Computer Hacking - Dissertation Example

Computer Hacking Introduction Ever since its commencement during the late 90s, the internet has been triumphant in inclining a gigantic number of computer users in different parts of the globe. Additionally, from the day one until today, the internet has now become a journey; starting from a single network to an environment of millions of computers connecting with each other through various sources (Erickson, pp. 23-25). Users are now using dial-ups, gateways, ISPs, etc to connect to the internet for various educational, social, political, and personal reasons. In other words, internet has now become a global village that only requires a computer and a connection as its requisites and that is one of the major reasons of its dominance around the globe. Although internet has been a notion of blessing for the human race, on the other hand, one can witness a number of controversies and risks associated with its existence, one of which will be the major focus of this argumentative paper. Experts (Erickson, pp. 49-56) have clarified that internet, along with its bounties, has brought a number of risks that is creating issues and problems for its millions of users around the globe. In specific, it has been observations that individuals and organizations have been complaining of their information theft, fraud, etc that are some of the usual occurrences on the internet. A few years back, a file in a cabinet was considered defenseless as compared with some information on the internet. However, today, there seems a considerable alteration in perspectives of individuals and organizations, as computer users are now considering of keeping their records in the physical storage rather than on the internet due to glitches in security of the information systems. In the result, while internet has benefited us in the form of e-commerce, e-mail, and virtual education, on the other hand, huge advancements in the field of information and technology are causing risks in the security of its systems. In midst of such issues, one of the most crucial is cracking (McClure & Shah, pp. 20-26). Unfortunately, a number of ill-informed individuals have related the term of ‘hacking’ with the practices of cybercrime that has resulted in misunderstandings regarding the domain of hacking that plays a vital role in maximizing security in the computing field, and thus, this paper will specifically involve efforts to argue over the importance and benefits of hacking, more importantly, ethical hacking. Scrutiny of various resources has inclined the researcher to conclude that experts and professionals (Harris & Ness, pp. 49-63) in the computing field have been involved in usage of the term ‘hacking’ for twofold purposes. In specific, experts used to consider hackers as skilled individuals who were involved in discovering innovative aspects of the information systems, and they were enthusiastic about different components of the computer networks that may result in benefits to the users and computing field beyond the known limits. In this regard, hackers completely were different from rest of the computer users who were only keen to learn things required for normal usage of the computers and the internet. In particular, hackers were skilled and efficient programmers and developers, and as the years passed, the world of hacking continued to include more number of enthusiastic computer lovers that began to create new programs and languages to improve and enhance capabilities and functions of existing computer programs (Harris & Ness, pp. 48-53). Unfortunately, such scope and working of hacking did not acquire similar respect, as a number of individuals began to employ their computer networking skills for fun intentions by intruding in other computers. In the beginning, these computer fun-loving individuals kept their tricks for fun purposes limited to their colleagues and acquaintance. However, after couple of occurrences, experts have indicated that individual began to cause damage to the computer systems with their knowledge of information systems on the internet, and that resulted in ending up of such news on the media. Regrettably, experts and media at that time did not choose the appropriate phrase for such individuals, and media chose the term hacking was these occurrences rather than using terms such as cyber criminals, intruders, crackers to indicate individuals who were causing damage to the internet society (Erickson, pp. 67-70). Unluckily, nobody put efforts to indicate such a mistake of the media, as well as the experts, and it has been an observation that such erroneous action has resulted in shadowing of actual benefits of hacking. In the result, for crackers and cyber criminals, hacking has now become a compliment for them, and that has resulted in increment in the number of cyber criminals all over the globe. Nowadays, experts and professionals use the term ‘hacking’ or ‘hacker’ to describe an individual who causes threats, risks, and damages in the computer security that is against the actual definition of the term hacking, as well as its real usage. In this regard, this paper will include arguments regarding the benefits and efficient usage of hacking. In addition, researcher will also propose recommendations for employment of appropriate terms such as intruders, crackers, and cyber criminals for individuals who are really on darker side of such field, and usage of term hacking