In this age of prolific Internet use, a major concern that has emerged among webmasters and web hosts alike is the threat of hacking. Originally referring to the process of learning programming languages and computer systems, the term ‘hacking’ has now evolved to mean the practice of bypassing a computer system/network’s security (used interchangeably with the term ‘cracking,’ depending on the motivation).
At any rate, hacking attacks have now become threats that system administrators and webmasters need to guard against.
There are five forms of attacks commonly used against computers and networks, according to Aaron Turpen, in his article ‘Hacker Prevention Techniques.’
1. Distributed Denial of Service (DDoS) attacks
* usually aimed at networks by third party systems (typically, compromised systems lacking security that unwittingly become hacker accomplices)
* focuses on open ports and connections in the network or system
* they undermine the network by flooding it with requests and “pings,” thereby causing one or more systems and their resources to shut down or crash
* major systems usually recover from such attacks easily and completely
2. Trojan Horse
* software disguised as something else (typically useful shareware or freeware) and so are installed in your system consciously
* it either contains
o a “back door,” (which allows others to enter your system, and do what they want with it, while you’re using the software), or
o a “trigger,” (sets itself off when triggered, either by a date or a time or a series of events, etc., and cause your system to shut down or attack other computers; can be part of a DDoS attack
* SpyWare is a less malicious version (it fills commonly-used form fields for you while also collecting information to send to advertisers and marketing companies)
* difficult to detect
* most common
* primary concern is to replicate and spread itself, and then destroy or attempt an attack on the host system
* examples include: I Love You; Crazy Boot, Cascade; Tequila; Frodo
malicious sites that use known security holes in certain Web technologies to trigger your web browser to perform unwanted functions in your system (ex. an older version of ActiveX had a “hole” that allowed content in any one folder or directory on your hard drive to be automatically uploaded to a web directory or emailed to a receiver)
* it consumes resources (quietly) until the system finally becomes overloaded and ceases to function
* a combination of a DDoS and a virus attack
* usually reproduces as often as possible to spread as widely as they can
* typically built for a certain type of system and is benign to all others
* commonly aimed at larger systems (mainframes, corporate networks, etc.); some are built to “consume” data and filter it back out to unauthorized users (i.e. corporate spies)
* examples are Sobig and Mydoom
So, why do hackers/crackers do what they do?
There are several reasons.
1. To use your computer:
* as an Internet Relay Chat (IRC) server – hackers wouldn’t want to discuss openly about their activities on their ‘own’ servers
* as Storage for Illicit Material (ex. pirated software, pirated music, pornography, hacking tools etc)
* as part of a DDoS Attack – where many computers are controlled by hackers in an attempt to cause resource starvation on a victim’s computers or networks
2. To steal services and/or valuable files
3. For thrill and excitement
4. To get even – maybe an IT staff who was terminated, or other parties you’ve ‘wronged’
5. As a publicity stunt – an example of which was reported in 1998 by Jim Hu in MTV “hack” backfires
6. Knowledge/Experiment/Ethical – some hackers probe a computer system to find its security vulnerabilities and then inform the system administrator to help improve their security
7. Another possible reason is that the hackers might suffer from a disease called Asperger syndrome (AS). They are people who are very good with numbers and at focusing on a problem for a very long period of time, but are not good in social relationships. How AS can possibly be linked to hacking behavior was discussed more thoroughly by M.J. Zuckerman in his ‘USA Today’ article, What fuels the mind of a hacker?
9. To spy on friends, family members or even business rivals
10. Prestige – bragging rights in their social circle (particularly if they’ve hacked high-profile sites or systems)
11. Intellectual Challenge
12. Money – although most hackers are not motivated by financial gain; many professional criminals make money by using hacking techniques either to
* set up fake e-commerce sites to collect credit card details
* gain entry to servers that contain credit cards details
* engage in other forms of credit card fraud
So who are at risk for such attacks?
The AKAMARKETING.com article Illegal Internet offers this list:
* Internet security firms – their servers and web sites contain the best security, therefore making them a very challenging target for hackers.
* High-profile media-friendly targets – include large corporation’s sites, political party sites, celebrity sites etc. will gain the hacker coverage in the wider media, and credibility within the hacker community (see reasons #5,10)
* Anyone with a web site – although e-commerce sites are far more attractive to hackers than community pages
* Always-on broadband connections – a hacker can attack your system again and again once he/she gains access of your IP address because it’s static
* Dial-up model connections – although some protection is provided by having a dynamic IP address, dial-up connections are still vulnerable to being attacked as long as the connection is live
The truth is, practically anyone connecting to the Internet is vulnerable to being hacked, infiltrated by a Trojan horse or attacked by a virus or worm. Thus, there is a need to be proactive when it comes to protecting your system from such attacks. These methods are discussed here.