The unceasing quest of human mind has conceived to almost all crucial inventions of the world. Hacking dates back its inception to the same human urge to know and hence explore things. Computer Hacking is a practice of peeping into the extreme technical details of any computer application, program, or the whole system in order to extend its capabilities or alter its functionalities. People who rightly follow this practice of hacking are termed as ‘hackers’. A hacker’s vision towards solving any technical problem is undoubtedly beyond the perception of any normal computer expert. The open-source coding has been very beneficial for hackers to test and invent out of their passion for programming, say UNIX is the best example.
Fig. 1: Representational Image for Computer Hacking
This practice can either be ethical or unethical. The activity where one breaks into the system but do not violate its security and credentials is called Ethical Hacking. Ethical hackers aim to bring into the administrator’s notice, vulnerabilities and voids in the system thereby, improvising the robustness and security. They are purely tech-geeks with immaculate programming skills and hands-on knowledge on both computer hardware and software. On the other hand, there are people who can though break into systems, get access to secured accounts but their actions are usually unauthorized while they make a backdoor entry into your system. These people (often misinterpreted as hackers) are called as ‘crackers’. They try and crack passwords, security codes, etc using various hacking softwares which are already available. Such softwares are meant to break the code using millions of trials programmed into it by other hackers.
While hacking can prove really useful when companies hire hackers to keep a check on the security of their network and transactions, it may be equally harmful even to an individual operating his/her personal computer sitting at home.
What is the first step one would take before seeking admission in a university or college? Quite unanimously, it must be a primary research about the institute. Footprinting is an analogous step which hackers take before gaining access into any network. The systematic footprinting of an organization enables attackers to create a complete profile of an organization’s security posture like system architecture, network blocks and IP addresses exposed on the Internet. Hackers gain reconnaissance of the target following a sequence of steps as:
1. Open Source Footprinting- The first step a hacker takes is to visit the website of a potential target. He then looks for contact information of the administrators which may help in guessing the password or in Social Engineering.
2. Network Enumeration- This is the next step in gaining information where the hacker tries to identify the domain names and the network blocks of the target network.
3. Scanning- Once the network block is known, the next step is to spy for active IP addresses on the target network. The Internet Control Message Protocol (ICMP) is a good alternative for identifying active IP addresses.
4. Stack Fingerprinting- Once the hosts and port have been mapped by scanning the target network, the final footprinting step can be performed. This step is called stack fingerprinting. This is the process of determining the operating system and different version of services running on target hosts.
There are different ways a hacker can attack a system in order to gain access which may be:
· A backdoor program entry.
· Through unauthorized executable files called viruses and worms
· Password Cracking
· Denial-of- Service (DoS) attack , or
· Fake web pages
· The TRINOO Attack
In a backdoor program entry the hacker gets access to your programs, files, personal details, browsing details etc and easily make all sort of possible changes to them like editing, deleting, copying. And alas! The user whose machine is at compensation may not even realize that he is been hacked. Such backdoor entries are installed on the targeted machine usually through alluring user executable files called ‘Trojan’. Well the art of hacking lies in designing these malicious programs called Trojan which aims at monitoring and controlling the target computer unofficially.
Hacking through viruses and worms is quite self-explanatory and is the most common way to infect a target machine. Viruses and worms both are malicious programs that can affect your system but there is a slight difference in the way they affect the system. A virus, like the human viruses is attached with the executable files and programs and has ability to travels from one system to another. The important characteristic of a virus is that it affects your system or files only if you run or open the malicious program. Whereas worm is a sub category of viruses that can replicate themselves and travels from one system to another with other files and data. Worms do not need any human interaction to affect your system i.e. they can affect your system even if you do not run or open the malicious program. For example a worm can send a copy of itself to everyone listed in your email address and then by replicating itself again and send to everyone from your receivers address book. Hence it can affect an entire network very rapidly and is more dangerous form of viruses.
Phishing is another smart hacking technique used as a baited trap by hackers to steal your personal details like name, address, passwords, credit card numbers, etc. Hackers create phishing sites with familiar logos, mottos and graphics which are fake web pages but look similar to their own bank or usual surfing stuffs and excite users to enter their personal details. They may even mail you fake messages demanding to recover your lost details. Again a trap..!! So users, beware of such baits. Do not respond to any such mails and do check for a lock sign in the URL before entering your personal details. Legitimate websites always use this sign to indicate a secure connection.
