Matt Mente, News editor
For many still, computers are a complex object whose operations are unfathomable. To hackers, however, breaking into a computer system is an art.
The first part of this series on hacking discussed who hackers are and why they break into computers. This conclusion will examine how hackers break into systems.
While the execution of hacking attacks can be extremely technical there are generally a limited number of ways one can break into a system.
One method of attacking a website is a dedicated denial of service or DDOS. These attacks are popular among activism groups and decentralized hacking organizations such as Anonymous.
They operate by having an entire network of computers automatically bombard a single website with traffic. Such great volumes will cause the website to overload and become inaccessible. Attacks like these are generally more like digital vandalism than anything else.
More sophisticated attacks rely on exploiting structural vulnerabilities within networks. They generally look for open ports in a network that will allow access.
Other common ways hackers break into networks are through security gaps created by different pieces of software. When programmers write network software they do their best to ensure it all communicates properly but with dozens of combinations of software and innumerable updates communication errors occasionally occur which create loopholes that a hacker can exploit.
The final common way somebody can break into a network is through poorly written security code. If a programmer isn’t nearly diligent enough it can be possible for a hacker to insert statements into a system which create logical conflicts and allow them access.
Then, of course, there’s the entire category of computer viruses and worms. According to Microsoft security reports, these malicious programs generally spread through the auto run functions associated with flash drives and some network protocols.
And despite Mac’s long history of being virus-free, even Apple products can fall susceptible to viruses too. The misconception that they can’t get virus exists simply because there are not as many in circulation because Mac’s only constitute about 5% of the computer market.
Viruses can carry out a variety of functions though the most advanced one ever discovered is likely a virus called stuxnet. Nobody is certain of its origin but it was designed to destroy Siemens industrial equipment, specifically nuclear centrifuges in Iran.
According to Laurier’s Infrastructure & Network Security, Manager Richard Godsmark
“The primary attacks that security professionals around the world are seeing are phishing attacks via email, malicious websites, user installed malware and remote access brute force attempts”
Godsmark also points out that the greatest vulnerability in any computer system is its organic component, the user.
A security study by Microsoft found that nearly 50% of attacks come through some form of software that requires active participation by the user.
A large number of these are phishing attacks, which are essentially emails or websites disguised to look legitimate when their real purpose is to infect a computer or steal ones personal information. Also falling under this category is social engineering.
This is hacking without actually using a computer. Individual seeking to gain access to a network will attempt to gain the password from an administrator or IT personnel through deception.