By Andrew Winokur Myth: Hackers are evil people who want to do nothing more than destroy computers Fact: The term “hacker” is a vague term, that can represent many different ideas 1960’s People used huge mainframe computers hosted by university facilities; originally used to push programs beyond their design (e.g. MIT hacking electrical trains to allow them to perform faster First Bulletin Board System (BBS) was created where large corporations, universities, and governments could connect to. Nicknamed MAC for MultipleAccess Computers John McCarthy hacked/crashed the MAC system, which created a following 1960’s • Even corporations would hack the Bulletin Board System, committing industrial espionage • The administrators of the MAC would encourage this behavior • This sense of freedom to do whatever one wanted augmented with the seemingly endless challenges of finding new ways to break something started the hacker culture 1970’s Different type of hacker emerged called phone hackers or “phreakers” (combination of the words “phone” and “hackers”) Phreaking started by a blind child named Joe Engressia By whistling a certain pitch on a phone, he realized he could turn any recorded message off (due to telephonic systems back then using a multifrequency system which relied on certain pitches to function) By whistling the right tones at the right time, Joe Engressia could place free calls anywhere in the world 1970’s Later on, a man named John Draper found a whistle in a Captain Crunch cereal box which could reproduce the exact pitch (2600 kHz) needed to place a free call John Draper appropriately nicknames himself Captain Crunch, and call other phreakers in the world about his discovery, inspired invention of phreaking boxes The Blue Box was made by phreakers to emulate any multifrequency pitch Joe Engressia and Draper were later arrested, but the publicity from this made phreaking even more popular 1980’s Around this era, the amount of practicing hackers increased exponentially due to two reasons: • Personal Computers finally being made available to the public at a reasonable price • Movies such as Wargames both glorifying hacking and making it look easy Hacking groups began to form such as the 414s (accused of 60 computer break-ins), Legion of Doom, and Germany’s Chaos Computer Club 2600: Hacker Quarterly is released 1980’s Government begins taking precautions against cybercrime, formed Comprehensive Crime Control Act (gives Secret Service jurisdiction over credit card and computer fraud) Government also created the Computer Fraud & Abuse Act (declared it a crime to break into computer systems) Government formed the Computer Emergency Response Team (CERT) in 1987, which handles computer security incidents 1990’s and beyond… The 1990s and beyond have been full of both big an small hacker attacks. These attacks have ranged from breaking into and defacing Web sites to attacking the United States Department of Defense’s computers 250,000 times Hacking was still being glorified in this period with the 1995 film Hackers , although many hackers did not seem to approve of this movie http://web.archive.org/web/20000818142725/www.mgm.com/hackers/ Script Kiddies become rampant on the Internet, giving hackers a bad reputation In the hacking hierarchy, a Script Kiddie is often seen as the lowest position in the totem pole as far as respect and skill is concerned A Script Kiddie is usually a juvenile who run scripts or programs developed by others to attack computer systems and networks A Script Kiddie is always considered malicious and often defaces or “tags” websites much like a graffiti artist tags a train or a wall. Script Kiddies are also known to use viruses, worms, backdoors, and trojan horses One of the most popular programs that Script Kiddies use is Sub7, a backdoor program A backdoor allows one to bypass normal authentication and allow access into the system from the outside Sub7 allows one to do things such as keylogging, changing system settings, loading obscene websites, webcam capturing, and many other things Due to Script Kiddies’ acts, much of the world’s population assimilates them into the category of a hacker. This has brought on an ill reputation towards hackers and has unfortunately become the stereotype of what a hacker is. Black Hat hackers became the most publicized kind of hacker Unlike a Script Kiddie, hackers are experts in breaking into computer systems and often create their own tools or scripts Along with website vandalism, Black Hat hackers also use technology for credit card fraud, identity theft, and intellectual property theft White Hat hackers, on the other hand, are the “ethical” hacker who focuses on securing and protecting IT systems Many White Hat hackers are often hired by companies to test the integrity of their systems Grey Hat hackers are those who follow an ambiguous guideline and fall between being destructive or not. Jonathan James, who became the first juvenile to be sent to prison for hacking James installed a backdoor into a Defense Threat Reduction Agency server, which allowed James to view confidential emails and capture employee usernames and passwords James also cracked into NASA computers, stealing software worth about $1.7 million. James was charged only with spending six months under house arrest with probation Kevin Mitnick is another famous hacker who was so famous that he had two movies made after him: Freedom Downtime and Takedown Mitnick was convicted for breaking into the Digital Equipment Corporation’s computer network and stealing software Tim Berners-Lee, created the World Web Consortium and senior consultant at MIT. Was caught for hacking mischief at Oxford University Richard Stallman is another White Hat hacker who eventually would go on to create The GNU Project, a free operating system Stallman worked at MIT’s Artificial Intelligence Labs and was notorious for removing computer access restrictions. Whenever a password system was installed, Stallman would hack it, remove the passwords, and send a message to everyone