The goal of this article is to introduce you to the world of the hacker and to define the terminology used in discussing computer security. Businesses and government-related organizations that are serious about their network security hire ethical hackers and penetration testers to help probe and improve their networks, applications, and other computer systems with the ultimate goal of preventing data theft and fraud.
Computers have become mandatory to run a successful businesses. It is not enough to have isolated computers systems; they need to be networked to facilitate communication with external businesses. This exposes them to the outside world and cybercrime. Cybercrime is using computers to commit fraudulent acts such as fraud, privacy invasion, stealing corporate/personal data etc. Cybercrimes cost many organizations millions of dollars every year. Businesses need to protect themselves against such attacks.
What is Hacking?
There are many definitions of hacking. In this article, we will define hacking as identifying weakness in computer systems and/or networks and exploiting the weaknesses to gain access. An example of hacking is using by passing the login algorithm to gain access to a system.
What is Ethical Hacking?
Ethical hacking and ethical hacker are terms used to describe hacking performed by a company or individual to help identify potential threats on a computer or network. An ethical hacker attempts to bypass system security and search for any weak points that could be exploited by malicious hackers. This information is then used by the organization to improve the system security, in an effort to minimize or eliminate any potential attacks.
Who is Hacker?
A hacker is a person who finds and exploits weakness in computer systems and or networks to gain access. Hackers are usually skilled computer programmers with knowledge of computer security.
Who is Ethical Hacker?
An ethical hacker is a computer and networking expert who systematically attempts to penetrate a computer system or network on behalf of its owners for the purpose of finding security vulnerabilities that a malicious hacker could potentially exploit.
Hackers can be divided into following groups:
Ethical hackers usually fall into the white-hat category, but sometimes they’re former gray hats who have become security professionals and who now use their skills in an ethical manner.
Hackers are classified according to the intent of their actions. The following list classifies hackers according to their intent.
The Phases of Ethical Hacking
The process of ethical hacking can be broken down into five distinct phases. An ethical hacker follows processes similar to those of a malicious hacker. The steps to gain and maintain entry into a computer system are similar no matter what the hacker’s intentions are.
What is Cybercrime?
Cybercrime is the use of computers and networks to perform illegal activities such as spreading computer viruses, online bullying, performing unauthorized electronic fund transfers etc. Most cybercrimes are committed through the internet. Some cybercrimes can also be carried out using mobile phones via SMS and online chatting applications.
Type of Cybercrime
The following list presents the common types of cybercrimes
- Computer fraud:Intentional deception for personal gain via the use of computer systems.
- Privacy violation:Exposing personal information such as email addresses, phone number, account details etc. on social media, websites etc.
- Identity Theft:Stealing personal information from somebody and impersonating that person.
- Sharing copyrighted files/information:This involves distributing copyright protected files such as eBooks and computer programs etc.
- Electronic funds transfer:This involves gaining an un-authorized access to bank computer networks and making illegal fund transfers.
- Electronic money laundering:This involves the use of computer to launder money.
- ATM Fraud:This involves intercepting ATM card details such as account number and PIN numbers. These details are then used to withdraw funds from the intercepted accounts.
- Denial of Service Attacks:This involves the use of computers in multiple locations to attack servers with a view of shutting them down.
- Spam:Sending unauthorized emails. These emails usually contain advertisements.
Many methods and tools exist for locating vulnerabilities, running exploits, and compromising systems. Once vulnerabilities are found in a system, a hacker can exploit that vulnerability and install malicious software. Trojans, backdoors, and rootkits are all forms of malicious software, or malware. Malware is installed on a hacked system after a vulnerability has been exploited.
- Operating Systems : Many system administrators install operating systems with the default settings, resulting in potential vulnerabilities that remain unpatched.
- Applications : Applications usually aren’t thoroughly tested for vulnerabilities when developers are writing the code, which can leave many programming flaws that a hacker can exploit. Most application development is “feature-driven,” meaning programmers are under a deadline to turn out the most robust application in the shortest amount of time.
- Shrink-Wrap Code : Many off-the-shelf programs come with extra features the common user isn’t aware of, and these features can be used to exploit the system. The macros in Microsoft Word, for example, can allow a hacker to execute programs from within the application.
- Misconfigurations : Systems can also be misconfigured or left at the lowest common security settings to increase ease of use for the user; this may result in vulnerability and an attack.
Ethical Hacking Terminology
This terminology is how security professionals acting as ethical hackers communicate. This “language” of hacking is necessary as a foundation to the follow-on concepts.
- Threat : An environment or situation that could lead to a potential breach of security. Ethical hackers look for and prioritize threats when performing a security analysis. Malicious hackers and their use of software and hacking techniques are themselves threats to an organization’s information security.
- Exploit : A piece of software or technology that takes advantage of a bug, glitch, or vulnerability, leading to unauthorized access, privilege escalation, or denial of service on a computer system. Malicious hackers are looking for exploits in computer systems to open the door to an initial attack.
- Vulnerability : The existence of a software flaw, logic design, or implementation error that can lead to an unexpected and undesirable event executing bad or damaging instructions to the system. Exploit code is written to target a vulnerability and cause a fault in the system in order to retrieve valuable data.
- Target of Evaluation (TOE) : A system, program, or network that is the subject of a security analysis or attack. Ethical hackers are usually concerned with high-value TOEs, systems that contain sensitive information such as account numbers, passwords, Social Security numbers, or other confidential data.
- Attack : An attack occurs when a system is compromised based on a vulnerability. Many attacks are perpetuated via an exploit. Ethical hackers use tools to find systems that may be vulnerable to an exploit because of the operating system, network configuration, or applications installed on the systems, and to prevent an attack.
There are two primary methods of delivering exploits to computer systems:
- Remote : The exploit is sent over a network and exploits security vulnerabilities without any prior access to the vulnerable system. Hacking attacks against corporate computer systems or networks initiated from the outside world are considered remote. Most people think of this type of attack when they hear the term hacker, but in reality most attacks are in the next category.
- Local : The exploit is delivered directly to the computer system or network, which requires prior access to the vulnerable system to increase privileges. Information security policies should be created in such a way that only those who need access to information should be allowed access and they should have the lowest level of access to perform their job function.
Identifying Types of Ethical Hacks
Ethical hackers use many different methods to breach an organization’s security during a simulated attack or penetration test. Most ethical hackers have a specialty in one or a few of the following attack methods.
Here are the most common entry points for an attack:
Remote Network : A remote network hack attempts to simulate an intruder launching an attack over the Internet. The ethical hacker tries to break or find vulnerability in the outside defenses of the network, such as firewall, proxy, or router vulnerabilities.
Remote Dial-Up Network : A remote dial-up network hack tries to simulate an intruder launching an attack against the client’s modem pools. War dialing is the process of repetitive dialing to find an open system and is an example of such an attack.
Local Network : A local area network (LAN) hack simulates someone with physical access gaining additional unauthorized access using the local network.
Stolen Equipment : A stolen-equipment hack simulates theft of a critical information resource such as a laptop owned by an employee. Information such as usernames, passwords, security settings, and encryption types can be gained by stealing a laptop.
Social Engineering : A social-engineering attack checks the security and integrity of the organization’s employees by using the telephone or face-to-face communication to gather information for use in an attack. Social-engineering attacks can be used to acquire usernames, passwords, or other organizational security measures.
Physical Entry : A physical-entry attack attempts to compromise the organization’s physical premises. An ethical hacker who gains physical access can plant viruses, Trojans, rootkits, or hardware key loggers (physical device used to record keystrokes) directly on systems in the target network.