Who is a Hacker
The term 'Hacker' immediately brings to my mind a person who is out to do some damage and steal sensitive information, that will compromise your life in some way. While this might be true in many ways, we need to take a deeper look at what the term 'Hack' usually means. A hack is basically a means to know how something works, and when you know how something works, you have the means to go around it and come up with something new to beat it. A hacker is someone who is perpetually engaged in researching and trying to acquire the knowledge of how systems work. Now, when someone has the knowledge of how something works, he or she can use it for both good or bad purposes. Good purposes would involve enhancing the mechanism behind a system. So that, it works more efficiently, and bad purposes would involve using the same knowledge to bring about some harm to the system. Hence, you would find both good and bad hackers out there in the world. The good ones would spend all their time in enhancing the security of a system, while the bad ones would spend most of their time destroying it or using it for their own personal gains. They are commonly known as 'attackers'.
Network is become a single point of interest, in terms of security. Because, we have all kinds of sensitive information, flowing around the world through cables and systems. We should take it upon ourselves to understand what types of attacks a network is vulnerable to, and yes, even home networks are attacked, so it does immense benefit to be informed of what is happening out there, to be better prepared in securing sensitive data.
Understanding network attack types
Due to the complexity in Network implementation methodologies today, most networks and their systems are susceptible to various types of security attacks. Understanding these attacks is essential to securing your network. There are two types of major attacks :-
1. Social engineering attacks
2. Network attacks
Through this type of attack, the attacker compromises a network or system through interacting with an individual, mostly by tricking that individual, to divulge sensitive details about the network. Imagine that, an attacker just walks up to the reception desk of an office masquerading, as perhaps a candidate for a job interview or maybe an IT repair engineer. He strikes up a conversation with the receptionist and in a matter of minutes has managed to get his hands on information, that he can use against the organization in some harmful way. Surprisingly, this type of attack is commonly carried out by internal employees of an organization, either knowingly or unknowingly. It is easier for them, because they are known around the office and can get their colleagues to divulge sensitive information, which can be later used for personal gains. Social engineering has ominous implications for an organization's security and needs to be taken seriously, as it can also happen from within the walls. The best way to ward off this attack is to educate employees, that such type of an attack exists. That way, employees can be more careful in whom they strike a conversation with and bear in mind about, what kind of information they are divulging.
Most types of attacks on a network are carried out by an attacker, through a remote system, and there are various types of attacks, which we need to be aware of:-
1. Eavesdropping attack: Technically, this is also known as packet sniffing and involves a network monitoring tool, which is known as a 'sniffer'. The main task of this tool is to capture and analyze network traffic. In this way, an attacker can read the traffic, that is not encrypted and can steal sensitive information like Usernames and Password.
2. Spoof attack: In this attack, an attacker is able to change the address headers of a data packet to make it look like, they are coming from someone else. This is helpful sometimes in bypassing certain network configurations on routers, switches etc.
3. Man-in-the-middle attack (MITM): In this scenario, an attacker inserts himself in between two systems, that are communicating and thereby, enables himself to pass information back and forth between both the systems. He has total access to every bit of data flowing through the channel and has the power to change it and use it as he wants.
4. Session Hijacking : In this an attacker is able to take control a communication session between two computers and disconnect the second system from the communication. The first system still thinks that it is communicating with the original second system and sends all data to the attacker instead.
5. Denial of service (DOS): This is perhaps, the most common type of attack, found today on networks. This is a type of attack, that causes a server or system and all its services to crash. As a result, the system will not be able to give those services and will fail its purpose.
6. Distributed denial of service (DDOS): In this scenario, an attacker uses multiple systems to attack a single system of interest. The multiple systems, that the attacker uses is commonly called a 'BotNet' and generally means, a group of compromised systems. Requests from multiple systems at once, overburden the network and might lead to a crash.
7. Buffer overflow: This attack occurs when an attacker sends more data to a particular application than, what it has been designed to handle. This attack usually results in an attacker gaining administrative access to a system, through a command prompt or shell interface.
8. Exploit attack: An exploit attack occurs when a system has an existing security vulnerability and an attacker successfully takes advantage of that, by exploiting the vulnerability.
9. Password attack : The attacker tries to crack the passwords, stored in a network database or password-protected file. There are mainly three ways in which, password attacks are carried out : Dictionary Attack, Brute-Force Attack and Hybrid Attack. A dictionary attack uses a words file, which is a list of potential passwords. A brute-Force attack is when the attacker tries to force his way through by trying every possible character combination. A hybrid attack is also like a dictionary attack, but places numbers at the end of the words in the dictionary file.
It is well worth our time to mention the types of software tools, used by attackers to carry out their attacks. A malicious software is a term, designed to identify any software, that is designed to cause harm to systems. These type of software come in many forms as indicated below:-
1. Virus: This is a very common term in the computer world. Traditionally, viruses were used to delete certain files from a system or to overwrite the boot sector so that, a machine does not boot.
2. Worm Virus: These are the computer viruses in the world, we live today. A worm virus is a self-replicating virus, which means that, it can infect a system without the user doing anything. A worm virus infects a system by spreading across a network or through storage media like a flash drive.
3. Trojan Virus: A trojan virus is a program, that tricks the user into installing it, by masquerading as something useful. But in reality, it is a virus, that infects the system. A trojan virus usually works by opening up a TCP/IP post on the system, which is usually called a Backdoor access. This allows a user to connect to the system and control it.
4. Spyware: Spyware is usually a hidden software, that monitors and collects information about a system and the user's web surfing habits. In addition to this, a spyware can cause changes to the user's browser configurations and slowing down network performance.
5. Adware: Adware is a software, that shows an advertisement on the screen usually, through a pop-up and lures a user to buy a product or sign up for something on the web.
6. Logic bomb: This is usually a virus, that waits for a certain event to trigger itself. For example, it can wait for a particular date and then trigger its malicious intent on that date. Till such time, it does not do any changes on the system.
7. Keylogger: A keylogger is either a piece of software, that is installed on a system or a hardware device, that is used to capture all keystrokes on a system.
8. Spam: Spam is the term, used for any unrecognized commercial mails, received by a user. These are usually mass mailed and they try to lure the user into signing up for various kinds of services.
Surviving network attacks
The existing threats to networks and systems today has given rise to a new breed of professionals, calling themselves 'ethical' hackers. They usually attack a system in the same way, that a malicious attacker would, but do so with the intent to know what kind of vulnerabilities a system has. So that, those can be patched up and rectified. In this way, the chances of a malicious attack are reduced to some extend, but cannot be eliminated completely. As technology grows, so does the intent of a few human beings to destroy it. Malicious attacks cannot be prevented, they can only be delayed and the best we can do is, put an infrastructure, that will hold off a certain number of attacks, before the attacker gives up. Informing ourselves is certainly the first and best step we can take in securing our systems from attacks.
Read Review of Bitdefender Total Security Suite 2015