What is a Hacker?
hacker (n.) – a slang term for a computer enthusiast, i.e., a person who enjoys learning programming languages and computer systems and can often be considered an expert on the subjects. Among professional programmers, depending on how it used, the term can be either complimentary or derogatory, although it is developing an increasingly derogatory connotation. The pejorative sense of hacker is becoming more prominent largely because the popular press has co-opted the term to refer to individuals who gain unauthorized access to computer systems for the purpose of stealing and corrupting data. Hackers, themselves, maintain that the proper term for such individuals is “cracker. ”
(Source: Webopedia)
In a security context, a hacker is someone involved in computer security/insecurity, specializing in the discovery of exploits in systems (for exploitation or prevention), or in obtaining or preventing unauthorized access to systems through skills, tactics and detailed knowledge. In the most common general form of this usage, “hacker” refers to a black-hat hacker (a malicious or criminal hacker). There are also ethical hackers (more commonly referred to as white hats), and those more ethically ambiguous (grey hats). To disambiguate the term hacker, often “cracker” is used instead, referring either to computer security hacker culture as a whole to demarcate it from the academic hacker culture (such as by Eric S. Raymond {see link below} or specifically to make a distinction within the computer security context between black-hat hackers and the more ethically positive hackers, commonly known as the white-hat hackers). The context of computer security hacking forms a subculture which is often referred to as the network hacker subculture or simply the computer underground. According to its adherents, cultural values center around the idea of creative and extraordinary computer usage. Proponents claim to be motivated by artistic and political ends, but are often unconcerned about the use of criminal means to achieve them.
Call or email Salem Computer Doctors today for FREE Firewall Software for home users!
Hacker Attitudes
The term “Hacker” may mean simply a person with mastery of computers; however the mass media most often uses “Hacker” as synonymous with a (usually criminal) computer intruder. See hacker, and Hacker definition controversy. In computer security, several subgroups with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree.
White hat
A white hat hacker or ethical hacker is someone who breaks security but who does so for altruistic or at least non-malicious reasons. White hats generally have a clearly defined code of ethics, and will often attempt to work with a manufacturer or owner to improve discovered security weaknesses, although many reserve the implicit or explicit threat of public disclosure after a “reasonable” time as a prod to ensure timely response from a corporate entity. The term is also used to describe hackers who work to deliberately design and code more secure systems. To white hats, the darker the hat, the more the ethics of the activity can be considered dubious. Conversely, black hats may claim the lighter the hat, the more the ethics of the activity are lost.
Grey hat
A grey hat hacker is a hacker of ambiguous ethics and/or borderline legality, often frankly admitted.
Blue Hat
A blue hat hacker is someone outside computer security consulting firms that are used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.
Black Hat
A black hat hacker is someone who subverts computer security without authorization or who uses technology (usually a computer or the Internet) for terrorism, vandalism (malicious destruction), credit card fraud, identity theft, intellectual property theft, or many other types of crime. This can mean taking control of a remote computer through a network, or software cracking.
Script kiddie
A script kiddie is a person, usually not an expert in computer security, who breaks into computer systems by using pre-packaged automated tools written by others.
Hacktivist
A hacktivist is a hacker who utilizes technology to announce a political message. Web vandalism is not necessarily hacktivism.
(Source: Wikipedia)
How to Become a Hacker by Eric Steven Raymond
The website written by a true “white-hat hacker.” Fascinating reading!
How Computer Hacking Happens
Hacking attacks can be launched in a number of ways:
- Attacking computers that don’t have firewalls installed.
- Installing keystroke loggers or other malicious code by hiding it in email attachments.
- Exploiting browser vulnerabilities that have not been properly patched.
- Exploiting weak or poorly protected passwords.
- Hiding malicious code in downloads or free software.
- Hiding malicious code in images on websites and waiting for unsuspecting users to click on them.
- Employees or other trusted users simply accessing an unprotected computer.
- Exploiting poorly installed networks, and especially wireless home networks.
Computer Hacking and Identity Theft
Identity theft criminals come in all shapes and sizes these days. If you’re ever unlucky enough to be a victim of identity theft, the culprit is far more likely to be a local meth user than a professional hacker. That said, most organized crimes gangs around the world are becoming much more involved in computer hacking. Computer identity theft can happen in a number of ways. Criminal organizations can use their own hackers, hire college students, or simply buy large amounts of stolen information from professional hackers. And the result is a spike in the number and size of reported data breaches by hackers:
- More than 50 of the reported data breaches in the last year have been attributed to computer hacking.
