Hacking - Early History

 During the 1960s, the word "hacker" grew to prominence describing a person with strong computer skills, an extensive understanding of how computer programs worked, and a driving curiosity about computer systems. Hacking, however, soon became nearly synonymous with illegal activity. While the first incidents of hacking dealt with breaking into phone systems, hackers also began diving into computer systems as technology advanced.

Hacking became increasingly problematic during the 1980s. As a result, the Computer Fraud and Abuse Act were created, imposing more severe punishments for those caught abusing computer systems. In the early 1980s, the Federal Bureau of Investigation (FBI) made one of its first arrests related to hacking. A Milwaukee-based group known as the 414s was accused of breaking into 60 different computer systems including the Memorial Sloan-Kettering Cancer Center and the Los Alamos National Laboratory. Later that decade, the infamous Kevin Mitnick was arrested and sentenced to one year in jail for damaging computers and stealing software. He was arrested again in 1995 for computer fraud and put in jail for hacking Motorola Inc., Sun Microsystems Inc., NEC Corp., and Novell Inc. to steal software, product plans, and data. Mitnick eventually cost the firms a total of roughly $80 million.

As negative publicity surrounding hackers continued to grow, those who considered themselves true hackers-computer programming enthusiasts who pushed computer systems to their limits without malicious intent and followed a hacker code of ethics-grew weary of the media's depiction of hackers. As a result, several hacker groups coined the term 'cracker' in 1985 to define a person who broke into computer systems and ignored hacker ethics; however, the media continued to use the word hacker despite the fact that although most early hackers believed technical information should be freely available to any person, they abided by a code of ethics that looked down upon destroying, moving, or altering information in a way could cause injury or expense.

AT&T Corp., Griffith Air Force Base, NASA, and the Korean Atomic Research Institute all fell prey to hackers in the early 1990s. Federal World Wide Web sites, including those of the U.S. Department of Justice, the U.S. Air Force, and the CIA, were also attacked by hackers and defaced. During 1995 alone, U.S. Defense Department computers dealt with 250,000 hacker attacks. As technology advanced and business transactions conducted over the Internet increased, malicious hackers became even more destructive. Popular Web sites such as Yahoo!, America Online, eBay, and Amazon.com were hacked, costing millions and leaving online shoppers doubtful about security on these sites; a 16-year-old Canadian boy operating under the name Mafia boy was arrested for these attacks, as well as for breaking into both Harvard's and Yale's university computer systems. Under the terms of his parole, Mafia boy was not allowed to use the Internet or go into stores that sold computers, and his computer use was limited to that which was supervised by a teacher at school.

Hacking Types

1) Inside Jobs - Most security breeches originate inside the network that is under attack. Inside jobs include stealing passwords (which hackers then use or sell), performing industrial espionage, causing harm (as disgruntled employees), or committing simple misuse. Sound policy enforcement and observant employees who guard their passwords and PCs can thwart many of these security breeches.

2) Rogue Access Points - Rogue access points (APs) are unsecured wireless access points that outsiders can easily breech. (Local hackers often advertise rogue APs to each other.) Rogue APs are most often connected by well-meaning but ignorant employees.

3) Back Doors - Hackers can gain access to a network by exploiting back doors�'administrative shortcuts, configuration errors, easily deciphered passwords, and unsecured dial-ups. With the aid of computerized searchers (bots), hackers can probably find any weakness in your network.

4) Viruses and Worms - Viruses and worms are self-replicating programs or code fragments that attach themselves to other programs (viruses) or machines (worms). Both viruses and worms attempt to shut down networks by flooding them with massive amounts of bogus traffic, usually through e-mail.

5) Trojan Horses - Trojan horses, which are attached to other programs, are the leading cause of all break-ins. When a user downloads and activates a Trojan horse, the hacked software (SW) kicks off a virus, password gobbler, or remote-control SW that gives the hacker control of the PC.

6) Denial of Service - DoS attacks give hackers a way to bring down a network without gaining internal access. DoS attacks work by flooding the access routers with bogus traffic (which can be e-mail or Transmission Control Protocol, TCP, packets).

Distributed DoSs (DDoS5) are coordinated DoS attacks from multiple sources. A DDoS is more difficult to block because it uses multiple, changing, source IP addresses.

7) Anarchists, Crackers, and Kiddies - Who are these people, and why are they attacking I your network?

Anarchists are people who just like to break stuff. They usually exploit any target of opportunity.

Crackers are hobbyists or professionals who break passwords and develop Trojan horses or other SW (called warez). They either use the SW themselves (for bragging rights) or sell it for profit.

Script kiddies are hacker wannabes. They have no real hacker skills, so they buy or download warez, which they launch.

Other attackers include disgruntled employees, terrorists, political operatives, or anyone else who feels slighted, exploited, ripped off, or unloved.

8) Sniffing and Spoofing - Sniffing refers to the act of intercepting TCP packets. This interception can happen through simple eavesdropping or something more sinister.

Spoofing is the act of sending an illegitimate packet with an expected acknowledgment (ACK), which a hacker can guess, predict, or obtain by snooping.

As the cost of hacking attacks continues to rise, businesses have been forced to increase spending on network security. However, hackers have also developed new skills that allow them to break into more complex systems. Hacking typically involves compromising the security of networks, breaking the security of application software, or creating malicious programs such as viruses.

The most popular forms of network hacking are denial of service (DoS) attacks and mail bombs. DoS attacks are designed to swamp a computer network, causing it to crash. Mail bombs act in a similar fashion, but attack the network's mail servers. When eBay was attacked in February 2000, its Web server was bombarded with fake requests for Web pages, which overloaded the site and caused it to crash. Network hackers also try to break into secure areas to find sensitive data. Once a network is hacked, files can be removed, stolen, or erased. A group of teens in Wichita, Kansas, for example, hacked into AOL and stole credit card numbers that they then used to buy video games.

Application hackers break security on application software-software including word processing and graphics programs-in order to get it for free. One way they gain access to software that requires a serial number for installation is by setting up a serial number generator that will try millions of different combinations until a match is found. Application hackers also sometimes attack the program itself in an attempt to remove certain security features.

Hackers that create viruses, logic bombs, worms, and Trojan horses are involved in perhaps the most malicious hacking activities. A virus is a program that has the potential to attack and corrupt computer files by attaching itself to a file to replicate itself. It can also cause a computer to crash by utilizing all of the computer's resources. For example, e-mail systems were inundated with the "ILOVEYOU" and the "Love Bug" viruses in May of 2000, and the damage to individuals, businesses, and institutions was estimated at roughly $10 billion. Similar to viruses, logic bombs are designed to attack when triggered by a certain event like a change in date. Worms attack networks in order to replicate and spread. In July of 2001, a worm entitled "Code Red" began attacking Microsoft Internet Information Server (IIS) systems. The worm infected servers running Windows NT 4, Windows 2000, Windows XP, and IIS 4.0 and defaced Web sites, leaving the phrase "Welcome to www.worm.com Hacked by Chinese!" Finally, a Trojan horse is a program that appears to do one thing, but really does something else. While a computer system might recognize a Trojan horse as a safe program, upon execution, it can release a virus, worm, or logic bomb.

Thanks & Regards,

"Remember Me When You Raise Your Hand For Dua"

Raheel Ahmed Khan

System Engineer

send2raheel@engineer.com

sirraheel@gmail.com

http://raheel-mydreamz.blogspot.com/

http://raheeldreamz.wordpress.com/