

 COMPUTER HACKING
What’s on computers in internet?
• Banking, Taxes, Medical Records, Personal details
• Cookies! Browser History!
• Password file??

How do they get in?

• Viruses/Trojans
• Spyware
• Keyloggers
• Remote Control
 TERMINOLOGY USED
 Hacker:
• A proficient computer user
• A computer user engaged in illegal activities
 Cracker:
A computer user engaged in illegal acts.
 Software pirate:
Copies software illegally
 Phreaker:
A telephone services thief
 Hackers Have a Subculture!

 Conferences
 Newsletters and news groups
 Fairly close in age (teens to low 20s)
 Shared experiences, shared roots, and
shared values
 Own myths, heroes, villains, folk epics, in-
jokes, taboos, and dreams!
 HACKER GOALS
 Corporate  Databases
espionage
 Info warfare
 Software theft
 Web site defacing  Hacktivism
 ISPs  Computer time
• DDOS  Theft of intellectual
• Access
property
 Credit cards
• Riding the Bullet
 Computer control
• Home computers
• Business
 Two Reputed Types to Exist
“White Hats” “Black Hats”
 Refrain from
Malicious
damage
 Help to fix/patch
Release viruses,
security problems exploit security
 Report “black holes
hats” Steal assets
 Free testing and
“Gain root”
security
assurance.
 WHO IS HACKER?
Hacker(computer intruder) is a person who
delights in having an intimate understanding of the
internal workings of a system, computers and
computer networks in particular.
 Script Kiddie

 Black hat hacker

 White hat hacker

 Grey hat hacker

 Blue hat hacker

 Academic hacker
 HACKER HISTORY

 First appeared at 1960s

 Hacking done mostly for fun
 Hackers started speaking to each other via
the ARPANET
 A worldwide hackers’ community
 RECENT ATTACKS AND HACKS
 Hackers changed a Department of Justice
web site to display a swastika and the text
to read, “the U. S. Department of
Injustice.”
 “Coolio” (?) shut down e-commerce sites
by bombarding them with thousands of
DOS messages
 Titan Rain and Moonlight Maze attacks on
American computer systems.
 CORPORATE HACKING
 For a report, employees of CNET, Inc.
broke into web sites for Booksite and
Upside and obtained:
• Credit card lists
• E-mail lists
• Subscribers
 Published an article after security was
fixed
 Appropriate for demonstration purposes?
 STUDIES
 The Pentagon estimates that 65% of its
30,000 computers can be hacked
• Is attacked 1,000 times a day
 95% of all attacks are successful!
 5% are detected
 .025% are reported up the chain
 COMMERCIAL STUDIES

 Intrusion Detection, Inc. study of Fortune

1000 companies
• 23% of users did not have passwords or had
guessable passwords
• 14% of accounts were inactive
• 27% of sites had first line security detection
systems turned off
 COMMERCIAL STUDIES
 National Computer Security Ass’n
• A consultant was asked to study security
problems at a large company
• In three days, he acquired 300 MB of sensitive
data
• Simply asked executives about the company,
web searches
 SOLUTIONS
• Never click on links from unknown senders
• Practice safe browsing
• Use good passwords!
• Never do sensitive transactions on Library,
Hotel, and other unknown PCs
• Don’t make your Laptop be an AP (No Ad-
Hoc!)
• Secure your wireless – Encrypt! Address
Filter!
• Make sure you’re on the right network!
• Backup your data – Securely!
 ISSUES

 Are current laws adequate to Cyberspace?

 Are hackers to be thanked or punished?
 Should the acquisition and distribution of
information that disrupts others be illegal?
 How much surveillance is too much?