Hackingin the Information Age
Hackingin the Information Age
Inthe era of the information, age internet and technologies have becomean integral part of human life. The world of internet has three mainconcepts that is linked to human life: the good, the bad and theugly. All the benefits that human derive from the use of the internetfall into the category of the good, the bad aspects relate to thedamage that internet activities can cause to one businessorganization, institutions (Sterling,2004).This may include viruses, spam and hacking and other things thatdestroy the computer, documents and files stored in electronicdevices. The worst and perhaps the most damaging effects on theinternet falls under the category of the ugly. This encompassesaspects that are beyond the reach of the arm of government throughlaws, destructive online behavior such as hacking and privacyviolations (Thomas& Loader, 2000). .
Itis important to note that all the things that can be categorized asugly are also unethical and illegal in many states. Based on thedefinition from the oxford dictionary, hacking refers to any form ofillegal or unauthorized access to information and data in anelectronic system. Financial institutions such as banks definehacking as anything that "somethingthat boring mainframe computer operators did to improve performanceand battle boredom." (Furnell,2002),.In this definition banks focus primarily on boredom as the mainreason for hacking. Some information and telecommunication expertssuch as Darlington say that hacking can not be limited to onlyaccessing information and data but should also include an attack onthe privacy of everyone (Taylor,1999).The most important thing when it comes to hacking is that everyoneagrees that hacking is illegal and unethical. On the hand the namehacker is used to refer to an agent of hacking or a person who hacks.This is a person who finds fun in accessing private information, dataand files , an individual who imposes interest or power relating toparticular files orinformation. Marotta refers to a hacker as adata lord, a barbarian who takes what he wants, while Hamanen saysthat a hacker is any individual who carries out illegal activitieswhether they were linked to a computer system or not (Furnell,2002),.This translates to any form of usage of a system or device forpurposes that are not meant to be conducted by that system. Thispaper will examine hackers and how they have damage all the benefitsthat internet confer to man in the 21stcentury.
Asstated above hacking is conducted by individuals who are highlyintelligent and high technical knowledge in computer programming andsoftware development (Williams,2002).Hackers function from defects in software and weaknesses in programsin order to break into computer systems (Crucialparadigm, 2003).Software in this case entails operation systems such as windows O.Sand SQL based database systems. Hackers also master the techniques ofcracking passwords, using malware and phishing in a bid to hunt foruser passwords.
Weakauthentication is one of the key avenues that hackers exploit sinceit allows unlimitless chance of entering passwords unlike strongauthentication that give the user only three chances. Another windowof opportunity for workers is the use of short passwords. Weakpasswords give hacker opportunities to easily guess the username andpassword in order to break into the computer system (McClure,etal.2003).
Everycomputer systems allow the user to make changes to the passwords usedto log into the system. Systems that employ encryption password as amethod of protect the system and data are also prone topre-computation attacks. The other avenue is the detection ofsoftware defects (Furnell,2002).This is regarded as one the greatest loophole of unsecure systems.The other avenue of attack is exploring memory safety.
Anotherwidespread method of hacking is attacking web server. This isachieved through different methods such as SQL injection techniqueand cross-site scripting. Another way of hacking is throughcross-site requesting whereby the targeted individual presumes that agiven websites is trustworthy, but this is normally a way throughwhich hackers can get out information from the user (McClure,etal.2003).Normally this happens through electronic mail, where victims receivespam messages which lead them to a specific links where it is mucheasier for the hacker to break the system.
Hackersmainly target systems and the first part in this process is scanningand enumeration. Enumeration refers to a process whereby a computername, what the user shares and the username are identified (Taylor,1999).A standard hacking process consist of six distinct phases
Enumeration and scanning
Cracking user passwords
Concealing digital trail
Asstated above a hacker is an individual who maliciously intrudes intothe system of another person for personal gains. Technically, ahacker is a term that is used to refer to possess technologicalknowhow in computer systems that enables them to crack or break intoanother person’s system for malicious intention (Taylor,1999).They modify, steal or delete information of great significance forman information system or computer. All this is done for profit, fameor sometimes to avenge an acts that is considered to affect the theirwork, actions or intention.
McClure,etal.(2003).categorizeshackers into three main groups based on history. The first generationis made of computer programming experts who began to misuse theirknowledge, the second group is made up of hardware developers whofound it necessary to access information and data from naïvecomputer users(McClure,etal.2003).The third generation is made up of developers of games architecture.The last group is made of developers who do not possess adequateskills in computer programming to but who want to weigh theirprogress by cracking third party agents.