for individuals that are putting efforts for efficient functioning of the information systems globally. It is an observation (Carnevale, pp. 41-44) that a huge number of business organizations, as well as governmental bodies are confronting risks of breach of their security due to expansion of internet globally. In the result, they are putting enormous efforts to ensure utilization of internet for only brighter side of the internet, such as for e-commerce, advertising, and e-education. However, as mentioned earlier, they are concerned about losing their information due to huge possibilities of hacking/intruding/cracking. On the other hand, business organizations and governments are not the only victims of such attacks but the customers and consumers are concerned about losing their personal information as well on e-commerce websites that is creating huge problems for organizations to convince customers and ensure them about security on the internet. With such understanding of possibilities of threats related to hacking and cracking, the organizations have acquired a realization that it has now become very important to hire security professionals that will be responsible for evaluating the threat and making strategies to minimize the impact or possibility of any attack on the organization. This idea came up with already-existing concept of independent auditors that provide their services to different organizations to review and inspect financial records (Verton, pp. 59-66). In this regard, with this realization, one can notice the optimistic side of hacking that can result in beneficial impact on the organizations, as well as the customers and consumers on the internet. In other words, this understanding also supports the claim of this paper that hacking is not limited to only intruding and cracking, and that one can benefit from hacking professionals or hackers in an efficient manner. In this regard, nowadays, a huge number of organizations are endeavoring to hire ethical hackers to ensure security of their information systems. It is an observation that although ethical hackers have the same expertise and skills as of crackers; however, the major difference between the two is that of their utilization. In specific, a cracker becomes an ethical hacker or a tiger hacker when he/she puts his/her computer skills to secure the computer systems rather than damaging them (Mathew, pp. 80-88). Unfortunately, a very thin line exists between the two divisions that is the major reason of misunderstood image of hacking in the perspectives of nonprofessionals, as well as even in the media. Analysis (Kurtz & Scambray, pp. 51-54) has indicated that ethical hackers usually put efforts and employ their tools and skills to inspect security of the computer systems while preparing a report for the organization regarding identification of any susceptibility in the system. In addition, ethical hackers also offer strategies and procedures to eliminate any vulnerability in the systems, one of the most efficient characteristics of ethical hackers that distinguish them from crackers or intruders. In order to understand the effectiveness and benefits that ethical hackers can bring to the organizations, the paper will now include an example (Karger & Schell, pp. 20-25) related to ethical hacking. Before including the example, it is important to indicate that ethical hacking is not a new term and it dates back to decades ago, and the paper will try to include example from an earlier occurrence of ethical hacking that will enable the reader to distinguish between cracking and ethical hacking. In particular, during an ethical hacking exercise, information systems of the Multics were under inspection by ethical hackers at the United States Air Force (Karger & Schell, pp. 20-25). During this security examination, ethical hackers carried out a comprehensive procedure of evaluating these top-secret operating systems for any potential vulnerability. During the evaluation, ethical hackers identified that although Multics operating systems were superior in terms of their speed and capabilities as compared with traditional operating systems in the market (Karger & Schell, pp. 20-25); however, there existed susceptibility in the systems regarding security of their hardware and procedures that could have enabled hackers to use the systems for dual purposes. During this ethical hacking attack, the tiger hackers used their programming skills to enter into the systems in order to keep the realistic environment that would be available to real intruders or crackers. In addition, the attack included few exercises with different staff of the US Air Force (Karger & Schell, pp. 20-25) that enabled the hackers to evaluate integrity of the systems. In the end, reports indicated that with the help of these ethical hacking attacks, the US Air Force saved millions of dollars (Karger & Schell, pp. 20-25). Moreover, a number of other reports have indicated utilization of skills of ethical hackers in the US military in the earlier decades that is the proof of enormous benefits of ethical hacking in terms of financial advantages, as well as administrative benefits. Today, with the expansion of internet on consumer and customer level, private organizations have also begun to benefit from the usefulness of ethical hacking. In specific, the year 1993 indicated first-ever public discussion of the effectiveness and benefits of ethical hacking on the Usenet9 (Wall, pp. 56-63) that played a vital role in changing perspective of nonprofessionals, as well as professionals in understanding benefits and optimistic side of hacking. Nowadays, one can see a number of academic platforms and computer security organizations (Carnevale, pp. 41-44) indicating the role of ethical hacking and their procedures of gathering information from the targeted systems and evaluating the information while compromising security of the systems intentionally to inspect or identify any vulnerability in them. These examples demonstrate good instances of ethical hackers that are playing a crucial role in ensuring security in different information systems around the globe unlike crackers or intruders that are skilled professionals but on darker side of the picture. As earlier discussed, there exists a very thin line between ethical hackers and intruders or crackers, and thus, it is very imperative to discuss specific characteristics of ethical hackers that will make it easier for the paper to come up to a conclusion that hacking is not limited to only harmful attacks on security systems, and can be very beneficial. In this regard, trustworthiness is the first and foremost characteristic of any ethical hacker, and the most prominent one that distinguishes ethical hackers from crackers (Tavani, pp. 30-38). For instance, there have been observations during ethical hacking attacks regarding discovery of secret information about the organization; however, it then becomes responsibility of ethical hackers to keep secrecy of the information, and fortunately, until today, such hackers have kept their standards of trustworthiness. Besides secrecy, violation of trustworthiness principle can result in real intruding attacks on the organizations resulting in losses of millions of dollars, and thus, ethical framework plays a vital and powerful role in keeping ethical hackers to better side of the river. Besides trustworthiness, during ethical hacking attacks, hackers usually enjoys authority over different company’s processes and procedures, and it becomes their responsibility to ensure loyalty to the organization during the evaluation process (Tavani, pp. 71-79). In this regard, experts have indicated existence of majority of ethical hackers as loyal to their clients and customers that have resulted in huge acceptance of ethical hackers in the private sector. Besides personal characteristics, it is very important for ethical to have the capability of understanding sensitivity of any discovered information, and must be competent enough to propose immediate strategies and techniques to ensure and maintain security of the targeted systems. Besides, ethical hackers follow a strict and scheduled procedure to carry out their ethical hacking attacks whereas intruders usually do not follow a strict procedure and often do not understand sensitivity of the information while carrying out their attacks for fun that results in huge and unexpected losses (Yurcik & Doss, pp. 1-10). Lastly, ethical hackers are bound to prepare a comprehensive report regarding all the steps and phases of the attack that allows the organization to use it for maintaining security in their systems in the future. From the discussion of different characteristics of ethical hackers, it seems that ethical hackers come from a different world than that of intruders or crackers. In other words, one can also imagine both divisions as rivals to each other, which indicate the evidence of the claim of this paper. However, these two rivals have few things in common as well that has resulted in that very thin line between them, and it is essential that one should be capable of understanding both similarities, as well as differences to distinguish them. In this regard, it is an observation that both ethical hackers and intruders possess excellent programming and networking abilities that differentiate them from conventional computer users. Experience (Verton, pp. 31-36) plays a vital role in both hacking and cracking, and reports have indicated that members of both parties enhance and improve their computer skills by attempting different attacks for several years. In addition, experts have identified Windows and UNIX as two operating systems common for becoming targeted systems, and thus, hackers and intruders are usually very good at maintaining/damaging security in these operating systems. Besides these differences and similarities, analysis has indicated that ethical hackers usually have a better understanding of different non-computational processes of the organizations that help them in maintaining security of the systems, whereas, intruders usually are unaware of other aspects of the organization. This results in the inclination of hackers towards the better side and this is the major reason that organizations are look forward to work with ethical hackers. In addition, reports have clarified that understanding of management skills enable the ethical hackers to stay a step ahead from the intruders, and help them in proposing strategies for future. Conclusion From this discussion, it is an understanding although ethical hackers and criminal hackers are different from each other; however, anyone can download hacking tools available on the internet and can become a hacker. Thus, it is very important that authorities and organizations take efficient steps to ensure valuable role of the ethical hackers. In this regard, studies have indicated