When one thinks of the term “hacker”, normally what is though of is someone who is causing harm to computer users by exploiting flaws in computers and the lack of security measures built into computer systems. This might be true for some, but the truth is that the real hackers do not want to be thought of as criminals, they are only trying to better the security of company networks and the internet, thus making the world a better place. It would be difficult to change the way people think because there have been some widely publicized and costly hacks that have occurred over the years. Until individuals quit causing harm by way of computer viruses and hacks people will always associate the term “hacker” with computer criminals.
What is a hacker?
A “hacker” is someone who has the ability to manipulate the inner workings of computers, information, and technology. The meaning of “hacker” has been widely distorted by the media. The overwhelming usage in the 1990s of the term “hacker” describes people who break into computers using their overwhelming knowledge of computer systems. Likewise, the vast majority of websites with the word “hack” in their title refer to illegitimate entry into computer systems. The computer enthusiast community does not approve of this usage of the term “hacker”; they would rather have computer criminals be termed “crackers”.
Denial of Service Attacks - Denial of service attacks are designed to lock out legitimate users from web sites or networks. Hackers run programs that repeatedly request information from the victim's computer until that computer is unable to answer any other requests. Hackers can run programs of automated scripts that barrage the victim computer or network so that it becomes unusable by legitimate users, or even has to be shut down.
DNS Spoofing - A DNS spoof occurs when a hacker alters a DNS entry on a server to redirect the browser to an alternate site. If a consumer wanting to visit randomsite.com gets sent instead to evilcompany.com, then business can be stolen. A hacker can also create a fake site that pretends to be randomsite.com. In this way evilcompany.com might steal passwords, personal data or even credit cards from the consumer. Such hacks are not yet very common.
Packet Sniffer - A packet sniffer is software which allows a hacker, or network administrator, to "eavesdrop" by recording information on packets not addressed to his or her computer.
Social Engineering - Social engineering is a hacker term for deceiving or manipulating unwitting people into giving out information about a network or how to access it.
Trojan Horse Programs - Trojans horse programs are "back doors" into a computer system. A hacker may disguise a trojan as another program, video, or game, in order to trick a user into installing it on their system. Once a trojan is installed, a hacker could have access to all the files on a hard drive, a system's email, or even to create messages that pop up on the screen.
Web Page Defacements – If a hacker can gain access to the html files that contain the webpage information, they can change them to whatever they want. It can be compared to graffiti.
Worms and Viruses – These programs often have malicious intent, however, and they use viruses and worms to spread destructive programs among unwitting hosts.
Morris Worm - In 1988, a 23-year-old graduate student at Cornell University, Robert Morris, released the internet's first worm. The worm spread quicker than he anticipated and machines around the country were becoming almost impossible to use. He was eventually assigned 400 hours of community service and fined $10,000.
Citibank – During the years of 1994 and 1995 the first large scale money heist over the internet occurred. Russian hacker Vladimir Levin tricked the Citibank's computers into distributing an estimated $10 million to him and his accomplices in several countries. In February 1998 a U.S. judge sentenced Levin to three years in prison, and ordered him to pay Citibank $240,000.
Kevin Mitnick – In 1989 he is convicted of stealing software from Digital Equipment and codes for long-distance lines from MCI. He is the first person convicted under a new law against gaining access to an interstate computer network for criminal purposes. He serves a one-year prison term. He is arrested again in 1995 for stealing over 26000 credit card numbers and is sentenced to four years in prison. Many people believed that the government wanted to make a statement by putting the most “notorious hacker in the world” behind bars.
Omega Engineering Corp – In 2000 Timothy Lloyd was convicted of writing six line code "bomb" that obliterated Omega Engineering Corporation's design and production programs in 1996 when an working unknowingly executed Tim’s code. This was the first documented case of worker related computer sabotage. Omega lost $10 million dollars in sales from clients such as the U.S. Navy and NASA.
Melissa Virus – In 1999 David L. Smith created the Melissa Virus which took advantage of a hole in Microsoft Outlook. The traffic caused by the replication of the virus caused nearly $400 million dollars in damages. The virus was eventually traced back to Mr. Smith and in December 1999 he plead guilty to causing $80 million worth of damages, the most allowable by law. He was sentenced to four years in prison.
Denial of Service Attacks – In February 2000 many major websites such as Ebay and Amazon are attacked by a Denial of Service Attack. Damages for loss of business were estimated at $1.7 billion. A 16 year old juvenile known as mafiaboy was charged with 56 counts. He hacked U.S. universities to launch the DoS attacks.
ILOVEYOU worm – In May the ILOVEYOU worm struck and caused over $1 billion in damages to companies around the world.
Hackers are a group of people who want to better the world by helping the software industry realize that their software and networks have security issues. Hackers do not want to be known as people who break into computer systems and cause harm. This view that the media presents is not what computer enthusiasts wish to be portrayed as. There are many tools out there for people to use to cause harm to companies and people. There have also been many cases of attacks, but this represents the minority of “hackers”. The goal of “hackers” is to rid the world of bad code that is not secure and to help protect private information held by major companies.