Taylor(1999)classifies hackers based on their functionality, that is depending onthe manner and way in which a given hacker intrudes and interactswith the whatever is being cracked or hacked. In this respect hackersfall under three distinct groups in-house hackers who is a hackerwho operates from within a given organization which he/she formspart of the employees and who is well versed with the securityapparatus of the existing information and communications systems(Sterling,2004).In-house hackers are driven by a grudge, revenge or because theymight feel they are no receiving the apt recognition as they thinkthey deserve. Such a person might also feel betrayed by hisworkmates and as such wants to access information and data thathe/she might use to taint the image of the targeted individual(Furnell,2002).The second group of hackers are referred to as super hackers who doesnot interact directly with the security system of an organization butwho has ability to monitor all the movements and processes of dataand information transfer from one person to another or from a givenfirm to another (Taylor,1999).Depending on the prevailing condition and nature of situation superhackers can change transactions and channel them to his personalaccounts The last group of hackers in this category is made up ofprofessional hackers who possess high tech knowledge and skills tothe extent that they can get any data or information from anyplaceanywhere in the globe provided there is internet connection.Professional hackers have ability and capacity to manipulate thingsand alter them to their own benefit. These hackers use software andTrojans that get installed on the computer system through covertwindows and then take control of the system (Furnell,2002),.
Hackersare also broadly categorized as white hat or black hat hackersdepending on the action and intention of intruding into anotherperson’s computer system (Serverpipeline, 2004).This is a name that was derived from the cowboy movies wherebycowboys were good cowboys were depicted with a white hat while badcowboys were represented with a black hat. Those that are at themiddle are referred to as grey hat hackers.
Whitehat hackers who also commonly referred to as ethic hacker refer to aindividual who cracks the security apparatus of a computer system butwho do not conduct any form of malicious activity. They areindividual who break into the computer systems of other individualjust to warn the users that they are vulnerable to attackers (Taylor,1999).This group of hackers has a set code of ethics and has succinctlydefined standards and most of the time they strive to function withbusiness owners and large manufacturers to discover the weaknesses insecurity systems and work on them to make them more secure. The basicgoal is to assist and help improve the security systems. This groupof hackers organize hacking contest such as the Pwn2Own. In suchcontest the contenders, who is in this case is a group ofprofessional hackers and proletarians, and who can be white hat andgrey hat exploit particular software goals (Furnell,2002).Nonetheless, there are hidden perils of disclosure of the identifiedvulnerability to the public after a given period. White hat is a termthat is also used to describe hackers who play a part in the designof safer and better systems, normally the source of the key protocoland tools that are used today by millions of people.
Goals of white hate hackers are summarized below
Testing technology to make it safer and better
Optimization of computer software and systems
Ethicalhackers make effort to duplicate the mission and intention of blackhat hackers without inflicting any harm on any user. In many casesethical hackers operate with the permission of an organization andthey conduct penetration test to establish what a particular intrudercan find out about the computer information system (Taylor,1999).They also establish whether an attacker can gain and maintain accessto the information systems and whether the process of tracking theattacker can be done effectively. A classical example of ethicalhackers is the group referred to as the Anonymous has received a lotof acclaim for hacking into the sites of terrorist and jihadists whohave continued to reign terror in many parts of the world. This groupwas hacked French jihad sites after the murder of Charlie Hebdo inParis (Halleck, 2015).
Agrey hat hacker who practices double standards sometimes they act ingood faith and sometimes they conduct malicious activities. Grey hathackers is a termed coined to describe a hybrid of white hat andblack hat hackers. This group of hackers do not plot to commitneither do they hold intention of doing something bad to computersystem of other people, but on certain occasions they commit crimes(Taylor,1999).An excellent example of an individual who falls under the category ofa grey hacker is a person who accessed without permission a computersystem even though he/she did not do any harm the system. Grey hathackers can even go to a point where inform the owners of the systemthey have intruded of the security flaws and sometimes recommendsolutions to solve the problem (Taylor,1999).Even though such hackers may pose a major threat to organizations andindividuals many countries consider such actions as a crime. In deedmany people have been prosecuted and put into jail for trying tohelp organization fix security flaws in their computer system afterhacking into it (Sterling,2004).
Blackhat hackers are also referred to as pirate and this is a group ofindividuals who break into computer systems with a hidden agenda andfor malicious purposes (Taylor,1999).Black hat hackers are further divided into four types of hackers
Thefirst group is made of ‘crakers’ which is term used to refer toindividuals whose main aim is to intrude into another computer systemor break the systems of protection a given commercial software. Inthis vein a ‘crack’ refers to an executable program generate tolater the original software in a bid to remove the protections(Taylor,1999).
Atypical example of black hat hackers is the group called the ‘theguardian of peace who waged a series of cyber attack on Sony Inc.This group managed to steal and leak medical and personal informationfrom every Sony Inc workforce and several scads of private andconfidential information (Taylor,1999).The group left Sony Inc technologically on its knee and issued aseries of blurred demands.
