The Impact of Hacking in Todays Firms - Term Paper Example

Cybercrime: The impact of Hacking in today’s firms Outline 1. Introduction 2. Definition of hacking 3. Types of hacking 4. Techniques used to hack 5. Examples of organizations that have been hacked 6. Conclusion Cybercrime: The impact of Hacking in today’s firms 1. Introduction. An attack of a computer system affects and interrupts the operating system. Hacking is an activity that is a major concern to many organizations. This paper will define hacking, discuss the types and techniques of hacking, and give examples of companies that have been hacked. 2. Definition of hacking. Hacking is frequently perceived as form of computer crime. Hacking entails amending features of a computer system to perform a different function that the computer was not intended for. Hacking is not limited to computers, but can also be performed on other electronic devices such as mobile phones. People who constantly perform the acts of testing and manipulating computer systems and programs are known as hackers. Hacking can be performed legally or illegally. Hackers can be employed by organizations to protect the organization from harmful attacks from other hackers. Hackers are known to perform cybercrime. Cybercrime is unlawful penetration of computer network as Ericson (2008, p. 1) mentions. The hackers have ethics which they follow. Those who do not abide with the ethics tarnish the name of hackers giving them a bad reputation. 3. Types of hacking. Hacking can take different forms depending on the activities. Types of hacking include: password cracking, brute force, Denial of Service, Viruses, crime ware and bots. Password cracking entails using structured query language to get passwords from non secured or secured websites. People have numerous usernames and password and tend to use similar ones for convenience. The hackers use the username and password to access valuable websites such as banks. Brute force hacking uses an automatic system to generate password by recreating or guessing a new password. To ensure that hackers cannot attack at random, it is important to create long passwords and use different passwords for different sites. Denial of service is a type of hacking attack that works against organization. The organizations server gets poor network communication which results to broken communication. The server ends up slowing down and may eventually crash. The targeted organizations have online trading. If the organization does not get to pay off the hackers, it may end up losing money and reputation (Ericson 2008, p. 4). Crime ware is another type of hacking where hackers use crime ware packs to sell malware and conduct money laundering activities. Hijacker and ransom ware are categorized together with crime ware. Hijackers will divert a browser to an advertising site. Ransom ware attacks ones computer and provides a link or number where one can get assistance to be freed from the attack. For instance, malware can be introduced to intercept a bank transaction that would transfer all the money to the hacker. Bots is a type of hacking where the computer becomes controlled by the hacker. Using passwords the computer sends spam and restricted content. Viruses, Trojans and worms are a type of hacking used as a carrier of malware. While viruses are passed on through thumb drives, Trojans tend to be embedded in down loads and worms communicated in the internet. Antivirus can prevent Viruses, Trojans and worms from attacking. Hacking can be an inside job where employees steal and use or sell passwords. Employees who do not guard their password may end up being engaged in a security breech. Rogue access is a situation where unsecured networks can be accessed by outsiders. Back door hackers can access networks through a weak point of the network (Faida, 2006, p. 30). There are different types of hackers who include: phreakers, crackers, black huts, white huts, grey huts, script kiddies and phishers or spammers. Phreakers are known to manipulate operation of telephone systems to call without pay. The computer hackers would use the knowledge they have to penetrate mainframe computers, break through telephone switch programmers to get information and then escape capture detection. Crackers are computer hackers who break into security controls on digital protected media, computer games together with software. Crackers sell and provide activation key generators, serial numbers or cracks for games, which have emended malware. The malware has Trojan which prevents other hackers from using their codes. People who purchase and use crackers products end up with viruses, worms or malware which may not be detectable by firewall or antivirus. Computer hackers known as black hats make profits from hacking. They create malware, software or any tool that can harm a computer to generate profits. Black hats have been blamed for causing a negative reputation to hacking. The white hats are hackers are also labeled as ethical hackers or pen setters. White hats use same tools as the black hats with an intention to research security (such as audits and testing) to prevent an organization from hackers attacks. White hats will therefore report and participate in protecting the computer system. Grey hats engage in hacking activities that are not contrary