- Hacking accounted for the largest number of compromised personal records in the last 12 months, involving an estimated 43 million Americans.
- Well-known brands that have lost data through computer hacking in the past 18 months include DSW Shoes, Polo Ralph Lauren, and BJ’s Wholesale.
What happens to stolen credit card and social security numbers?
Much of the data stolen through computer hacking — including stolen credit card numbers and Social Security Numbers — will end up on a network of illegal trading sites where hackers and criminals from around the world will openly buy and sell large amounts of personal data for profit.
Stolen data networks have flourished in the open, with names like Network Terrorism Forum, Shadowcrew, Carderplanet, Dark Profits, and Mazafaka. The Shadowcrew network was believed to have more than 4,000 active members who made more than $5 million in less than two years trading 1.5 million stolen credit cards, before it was shut down.
A typical credit card hacking transaction on one of these sites might take place as follows:
- Stolen credit card numbers and other personal information are posted for sale, either to be purchased or used in a “joint venture.”
- In a joint venture, other network members will use stolen numbers to purchase goods and send them to a drop site for pick-up by other members. The goods are then sold and the proceeds shared amongst the participants.
- New or unproven sellers on the credit card hacking network are often required to prove their credibility by participating in a number of dummy runs to test that both the seller and the stolen cards are genuine.
Some credit card hacking sites will also include a rating system, where members can post feedback on the quality of stolen credit card numbers and other information offered for sale by members. And many of these computer identity theft sites will accept requests for specific types of stolen information and will also sell complete phishing websites and email templates so that even absolute beginners can easily run phishing scams with little technical knowledge.
There has also been a shift in the professional computer hacking community, where hackers who used to do it for the thrill or the fame are now doing it for profit. In the words of one hacker, “In the old days of hacking it was a bit like base-jumping the Chrysler building. All you got was a slap on the wrist and front page headline.”
But now hackers are facing serious jail time for even the smallest hack and they want to make hacking worth the risk. In most cases, all they do is find the opening, commit identity theft, and then sell the stolen credit card numbers; or just find the credit card hacking opportunity and sell that information for others to do the stealing.
Another source of computer identity theft involves former employees hacking into the networks and computers of their old job, using either insider knowledge or password accounts that were never cancelled. For example, the thief who stole 30,000 credit records from his employer in New York committed the crime over a two-year period after he left the company. The cost of his crime was estimated at more than $100 million.
He simply used his insider knowledge and a password that someone forgot to cancel. And if employees are disgruntled or angry after they leave the business, maybe because they were fired, they may justify their actions by convincing themselves it’s “just compensation” for money they should have been paid.
Opportunist hackers also continue to be a problem. These are amateurs and professionals who spend hours a day running random port scans on the Internet looking for unprotected home computers. When they find one, they’ll often just poke around inside the network or computer to see what’s worth taking, and these days they know that any personal or customer information on that computer will be of value to someone somewhere.
And with nearly 4,000 hacking sites on the web, any petty criminal can now learn how to become an accomplished hacker free of charge, and possibly earn a much better living for a lot less risk. The criminals who used to lurk in doorways armed with a crowbar now lurk in front of laptops armed with a chai latte. These guys know that it’s much easier to break into a business through the Internet to commit identity theft than through a skylight, and there’s no chance of being bitten by the owner’s Doberman.
Small businesses computer systems are especially vulnerable to identity theft, because they usually offer easy and unguarded access to things like customer credit card records and employee payroll files. Most small businesses don’t use or keep access logs, so even if their information has been stolen, they probably won’t even know it.
(Source: privacymatters.com)
How to Keep From Being “Hacked”
- Make sure all computers you use in your home or business have the latest firewalls and anti-virus software installed.
- Keep up-to-date with the latest patches, especially for your browser.
- Be careful about the types of websites you visit, what you click on, and what you download. And make sure that everyone who uses your computer understands the security risks and rules.
- Scrutinize suspicious emails that may actually be phishing scams.
And even then…..
Call or email Salem Computer Doctors today for FREE Firewall Software for home users!
Salem Computer Doctors
(540) 330-4279
Copyright Salem Computer Doctors, Salem Virginia / All rights reserved.