Contents
Copyright 2021.DR. Sandra William Ph.d
All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical methods, without the prior written permission of the publisher, except in the case of brief quotations embodied in critical reviews and certain other noncommercial uses permitted by copyright law.
GUIDE TO COMPUTER HACKING
INTRODUCTION
Hkng often rfr t the unuthrzd ntrun nt a ntwrk or mutr, nrmll rrd out b n or more hkr. However, a hkr n be anyone nd thr tvt d nt hv to b mlu r unauthorized t unt as hkng. Hkng n mean ung skills t hv a goal n a clever w.
Th can be n ndvdul lk u r me. They can wrk l or b mld b n organization fr good r fr ll. Often, th lk to ltr urt tm to hv thr goal. Thr r mn rgnztn tht hr hkr as a rt f thr staff. These hkr u thr skills t fnd vulnrblt in th rgnztn security. Th dn to find nd fix the wkn and prevent malicious hackers from brkng nt the urt tm.
T of Hkr Wht, blk, nd gr refer t th rltnh between th hkr nd th tm they r ttkng.
Blk Hat Hkr
Th trm black ht rgntd from Wtrn mv, whr th bad guys wore blk ht nd th gd guys wore wht ht. A black-hat hacker is n ndvdul who attempts t gain unuthrzd ntr into a tm r ntwrk t exploit thm fr mlu reasons.
Th blk-ht hacker d not hv n rmn r authority to compromise thr trgt. Th tr to inflict dmg b compromising security systems, ltrng functions f wbt nd networks, r huttng dwn tm.
Th ftn do to tl r gain t wrd, financial nfrmtn, nd other personal dt.
Wht Ht Hkr
Wht-ht hkr, on th thr hand, are dmd t be th gd gu, wrkng wth rgnztn to strengthen th security f a system.
A wht hat h permission t ngg the targets and t mrm thm wthn the rrbd rules of engagement. White-hat hkr r often rfrrd to thl hkr. This ndvdul specializes in thl hkng tools, thnu, nd mthdlg t secure an rgnztn nfrmtn tm. Unlk blk-ht hkr, thl hackers exploit security ntwrk and lk fr bkdr whn th are lgll rmttd t do so. Wht-ht hkr lw dl vr vulnerability they fnd n th mn urt tm that t can b fxd bfr th r being exploited by mlu actors. Frtun 50 mn lk Fbk, Mrft, nd Ggl also use white-hat hackers.
'Grey Ht
Hackers Grey hats xlt ntwrk nd mutr tm n th w tht blk ht do, but d wthut n mlu intent, dlng ll loopholes and vulnerabilities to lw enforcement gn r ntllgn agencies.
Uull, gr-ht hkr urf the nt and hk nt mutr tm t ntf th dmntrtr or the owner tht thr tm/ntwrk ntn n r mr vulnerabilities tht mut b fxd mmdtl. Grey ht m l extort th hacked, ffrng to rrt th defect fr a nmnl f.
Mt Popular Hacking Technique
Sl Engineering Social ngnrng a common trm cybersecurity rfnl use t tlk about th many ways we are ll vulnrbl to dt theft. The trm l ngnrng uull mn th process of tkng dvntg f the humn ntnt t hl mn in nd t rv the ur f th rmnl. The problem f l ngnrng h been vlvng fr mn r but td t is th mn source f br ttk nd br trrrm. Malware ntlld v a thnl flaw unt for nl 3% of instances whr social ngnrd attacks munt t a massive 97%.
Th hkng ttrn h hngd from trgtng f ftwr r hrdwr to more fud n humn vulnrblt.
Dffrnt Types of Sl Engineering Attacks
Phhng
91% of data brh m n the form of hhng, mkng t th mt xltd frm f social ngnrng. Phhng a t f brrm in which ml r nt t th target in rdr t lure individuals t rvd rnl nfrmtn, banking and rdt rd dtl, ml or l media unt wrd, r thr confidential nfrmtn.
Phhng m ftn demonstrate th following characteristics:
Trng t btn rnl nfrmtn, wrd, or other bnk rltd details. Sending hrtnd lnk that will rdrt t mrmd wbt tht can trk ur dtl
. Incorporating a sense f urgn, thrt, r fr to mnult th victim t rt before thnkng.
A rft example f th t f a l ngnrd ttk th phishing m tht urrd a mnth ftr Tx D in 2018 in the US when criminals nt mldng ml kng for tax return dtl. Th w done t obtain t unt nd u th information to fl frudulnt tx rturn.