to the law. However, grey hats may share information on hacking with strangers without establishing safety, or may present the information as anonymous to prevent being prosecuted. Script kiddies are black hats hackers who hide their identity. Since the script kiddies are not able to produce own codes, they use codes from other hackers to attack other businesses and other hackers. Script kiddies are associated with cyber crimes who present as anonymous hackers (Engebretson, 2011, p. 46). Cyber soldiers and cyber troops are qualified military soldiers often sponsored by the government to hacking tools and techniques to obtain information by spying, destabilize computer systems of the enemy and obtain intellectual property from them. Phishers or spammers develop programs and sell them. The programs are capable of sending messages, emails and tweeting in an instant. They develop sites that entice computer users to click on their links. The users get a request to enter user name with the passwords to get software. When the software program is downloaded, users may find out that they have been embedded with malware. 4. Techniques used to hack. Zalewski (2005, p. 95) notes that, hacking affects people in different ways. There are different techniques of hacking. Script injection is one of the common ways of hacking. Organization’s databases for the website are often structures with query language. Hackers penetrate and introduce their code in the database which allows them get classified information such as card numbers and password. The code also allows them change or deletes data. Sites that are commonly attacked through Javascript injection include discussion boards, Twitter and Facebook. The hackers can take out personal information for users of the site. Scripts are capable of passing firewall to obtain computer users private information, investigate their activities, activate cameras, initiate microphone and install malware. Scripting can be turned on and off in a computer. Dictionary attacks are common technique of cracking password. A dictionary is installed in a cracking application to crack the password. People tend to use simple words and names for password. Hybrid attack is a technique is used to crack passwords for people who add symbols or numbers to their passwords. Brute force attack works out to crack complex passwords. McClure (2009, p. 4), adds that, it is possible to protect a computer against hacker’s attacks. Computer users can turn of scripting. People can use long passwords and different passwords. The antivirus can be maintained while unsolicited emails can be avoided. People should avoid downloading programs they have not searched for. Moreover, knowledge on computer security should be sought to increase knowledge base. 5. Examples of organizations that have been hacked Australia’s Reserve Bank has been a cyber attack target. The bank has experienced virus attacks across the system and network. A malware was introduced targeting information on intelligence. The malware is said to have originated from China. Although some of the computers were compromised, Reserve Bank Australia claims that data is safe and was not corrupted. The bank takes the security of the banks systems seriously. They have engaged the Australia’s intelligence, consulted information technology experts and regularly train employees on security. British Broadcasting Company (BBC) Twitter accounts have been a victim of cyber attack. Inappropriate information was updated on the accounts. For instance, weather forecast information was not appropriate for certain regions. The tweeter account had absurd comments that could not be related to the weather news. The comments and attacks were from a Syrian group of hijackers. Moreover, some employees received inappropriate emails in their BBC email accounts. The email which provided a link was realized to be capable of detecting passwords used on the computer. BBC has since taken control of the tweeter accounts and omitted inappropriate content. Spamhaus Company which specializes with anti- spamming in Europe was a victim of cybercrime in the recent past. The company’s system was hit by complains of denial of service and delayed emails. The numerous online disruptions were considered one of the largest cyber attacks. The company might have been attacked by a group that had been blacklisted. Although the system was jammed, the company managed to go through the attack and has since enhanced security. 6. Conclusion While there are white hat hackers who are there to secure, test and expose risks, it is wise to remain careful and adopt appropriate measures to enhance security. Besides using antivirus and turning off scripting, long and complex passwords should be used. Moreover, a company should update and remain alert on new development on security. Reference List Engebretson, P. (2011). The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy. USA: Syngress. Ericson, J. (2008). Hacking: The Art of Exploitation. San Francisco: No Starch Press. Faida, A. (2006). The Unofficial Guide to Ethical Hacking. Macmillan Publishers India Limited. McClure (2009). Hacking Exposed 6. McGraw-Hill Education. Zalewski, M. (2005). Silence on the Wire: A Field Guide to Passive Reconnaissance and Indirect Attacks. San Francisco: No Starch Press. Read More