Cyber Crime: The Measures of Prevent Hacking - Term Paper Example

Cyber Crime Introduction LulzSec Reborn used “hacking” in order to commit cybercrimes against both militarysingles.com and CSS Corporation. The hacktivist group hacked into the databases of both the victim websites and accessed the personal information of their customers and made it available to public. There are numerous methods that are used to commit cybercrimes such as hacking, phishing, spam, etc. This paper discusses about the measures or precautions that can be taken in order to prevent hacking. Following are the various measures that could have been taken by militarysingles.com and CSS Corporation in order to stop the hackers from hacking into their websites: Correct CHMOD Permissions CHMOD file permissions safeguard your files or folders by allowing different access levels. Each file or folder is assigned a specific value and this ensures that files and folders on your server are not accessed by any unauthorised personnel. 000 (no access) to 777 (complete access) is the range of CHMOD permissions (Erickson, 2008). There are various aspects that need to be considered when setting CHMOD permissions such as compatibility with web-hosts, limitation of features, etc. The effective use of CHMOD permissions can greatly reduce the risk of hackers. Preventing illegal farmers One of the main reasons that hackers target websites such as military singles or CSS Corporation is to access their databases that contain personal information of their customers, mainly email-ids. The email-ids are valuable to hackers it can be used for spamming or spreading of malicious items. Therefore, websites that store the email-ids of their customers must ensure that the personal data of the customers must be stored in secure format rather than writing texts like “email.txt”. Storing in MySQL database can be very useful and ensure the safety of the information. Irresponsible Marketing Most websites in a desperate attempt to increase traffic and attract customers turn to third party websites that uses illegal means such as spamming to drive traffic. These methods not only attract customers but also criminals or hackers. Also the websites can be used as a gateway to hack the main website. Hence, websites must be careful in choosing the kind of viral marketing they adopt. It is more important to attract the right customers than wrong people. Targeted and specific marketing must be used to drive traffic. Security Patch Updates Updating security patches is essential to prevent hackers. Website owners must hence ensure that all security patches for the various service aspects are updated and installed. All plug-ins/core files must be monitored continuously and updated. Secure Ports Hackers use ports as a gateway to access files on a websites server. Ports are used to transfer data from outside to the server and vice-versa. That is, they are used to access the information on serves from the outside and hence are a soft target of hackers. In order for information on the server to be accessed from outside, the port needs to be opened and closed when needed. Programs such as FTP (File Transfer Protocol) need an easy access system. This is very attractive to hackers as it gives them an opening to enter the servers and access any sensitive information on them (Mcclure, Scambray & Kurtz, 2005). Therefore in order to ensure that ports do not act as a easy passage for hackers, it needs to be continuously monitored and any unwanted ports must be properly closed. Also the activity within the opened ports must be monitored to identify any suspicious activity. Third-party scripts and programs Many websites install third party scripts and programs on their websites in order to perform some specific function which might of value to the website. Even though these scripts and programs might add value to the website, it is necessary to be cautious while installing and using them. Third party scripts and programs must not be used until and unless their function and working is completely understood. It is necessary to understand what the third party script and program does apart from the intended function. It should be thoroughly looked into for any references to third party URLS. Strong Passwords One of the most important and basic measures that websites can take is to insist their customers to set strong passwords. Rather than leaving the option to the customers, the websites must insist customers to set strong passwords that will include a variety of characters, numbers and symbols. Also the passwords must be random and long as it makes them more difficult to crack (Lockhart, 2007). An important measure, especially with respect to online communities, is to ensure that “.htpasswrd” and “.htaccess” are formatted in the right way using CHMOD of 644. This gives the best out-layer protection to both the visitors and owners of the website. This is very essential measure as this is the most common technique used by hackers. Hence, it must be made impossible for the hackers to find passwords by making them longer and unique. The longer the password, tougher it is for the hackers as the number of combinations increased exponentially with the length of the password. Avoid Generic Usernames Using common usernames is one of the most common mistakes many site owners do. Using usernames such as “Site Owner”, “Administrator” or “Admin” makes it very easy for the hackers to get into the website. Therefore site owners must stop using generic usernames and instead start using unique usernames that are known only to authorised personnel. Also the companies must insist their customers to stop using generic usernames and instead use unique usernames. This will reduce the chances of the individual accounts being hacked. Cookies Customers or users and also website administrators must be asked to clear the cookies caches after using websites on public computers. Even if the service providers guarantee of no tracking policies, it is in the best interest to ensure that cookies and caches are cleared. Commenting Comment section is another soft target for hackers. It is easy for hackers to insert trouble causing html codes in the comments section. Therefore, any form of input in the comments section must be validated before it is accepted. Antivirus and Malware Software Antivirus and malware software must be installed and continuously updated on the servers. The server must also be continuously scanned in order to ensure that any malware or Trojans and detected and removed. Conclusion The above discussed measures will help to ensure that websites are protected from hackers. Some of these measures demands actions from the site owners while others demand action from the customers or users. The prime responsibility of ensuring the safety of the website is on the site owners. By implementing the measured discussed in this paper, site owners can be sure of the safety of the websites. References Erickson, J. (2008). Hacking: The Art of Exploitation. CA: No Starch Press, Inc. Mcclure, S., Scambray, J. & Kurtz, G. (2005). Hacking Exposed: Network Security Secrets And Solutions. NY: The McGraw-Hill. Lockhart, A. (2007). Network Security Hacks. CA: O'Reilly Media, Inc. Read More