on the system saying that the system has been removed. A cryptographic attack is a way of getting around a system by trying to decrypt data without prior access to a key. • Brute Force Attack Systematically attempt to crack a password using every possible key. Depending on the length of the password, this can take from as little as a few hours to year length spans • Dictionary Attack Using a text file full of dictionary words being loaded into a cracking application such as L0phtCrack DoS attacks attempts to deny legitimate access to one’s computer DoS attacks do not retrieve or alter data and are broken down into two types, but rather shut down company servers Denial of Service attacks can be broken down into one of two categories: • Denial of Service by saturation consists of flooding or “saturating” a machine with requests so it can no longer respond to actual requests • Denial of Service by vulnerability exploitation involves exploiting a flaw in the remote system, making it unusable Ping of death Fragment LAND SYN attacks attacks attacks Ping of Death is one of the oldest network attacks. So old that no recent systems are vulnerable to it anymore The Ping of Death involves creating a data packet whose total size exceeds the maximum authorized size (65,536 bytes) When the packet is sent to a system with a vulnerable TCP/IP stack, it will cause the system to trash The fragment attack exploits the fragmentation principle of the IP protocol • The IP fragments large packets of data into several IP packets, each with their own identification number and sequence number • The recipient reassembles the smaller data packets back into the large packet based on the offset values they contain Fragment attacks involve inserting false offset information into fragmented packets causes a system to crash due to empty or overlapping fragments Most recent systems aren’t vulnerable to this attack An old DoS attack dating back to 1997, which sends a packet with the same IP address and port number in both the source and destination fields of IP packets The name of this attack originates from the name given to the first distributed source code that made it possible to implement this attack, “land.c” A DoS attack which relies on network saturation A SYN flood involves sending multiple SYN requests by using a host with a nonexistent or falsified IP address to the victim, who tries to respond back to the IP address, waiting for confirmation that never arrives The victim’s connection table eventually fills up waiting for replies and any new connections are ignored Although newer Operating Systems manage resources better, they are still vulnerable to this type of DoS attack A SYN flood is unique from other DoS attacks in that it can be a gateway to other attacks such as disabling one side of a connection in TCP hijacking or by preventing authentication between servers Other Hacking Techniques Because many DoS attacks have been prevented through TCP/IP protocol fixes, hackers have turned to exploiting the application layer instead, specifically targeting web applications Some of these attacks consist of: URL manipulation Cross-site scripting SQL command injection URL Manipulation A URL can usually be split up into five distinct parts: protocol, password, server name, port, and path By changing any of these parts, it is possible to access data you normally wouldn’t have known about http://www.wiu.edu/users/yk106/CS484.html It is often up to White Hat hackers to provide countermeasures against such vulnerabilities Cross-site Scripting Cross-site scripting target websites that dynamically display user content without checking and encoding the information entered by users XSS works by inserting malicious code into a website under the guise of a trustworthy source. When the user clicks on the link, it allows hackers to recover data exchanged between the user and the website the user is interacting with Example: Hackers coding a display form to fool a user and get him or her to enter authentication information It is usually up to the White Hat hacker or web page designer to make a website secure from XSS. This is done by verifying the format data entered by users and encoding displayed user data by replacing special characters with their HTML equivalents SQL Injections SQL Injections are attacks against websites that use relational databases such as MySQL, Oracle, DB2, etc If the web page designer does not verify parameters passed in an SQL query, a hacker could easily gain access to and modify anything he or she wants in the database By inserting certain characters in an SQL query, it is possible to either link together several SQL queries or simply ignore the rest of a query Again, it is up to the designer to provide countermeasures. Some things that they can do to prevent such attacks are to avoid accounts without passwords, keeping the privileges of used accounts to a minimum, and verify the format of input data and presence of special characters. SQL Injections Continued Example: ORIGINAL: INSERT INTO employee (fname) VALUES('Michael'); INJECTION: Michael');DROP TABLE employee; TURNS INTO: INSERT INTO employee (fname) VALUES('Michael');DROP TABLE employee;'); CONCLUSION Throughout the history of computer development, hackers have always been at the forefront of what is possible and have always tried to push what is thought to be impossible With each new technological development comes a wave of hackers ready to push the envelope. The general opinion of hackers gets a bad rap in light of the media exposure to Black Hat hackers. As a result, the term “hacker” receives scorn from the general public and is often used in conjunction with other words like “virus” and “malware”. As a result, the term “hacker” becomes a general label for all the things bad that come from our computers. This must be corrected. If it were not for our real hackers, many of our current technological developments would have yet to be developed and those technologies that we take for granted would simply not exist. -THE END-