Hacking basics: all the questions you've been afraid to ask
Video: trailer from the movie War Games (1983) where a young boy manages to accidentally hack into the US military, possibly starting World War III.
Before we begin, we must ask ourselves the question: what is hacking? Quite simply, hacking is the intrusion, by a person or an organisation, of a computer system with the aim of obtaining protected and confidential information.
Today, with internet democratisation and the advent of social networks, users are increasingly vulnerable to cyberattacks and the fear of being hacked has risen. These hackings can take several forms and are made by different types of people, each having particular intentions. However, there are several tips and tricks that can help protect us from this type of threat.
The origin of hackers
The word hacker was established in 1959 with the arrival of the first computer at MIT, the IBM 704. This computer attracted students’ interest who did not hesitate to “hack” it to discover even the smallest nooks of the system without worrying about IBM’s user protocols. Their intrusion was called “hacking” - meaning the diversion from the usual use of a machine.
Are all hackers evil?
It’s important to break the prejudice that a hacker is a bad person. Hackers can actually be divided into several categories:
White hat hacker
This type of hacker can be qualified as “gentle”. He will put his expertise and knowledge to the service of society. Indeed, he will participate in the improvement of safety on the internet by becoming a networks administrator and being very active in the open source community.
The community aspect is very important for him because there are other members who are going to define him as a White Hat. The White Hats seek to understand how the attacks occur (without himself causing any damage) in order to build better system defences in the future.
Black hat hacker
In contrast to White Hats, Black Hats are “bad” hackers. They don’t want to share the same community and the same ethics as the White Hats. Thus, their purpose is to cause the maximum of damage on the target. They will then by-pass and undo company networks, servers, governmental sites… in other words, they are going to hack!
Grey hat hacker
This last category of hackers is a mix of the previous ones. She has no harmful purposes but does not hesitate to cross the limit of legality. She can get into a system illegally in order to reinforce weaknesses found inside the system. She is usually interested in the recognition.
Finally, there are several subcategories oh hackers such as Hacktivist, who use their expertise and knowledge for political purposes to express their views. Some very famous ones are Anonymous, Lulzsec and Script-Kiddies, neophytes in hacking who use tools created by confirmed hackers to cause damage, by boasting of their exploits.
How can they attack us?
Let us discover now which types of threats our computer system and our accounts may be exposed to:
A virus is a “malicious software” or “malware” that spreads through networks or removable media. It is going to establish itself within a program and duplicate itself. It remains harmless as long as the program was not executed. But once activated, it can cause considerable damages.
A computer worm is a malware that spreads from computer to computer by using the internet or other networks, inflicting heavy damage to the systems. Contrary to viruses, it doesn’t need a host program.
This is software that collects information stored in a computer to transmit it to the hacker without the user’s knowledge.
The hacker is going to use the identified security flaws in web browsers such as Google Chrome, Mozilla Firefox or Microsoft Edge to settle into your computer. A hijacker can then behave like a virus or a spyware.
A seemingly harmless software is hidden within a hidden malware (Inception, anyone?). Once activated, everything is possible - like the installation of a spyware, taking control of the target computer etc.
There are many threats resulting from personal and professional emails. Indeed, hoax or spam emails can contain malware.
A hostile IT software takes hostage the computer data of a private individual, a company or an organisation. The hacker will then block access to the data of the infected computer. To get the data back, the victim must pay a ransom. The victim may involuntarily infect the computer by opening an attachment in an email, accessing a hacked website or even from another malware.
This method consists in extracting confidential information (password, bank code, photos, etc.) from users by leveraging identity theft. Hackers create certified true copies of official websites in order to retrieve your password during log in or will send an email pretending to be an employee of your bank, an ecommerce website, etc.
In the next post, we will go over what actions you can take to protect yourself against the hacking of your data.