Inthe recent past hackers have sent a virus to NSA and FBI in U.S andhave managed to steal vital information on various important issuesrelating to U.S military. Unfortunately it also worth noting that FBIhas used various types of viruses to sneak it way into Iran nuclearfacilities in a move meant to sabotage the process (CNET,2001).Even though this would be regarded a s white hat hacking in theUnited States, it is considered as a grave crime of spying in Iran.The Sony case remains one of the worst case cyberattack on commercialentities in United States by terrorists.
Thesecond group of black hat hackers are referred to as the ‘carders’and these individuals attack systems smart card- most of the timesthey attack credit cards in order to know how its functions andexploit the weaknesses that may be identified (Taylor,1999).The term ‘carding’ is coined from the process where smart cardsare attacked by hackers with malicious motives.
Thethird group is referred to as the ‘script kiddies’ a group madeup of youthful users of a particular network using program availableon the internet (Furnell,2002).They are also called packet monkey or crashers and they defacecomputer system just for the entertainment.
Thelast group of hackers in this category is called ‘phreakers’ andthese are normally involved in manipulation of telephone networks sothat they are able to make free calls. ’Phreaking’ is a term thatis synonymous to hacking phone lines to make free calls (Furnell,2002).
Hackingrefers to any form of illegal or unauthorized access to informationand data in an electronic system. Hackersfunction from defects in software and weaknesses in programs in orderto break into computer systems. The process of hacking consist ofvarious processes such as Enumerationand scanning, cracking user passwords, escalating privileges,executing application, hiding files, concealing digital trail.Hackersare also broadly categorized as white hat or black hat hackersdepending on the action and intention of intruding into anotherperson’s computer system. White hat hackers are also referred to asethical hackers makes effort to duplicate the mission and intentionof black hat hackers without inflicting any harm on any user. In manycases ethical hackers operate with the permission of an organizationand they conduct penetration test to establish what a particularintruder can find out about the computer information system. A greyhat hacker who practices double standards sometimes they act in goodfaith and sometimes they conduct malicious activities. Grey hathackers is a termed coined to describe a hybrid of white hat andblack hat hackers. This group of hackers do not plot to commitneither do they hold intention of doing something bad to computersystem of other people, but on certain occasions they commit crimes.Black hat hackers are also referred to as pirate and this is a groupof individuals who break into computer systems with a hidden agendaand for malicious purposes. Everycomputer systems allow the user to make changes to the passwords usedto log into the system. Systems that employ encryption password as amethod of protecting the system and data are also prone topre-computation attacks. Other avenue is the detection of softwaredefects, weak authentication that are vulnerable to attack andattacking web server. Thefundamental thing is that when it comes to hacking is that everyoneagrees that hacking is illegal and unethical Whatever the intentionof hacking any form of hacking is an infringement of privacy rightand as such illegal. In deed many people have been prosecuted and putinto jail for trying to help organization fix security flaws in theircomputer system after hacking into it.
CNET(2001). FBI "hack" raises global security concerns[online]. Available from: http://news.com.com
Crucialparadigm (2003). Hackingattacks-How and Why [online], Crucialparadigm. Available from:http://www.crucialparadigm.com/resources/tutorials/website-web-page-site-optimization/hacking-attacks-how-and-why.php[Accessed 9th April2015]
Furnell,Steven. (2002). Cybercrime:Vandalizing the information society,Boston London: Addison-Wesley.
Halleck,T. (2015). Anonymous Hackers Say They’ll Target Terrorists With#OpCharlieHebdo Following Paris Attacks. InternationalBusiness Times:http://www.ibtimes.com/anonymous-hackers-say-theyll-target-terrorists-opcharliehebdo-following-paris-attacks-1779382
McClure,S., Etal.(2003), Hackingexposed: Network security secrets & solutions,Fourth edition, Berkley, California (USA), McGraw-Hill/Osborne
Serverpipeline (2004). Simulatedhacker attacks [online], Server pipeline,Available from:http://www.nwc.serverpipeline.com/trends/trends_archive/46200228[Accessed (2015-04-10)
Sterling,B. (2004), Thehacker crackdown: (Law and disorder on the electronic frontier),McLean, Virginia (USA), Indypublish.com
Taylor,P. A. (1999), Hackers:Crime in the digital sublime,London, Routledge
Thomas,D. and Loader, B. D. (2000). Cybercrime: Law enforcement, security and surveillance in theinformation age,London: Routledge
Williams,S. (2002), Free as in freedom: Richard Stallman`s crusade forsoftware, Farnham, Sebastopol, California: O`Reilly.