Imrntn
Cybercriminals ftn lk fr th wkt lnk t mrm a tm, nd that wkt lnk is often th humn. Imrntn requires a lt f ffrt t undrtnd the target nd plan th ttk, hn, th the least common frm f l ngnrng. Sm mmn rl tht n mrntr mght tk n t mlmnt the ttk are n IT xutv, a mngr, n udtr, or a fllw ml.
Uull, mrntn ttk focus n rl wth uthrt because whn people receive a rut asking t share information from uthrttv persons, they wll t immediately without vrfng th tru dntt f the sender.
Even thugh impersonation not as mmnl rfrmd whn compared t thr l ngnrng forms f ttk, th attacks hv risen b nrl 400% in 2017.
Vishing
V phishing, or vishing, grwng rapidly a form f l ngnrng.
Vishing ttk r whr n ttkr wll ll nt the trgt organization nd attempt t gain information nd rdntl vr th hn. Another vishing m is whr th ttkr ttmt t gt th rn on the thr end of th hn t perform m action n thr PC.
Th actions nlud runnng dkt scripts nd vwng infected wbt. Th ttk are dffult to mntr nd tr and unfrtuntl, ml wrkng in HR drtmnt, customer rv, l, nd marketing, t. r hghl vulnerable t these attacks. Frm 2012 to 2016, a group f cyber rmnl ran a massive IRS vhng scam.
During th fur years, mr than 15,000 vtm in the Untd Stt lt hundrd of mlln f dllr t th sophisticated scam, nd mr than 50,000 individuals hd thr rnl information mrmd.
Smishing
Smishing a rtmntu f SMS hhng whh is mlr t phishing but is performed thrugh txt mg. Smishing criminals normally nd messages t ntt numbr tht th btn thrugh vru blk-ht techniques lk web-crawling, dt brh, or random numbr generators.
Th mg nt b mmr use different thnu t gt you t hr the nfrmtn th r ftr. Th m rm coupons or dunt n drbl rdut r they m pose your bnk looking t vrf ur unt dtl. Yu m also rv txt frm uu numbers like 5000 r thr numbr lnkd to email-to-text rv whh uld be automated.
As rrtd b NBC Nghtl News, a smishing scam was attempted b kng vtm t tvt thr new rdt rd b ntrng rvt nfrmtn over th hn. In nthr mhng m, users were nfrmd tht thr nln unt wr xrng nd tht th wr rurd t rnw thr account by ntrng thr wrd n a fk wbt.
Common Hacking Tl
T mlh a rft hack, hkr mlmnt a wide vrt of techniques uh : Rtkt A rtkt is a rgrm or t of software tools tht llw thrt tr to gain rmt access to ntrl a mutr tm tht ntrt r nnt with the ntrnt.
Orgnll, a rootkit was dvld t open a bkdr n a tm to fx f ftwr issues. Unfrtuntl, th rgrm nw ud b hkr t dtblz th ntrl f an operating tm from t lgtmt operator r ur.
There r dffrnt w t ntll rtkt n a vtm tm, th most fmu f thm bng l ngnrng nd hhng attacks.
Once rootkits r installed n th tm, it rtl llw the hkr t access and control th system, giving thm the rtunt t bring th system dwn r tl crucial dt.
Klggr
Th a ll designed tl tht lg or rrd vr key rd on a tm. Keyloggers rrd vr ktrk b lngng to th API (ltn programming interface) when typed through the mutr kbrd.
Th rrdd file thn gt vd, whh includes data like urnm, wbt vt details, screenshots, nd ltn, t.
Klggr n tur credit card numbers, rnl mg, mobile numbers, passwords, and thr dtl lng they r td.
Nrmll, klggr arrive mlwr that llw brrmnl to steal ntv dt. Vulnrblt Scanners A vulnerability nnr lf nd dtt vru tm weaknesses n ntwrk, mutr, mmuntn tm, t. Th one of the mt mmn practices ud b thl hkr t fnd tntl lhl and fx them on an mmdt b.
On the thr hnd, vulnrblt nnr can l b ud by blk-ht hackers to check th system fr potential wk t in rdr t xlt the tm. 5. Pulr Sftwr Ud B Hkr nd Crmnl Art frm ung different ttk thnu to rk nd steal wrd from users nd rgnztn, cybercriminals tend t u wrd hacking nd decrypting ftwr.
Hr are m popular ones:
Jhn The Rr (JTR) This software dgnd t rk n m of the most complicated passwords, it can rk passwords ffln. JTR takes different txt trng ml, mmnl referred t as wrdlt, tht contain complex and popular words fund n th dictionary r rl wrd whh wr cracked bfr.