an example of IBM Company that took an effective step by making a policy of not hiring an ex-intruder (Yurcik & Doss, pp. 1-9). Although one may argue that, an ex-intruder can be the best option for making an ethical hacker, as he/she would be aware of real hacking tactics. On the other hand, experts (Khare, pp. 44-50) have argued that although ex-hackers could be having real hacking tactics, however, there will be absence of the most important characteristic of ethical hackers; trustworthiness. From this perspective, this rule seems very effective in maintaining the thin line that allowed researcher of this paper to claim that hacking is beneficial. According to various reports, hacking attacks are in continuance and they will continue to exist and increase that may result in huge monetary losses. In this regard, ethical hackers are having a greater responsibility on their shoulders to ensure maintenance of security in their targeted computer systems. At the same time, this paper would like to put some responsibilities on shoulders of educational institutions (Carnevale, pp. 41-44), as they can play a vital role in instilling major characteristics of an ethical hacker in individuals interested in the field of information security. Scrutiny of resources has indicated that a number of colleges and universities (DeLisse, pp. 1-5) are offering courses in the information security, which is an effectual method of relating hacking techniques with education. In other words, particularly, the major factor that composes the thin line is ethical framework (Logan, pp. 177-182) that remains absent in the intruders or crackers, and works actively in the case of ethical or tiger hackers. In this regard, community colleges and universities (Sanders, pp. 5) seem the best academic platforms for employing interested individuals with skills that will facilitate them in becoming ethical hackers, or in other words, in walking on brighter side of the hacking world. A few universities are nowadays offering boot camp that involves short sessions on cyber security, wireless security, and several other related aspects of information security (Slania, pp. 1-4). Besides, various educational institutions are offering courses to become a hacker, and more specifically, an ethical hacker, and one can observe carrying out of exams and tests on state levels. In addition, various institutions organize hacking competitions in which students form teams and try to hack each other systems, and more importantly, put efforts in preventing their own systems from other hackers (Van der Laan, pp. 1-5). These kinds of competitions and hacking events provide a learning environment to students to learn different programming and security-related computer skills while maintaining and fulfilling the ethical framework that is very important to keep an individual on the status of an ethical hacker. In this regard, offering of such courses and exams (Yurcik, pp. 1-11) is itself an evidence of the optimistic potential of hacking that often confronts the narrowed perspectives of nonprofessionals. Conclusively, the paper included arguments and discussions regarding the benefits and efficient usage of hacking from the aspect of ethical hacking. In addition, researcher also proposed recommendations for employment of appropriate terms such as intruders, crackers, and cyber criminals for individuals who exist on darker side of such field, and usage of term hacking for individuals that are putting efforts for efficient functioning of the information systems globally. Works Cited Carnevale, D. “Basic training for anti-hackers: An intensive summer program drills students on cyber security skills.” Chronicle of Higher Education. Volume 52, Issue 5, pp. 41-44: 2005. DeLisse, R. L. Rationale for computer ethics policies and a model policy for the North Carolina Community College System. Carolina Community College, 2000. Erickson, Jon. Hacking. No Starch Press, 2003. Fadia, Ankit. The Unofficial Guide to Ethical Hacking. Thomson Course Technology, 2006. Harris, Shon, and Ness, Jonathan. Gray Hat Hacking. McGraw-Hill Professional, 2008. Karger, P. A., Schell, R. R. Multics Security Evaluation. Volume II, Hanscom Air Force Base, 1974. Khare, Rajat. Network Security and Ethical Hacking. Luniver Press, 2006. Kurtz, George and Scambray, Joel. Hacking Exposed 6. McGraw-Hill Professional, 2009. Logan, P. Y. “Crafting an undergraduate information security emphasis within information technology.” Journal of Information Systems Education. Volume 13, Issue 3, pp. 177-182: 2002. Mathew, Thomas. Ethical Hacking. OSB Publisher, 2003. McClure, Stuart and Shah, Saumil. Web Hacking. Addison-Wesley, 2003. Pfleeger, Shari L. Security in Computing. Prentice Hall, 2003. Sanders, A. D. “Utilizing simple hacking techniques to teach system security and hacker identification.” Journal of Information Systems Education. Volume 14, Issue 1, p. 5: 2003. Slania, J. “Courses teach lessons in hacking.” Crains Chicago Business. Volume 26, 2003. Tavani, Herman T. Ethics and Technology. John Wiley & Sons, 2010. Van der Laan, N. “Hackademy: Paris school offers primer for cyber pirates.” Christian Science Monitor. Volume 94, Issue 7: 2001. Verton, Dan. The Hacker Diaries. McGraw-Hill Professional, 2002. Wall, David. Cybercrime. Polity, 2007. Yurcik, B. S., Doss, D. (2001). “Ethical hacking.” Ethics of Electronic Information in the 21 Century Symposium. University of Memphis, 2001. Read More