What is hacking? Is it always bad

Everything you always wanted to know about hackers

What is a hacker anyway?

In general, a hacker is a person who uses their technical or programming skills to overcome a problem and explore the limits of systems. First of all, it is not necessarily someone who commits criminal acts, but simply an experienced programmer who is very deeply into the computer and software culture and who approaches obstacles with a willingness to experiment.

The ethics of the hackers

There are 2 principles among programming artists: On the one hand, the belief that the exchange of information is a positive good. They therefore have an ethical duty to share their expertise. On the other hand, the conviction that hacking is ethically in itself as long as no breach of confidentiality is committed, which includes theft and vandalism. Both principles, while common, are interpreted differently. For some, the ethical duty to share information is realized, for example, by writing open source software. Others go further and claim that all information should flow freely and that any proprietary control over it is bad. As a result, there are those types who enter a system purely for fun and others who would only do so for good reason or with suspicion.

Not all hackers are created equal - the different types

Black hats

When you hear the word “hacker” think of a cyber criminal who uses their programming skills to break into corporate and private systems and steal or destroy data, you are probably thinking of a “black hat”. These are attackers who deliberately violate the integrity of a computer for various reasons. These reasons could be, for example, theft, fraud or corporate espionage in order to obtain a financial benefit. However, a “black hat” sometimes acts simply out of malice or with the will to damage the reputation of a company or an institution.

White hats

However, there are also hackers who break into a company's systems for other reasons. A “white hat” is a computer security professional or programmer who works with organizations or ethical hacking groups to find and fix vulnerabilities in IT security, rather than using their skills for criminal purposes. The word “hacktivism” and the “hacktivists” behind it are also of the kind who use technology to convey political, social, ideological or religious messages.

Gray hats

There are also “gray hats” whose goals are somewhere in between. Many of them are freelancers trying to make a profit by uncovering weaknesses in the security structure of an organization and offering not to publish them or even to fix them for a financial consideration.


Forms of hacks and hacking tools

In general, the range of hacking tools that cyber criminals can use is endless. However, the following tactics are among the most common:

Ransomware

In a ransomware attack, malware encrypts a server, a computer or the data on it. The attackers then demand a “ransom”, in German “ransom” in return for the data to be decrypted and made accessible again. One of the best-known examples of a wave of ransomware infections is the WannaCry attack from May 2017. An internal Telefonica server, which also includes O2 and EPlus, was infected with the ransomware, which encrypted all data on the infected computer. The attackers requested a bitcoin payment. It took a few days until Microsoft released a patch and a kill switch was discovered.

Distributed denial of service attack

In a distributed denial of service attack, hacking ensures that an Internet service is unavailable due to the targeted overloading of the data network. The attacker often uses so-called ‘botnets’, which consist of previously infected computers. These infected computers are then controlled by the attacker in order to flood Internet access, an operating system or a service such as a website with requests. The data network is then overloaded and requests can only be heard very slowly or not at all. Systems have been paralyzed for long periods of time.

espionage

Cyber ​​criminals gain access to the desired system via weak points in applications and operating systems and can thus gain access to internal company information and sensitive data. A wide variety of methods are used, such as phishing emails, malware and Trojans.

Trojans

Trojans are used to gain access to a user's systems. It is a type of malware that often masquerades as legitimate and known software so that it cannot be detected. The attacker can use Trojans to spy on, steal, delete, modify and block data.


How do hackers gain access to third-party data?

The attacker gains access to the system through one or more vulnerabilities. Various hacking methods were used for this in order to be able to access passwords and information. Some examples are:

Brute force attacks

In a brute force attack, passwords and combinations are simply tested out by sophisticated hacking software.

Phishing

Another option is phishing. E-mails are sent that lead to replicated fake websites, on which users then enter their access data such as their password because they think the website is legitimate.

Man-in-the-middle attacks

The attacker tries to switch between two devices that are communicating with each other and then intercepts the sent data.

