How Hackers Work

bullet  When linked to the Internet, you are linked to computers throughout the world – and, more important, they are linked to you. It’s not apparent to the computer user, but any link to a site on the Internet is a potential two-way street!

While doing research on the Internet about computer hacking for this guide, the following invitation appeared on my screen: "Click here to see what I already know about your hard drive." I clicked and found a list of the directories on my hard drive. I was shocked to learn that I could open and read, on the Internet, almost all my personal files.

The computer at the other end of that link could have, without my knowledge, used the link to my computer to automatically download all my files. Or to install a "backdoor" on my computer that gives the other computer access to my files at any time in the future when I am connected to the Internet. That other computer could be located in a foreign country, anywhere in the world, and I would have no way of knowing it. Yes, an Internet connection really is a potential two-way street.

That personal experience was on my home computer. At the office, I like to assume I am protected by a firewall, encryption, and other security devices, but in the war of wits between hackers and computer security professionals, the hackers win too often.

Expert hackers create and pass on to others sophisticated software tools to exploit both human and technical weaknesses in the security of computer systems -- password crackers, war dialers, vulnerability scanners, sniffers, IP spoofers, and others. Because many of these tools are available on the Internet, relative newcomers can download and use them, raising the level of sophistication of hackers of all types.

bullet  The hacker’s first goal is to get access to your network in order to read your files. Ineffective passwords, insecure modems, and what the hackers call "social engineering" often provide the first opening to a system. How this works is shown in Case 1 and Case 2. These cases were selected from among many others that might be cited because they focus on how hackers exploit common human weaknesses, not just esoteric software weaknesses that only computer experts can understand. They illustrate why computer security is sometimes described as a "peopleware" problem, not just a hardware or software problem.

Once inside the system, the hacker’s second goal is to get what is called "root" access. That usually requires finding a technical weakness. Root access means the hacker has unrestricted access to the inner workings of the system. With root access the hacker can:

  • Copy, change or delete any files.
  • Authorize new users.
  • Change the system to conceal the hacker’s presence.
  • Install a "back door" to allow regular future access without going through log-in procedures.
  • Add a "sniffer" to capture the User IDs and passwords of everyone who accesses the system.
  • Use the captured User IDs and passwords to attack the networks of other organizations to which the captured User IDs and passwords provide approved access.

As one hacker explained it, "Once you’re on the inside, it’s just payday. You’re in heaven." 1

The initial foothold into the system is the toughest part. Often, the hacker will be working via the Internet, which is open to everyone, and will be trying to penetrate a network that is protected by a "firewall." A firewall is a series of programs and devices intended to protect a network from outside intruders. A strong firewall will identify and authenticate users trying to access the network from outside, thus limiting access to authorized persons. Sometimes the hacker is an insider, an employee already behind the firewall who has authorized access to one part of the system and then hacks his or her way into other protected files within the system.

The hacker’s success in breaching the firewall often comes from some form of human failure -- especially weaknesses caused inadvertently by lack of computer security education, carelessness, or gullibility of computer users. Technical weaknesses in the system obviously play a role, but even those may be traceable to some form of human error, such as employee susceptibility to "social engineering" or a systems administrator’s failure to update the firewall software promptly each time the hackers expose a weakness and the manufacturer makes a patch available to plug the hole.

Related Topic: How We Unknowingly Make It Easy for the Hackers.

Reference
1. Gary Andrew Poole, "Digital Hit Men," Forbes ASAP, June 3, 1996, p. 110.

 

<-- PrevNext -->
SECURITY BRIEFING TABLE OF CONTENTS