Password Cracking is the easiest way to gain access to a system. There are two modes of password cracking; online and offline. In online guessing attempt, the attacker uses a login prompt, tries one or more legal login names and begins to try and guess passwords for these login names. Some UNIX systems store the encrypted version of every user’s password in a world readable file. In offline mode, the hacker use these encrypted files to guess the password.
A denial-of-service attack is an attempt to make the computer or internet resource unavailable to the intended users. ‘SMURF’ is a well- known type of DoS attack which is based on an attacker’s ability to spoof IP source address. Any system that uses IP address as a means of authentication can be compromised by an attack known as IP address spoofing. The attacker sends a request for return packet to the intermediate network’s broadcast address. From where, the request is automatically relayed to all the machines on the network. These machines then send reply back reply with a return packet. However, in the original attack packet, the attacker replaces his/her own true address with the address of the original victim. The victim machine hence is flooded with many such replies which in turn increase traffic at the victim’s site. Consequently, the target machine is forbid to perform any useful activity.
Putting it all together: When all the above attacks are put together, a full-fledged ambush is generated. One such attack is the distributed denial-of-service attack or DDoS. DDoS attacks render a host useless by flooding it with maliciously derived traffic from many attacking machines. These attacks have fetched a lot of media attention in the recent past when popular Internet websites like Yahoo! and eBay undergone temporary shutdown posterior to such an attack. Trinoo is software that creates a network of master and daemon machines to launch a DDoS attack. DDoS attacks may pose significant threats to machines connected to internet. This is due to the distributed nature of this attack.
The practice of hacking is not limited to computers alone but the cellular lines or mobile phones are target as well. Hackers worldwide have designed mobile hacking softwares called Bluetooth Hack Softwares. Once this software is installed in the target phone, the hacker can get full access to the remote mobile phone like access to phone book, messages, internet, making calls, restore factory settings, etc.
In the current scenario, at this stage talking about cyber attacks and cyber crime is totally inevitable. Any unlawful activity, wherein the computer is used as an instrument to perform or perpetuate the crime is registered under cyber crime. Ever since the inception of internet (initially known as ARPANET) in 1969, the use of computers to access internet has increased at a huge pace and hence had increased the sophistication of technical hackers over cyber crime. Initially, when internet came into force only a little provision was made to trace or track cyber attacks for internet security. Under the assumption of a benign user, no provision was made for the cryptographic authentication of the information contained in IP packets. But the current cyber threat environment is far beyond the original design parameters of the internet. Currently, the internet is subject to millions of cyber attacks and crimes worldwide. Some of the recent cyber attacks are listed below:
. The first ever industrial cyber attack (on Siemens) was discovered in July, 2010 using a computer worm called Stuxnet. It is also found to be the first computer malware program ever which contains a PLC rootkit. A rootkit is a group of utilities that aids in setting up backdoors for the rooted machine for future access and abet to capture network’s internal information.
. As reported by Google Inc, it became the victim of a cyber attack on its operations in China in 2010 that resulted in the theft of its intellectual property.
. Recently in 2011, Sony reported an unauthorized theft on Sony’s Playstation Network which stole names, address and credit card data of around 77 million account holders on the network.
. Other cyber crimes include credit card scandals, cyber squatting, phishing, child pornography, etc.
To keep a check on the increasing cyber crimes all over the world, Internet Service providers are employing various techniques to strengthen security in their networks. Several traceback techniques have been introduced to trace the approximate source of such attacks. Every technique has its own set of advantages and disadvantages. Backscatter traceback technique is primarily useful for spoofed attacks where the attackers use source addresses from the private IP address space. Centretrack techniques, Hop-by-Hop tracebrack, ICMP are some other techniques also used.
Apart from the unauthorized accesses, hacking has many advantages which results from the endless efforts of computer geeks who keep exploring the system to extend its capabilities like speeding up your computer by increasing the memory available through the Ready Boost option on a flash drive, caching the most visited websites for fast internet access and many more.