You can find more methods and information on how hackers gain access to third-party data in our free webinar series “Hacking for Dummies”. Register here.

How to protect yourself against cyber attacks

With suitable protective measures and the right behavior, a cyber attack can be prevented. The following protective measures should at least be in place in order to improve IT security in a company and to avoid hacks.

Secure hardware

First of all, the physical IT security of the hardware used in the company is important. In any case, this should be password-protected and secured by a 2-factor authorization.

Regular updates and patches

Malware, virus and spam protection must always be up to date, because hacking and the threats created are constantly evolving. This often happens even faster than security solutions can keep up. It is therefore important to take updates and patches seriously and to apply them as soon as possible as soon as there are updates.

Secure passwords

A company should always have a strict password policy. Precisely because employees often choose simple passwords that they can easily remember, but which are also easy to guess or crack. Secure passwords contain a wide variety of unpredictable combinations of characters and a certain minimum number of characters, the longer the better. Employees should not be able to reuse old passwords and, in general, a password should be changed regularly, for example every three months.

Internet security

The Internet connection can be a major weak point, which can be prevented with simple measures. Operating systems and routers should receive regular security updates. The Internet connection can be encrypted using methods such as WPA and WPA2 so that third parties cannot see it. The router and WiFi password should also be changed regularly.

Encryption of data

Practical encryption tools are now available for operating systems to protect sensitive data such as customer data, bank details, business plans, etc. Blockchain, for example, can also be used for this. At least end-to-end encryption should be ensured for communication in the company for e-mail communication and communication on mobile devices.

Firewalls and anti-virus protection

There are numerous solutions on the market that can ward off cyberattacks and block malicious programs and viruses. When choosing the right software, you should look for trustworthy providers. The use of firewalls is also important to block suspicious activity on the Internet. This should also be available in the router itself in order to be able to prevent attacks on the entire network.

Early detection of phishing

Phishing emails are becoming more and more professional and look more and more similar to emails from reputable senders such as mail order companies, banks or even their own employees. Fraudsters try to get bank details, passwords, PIN, TAN or other information via phishing emails. In some cases they even try to impersonate employees or managers and encourage other employees to take action. Many phishing e-mails also contain threatening links or links to deceptively real fake websites that ask for sensitive data. It is important to deal with the topic and identify the signs of phishing early on. A suitable spam filter and attachment blocker can be helpful here.

You can find more information on phishing in our article "Recognizing Phishing Mails - More Security through Security Awareness"

Awareness

Implementing responsible security guidelines that everyone in the company must adhere to can avoid some ill-considered actions. Data breaches in particular often occur when stolen devices get into the hands of malicious attackers. For example, if an employee is not careful and loses his laptop. If you teach all employees how to handle devices, email attachments, updates, passwords, etc., the likelihood of reckless mistakes, which can become a serious weak point in a company, is lower.

You can find more information on the topic of security awareness in our article “7 tips to improve the security awareness of your employees”

Regular backups

In order to avoid a situation in which there is no longer any access to important data in the event of a cyber attack, it should be copied to another, secure storage location. Company data can, for example, be saved in the cloud so that they can always be accessed. It is particularly important that the cloud must also be protected by several levels of security. The backup should then be carried out at regular intervals so that the data in the second storage location is always updated.

Why are regular backups important? Find out in our blog article “Back-up - life insurance for company data and configurations”. Click here for the article

Contingency plan

A cyber attack can occur even with the strictest security concepts. If that happens, an emergency and response plan should be in place so that the attack can be responded to effectively and without panic.

Training courses and workshops on the topic

In the practice workshop Hacking Pro we will show you the current techniques, procedures and tools that hackers use to gain access to your systems. More information about the course Hacking Pro - Hacker Attacks and Vulnerabilities for System Administrators

We would be happy to show you the options in a personal interview / webinar. Contact us here.