In the
computer security context, a
security hacker is someone who seeks and
exploits weaknesses in a
computer system or
computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, challenge, enjoyment,
[1]
or to evaluate those weaknesses to assist in removing them. The
subculture that has evolved around hackers is often referred to as the
computer underground.
[2]
There is a longstanding
controversy about the term's true meaning. In this controversy, the term
hacker is reclaimed by
computer programmers who argue that it refers simply to someone with an advanced understanding of computers and computer networks,
[3] and that
cracker is the more appropriate term for those who break into computers, whether computer criminal (
black hats) or computer security expert (
white hats)
[4][5] - but a recent article concluded that:
"...the black-hat meaning still prevails among the general public".
History
In computer security, a hacker is someone who focuses on security
mechanisms of computer and network systems. While including those who
endeavor to strengthen such mechanisms, it is more often used by the
mass media
and popular culture to refer to those who seek access despite these
security measures. That is, the media portrays the 'hacker' as a
villain. Nevertheless, parts of the subculture see their aim in
correcting security problems and use the word in a positive sense. White
hat is the name given to ethical computer hackers, who utilize hacking
in a helpful way. White hats are becoming a necessary part of the
information security field.
[7]
They operate under a code, which acknowledges that breaking into other
people's computers is bad, but that discovering and exploiting security
mechanisms and breaking into computers is still an interesting activity
that can be done ethically and legally. Accordingly, the term bears
strong connotations that are favorable or pejorative, depending on the
context.
The subculture around such hackers is termed network hacker
subculture, hacker scene or computer underground. It initially developed
in the context of
phreaking during the 1960s and the microcomputer
BBS scene of the 1980s. It is implicated with
2600: The Hacker Quarterly and the
alt.2600 newsgroup.
In 1980, an article in the August issue of
Psychology Today (with commentary by
Philip Zimbardo)
used the term "hacker" in its title: "The Hacker Papers". It was an
excerpt from a Stanford Bulletin Board discussion on the addictive
nature of computer use. In the 1982 film
Tron, Kevin Flynn (
Jeff Bridges) describes his intentions to break into ENCOM's computer system, saying "I've been doing a little hacking here". CLU is the
software he uses for this. By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon,
[8] but there was no public awareness about such activities.
[9] However, the release of the film
WarGames that year, featuring a computer intrusion into
NORAD,
raised the public belief that computer security hackers (especially
teenagers) could be a threat to national security. This concern became
real when, in the same year, a gang of teenage hackers in
Milwaukee, Wisconsin, known as
The 414s, broke into computer systems throughout the
United States and
Canada, including those of
Los Alamos National Laboratory,
Sloan-Kettering Cancer Center and
Security Pacific Bank.
[10] The case quickly grew media attention,
[10][11] and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story in
Newsweek entitled "Beware: Hackers at play", with Patrick's photograph on the cover.
[12] The
Newsweek article appears to be the first use of the word
hacker by the mainstream media in the pejorative sense.
Pressured by media coverage, congressman
Dan Glickman called for an investigation and began work on new laws against computer hacking.
[13][14] Neal Patrick testified before the
U.S. House of Representatives
on September 26, 1983, about the dangers of computer hacking, and six
bills concerning computer crime were introduced in the House that year.
[14] As a result of these laws against computer criminality, white hat,
grey hat
and black hat hackers try to distinguish themselves from each other,
depending on the legality of their activities. These moral conflicts are
expressed in
The Mentor's "
The Hacker Manifesto", published 1986 in
Phrack.
Use of the term hacker meaning computer criminal was also advanced by the title "Stalking the Wily Hacker", an article by
Clifford Stoll in the May 1988 issue of the
Communications of the ACM. Later that year, the release by
Robert Tappan Morris, Jr. of the so-called
Morris worm provoked the popular media to spread this usage. The popularity of Stoll's book
The Cuckoo's Egg, published one year later, further entrenched the term in the public's consciousness.
Classifications
Several subgroups of the computer underground with different
attitudes use different terms to demarcate themselves from each other,
or try to exclude some specific group with whom they do not agree.
Eric S. Raymond, author of
The New Hacker's Dictionary,
advocates that members of the computer underground should be called
crackers. Yet, those people see themselves as hackers and even try to
include the views of Raymond in what they see as a wider hacker culture,
a view that Raymond has harshly rejected. Instead of a hacker/cracker
dichotomy, they emphasize a spectrum of different categories, such as
white hat,
grey hat,
black hat and
script kiddie. In contrast to Raymond, they usually reserve the term
cracker for more malicious activity.
According to Ralph D. Clifford, a
cracker or
cracking
is to "gain unauthorized access to a computer in order to commit another
crime such as destroying information contained in that system".
[15] These subgroups may also be defined by the legal status of their activities.
[16]
White hat
A
white hat hacker breaks security for non-malicious reasons, either to test their own security system, perform
penetration tests or
vulnerability assessments for a client - or while working for a security company which makes security software. The term is generally synonymous with
ethical hacker, and the EC-Council,
[17]
among others, have developed certifications, courseware, classes, and
online training covering the diverse arena of ethical hacking.
[16]
Black hat
A "black hat" hacker is a hacker who "violates computer security for
little reason beyond maliciousness or for personal gain" (Moore, 2005).
[18] The term was coined by
Richard Stallman, to contrast the maliciousness of a criminal hacker versus the spirit of playfulness and exploration in
hacker culture, or the ethos of the
white hat hacker who performs hacking duties to identify places to repair or as a means of legitimate employment.
[19]
Black hat hackers form the stereotypical, illegal hacking groups often
portrayed in popular culture, and are "the epitome of all that the
public fears in a computer criminal".
[20]
Grey hat
A grey hat hacker lies between a black hat and a white hat hacker. A
grey hat hacker may surf the Internet and hack into a computer system
for the sole purpose of notifying the administrator that their system
has a security defect, for example. They may then offer to correct the
defect for a fee.
[20]
Grey hat hackers sometimes find the defect of a system and publish the
facts to the world instead of a group of people. Even though grey hat
hackers may not necessarily perform hacking for their personal gain,
unauthorized access to a system can be considered illegal and unethical.
Elite hacker
Script kiddie
A
script kiddie (also known as a
skid or
skiddie)
is an unskilled hacker who breaks into computer systems by using
automated tools written by others (usually by other black hat hackers),
hence the term script (i.e. a prearranged plan or set of activities)
kiddie (i.e. kid, child—an individual lacking knowledge and experience,
immature),
[22] usually with little understanding of the underlying concept.
Neophyte
A neophyte ("
newbie",
or "noob") is someone who is new to hacking or phreaking and has almost
no knowledge or experience of the workings of technology and hacking.
[20]
Blue hat
A
blue hat
hacker is someone outside computer security consulting firms who is
used to bug-test a system prior to its launch, looking for exploits so
they can be closed.
Microsoft also uses the term
BlueHat to represent a series of security briefing events.
[23][24][25]
Hacktivist
A hacktivist is a hacker who utilizes technology to publicize a social, ideological, religious or political message.
Nation state
Organized criminal gangs
Groups of hackers that carry out organized criminal activities for profit.
[26]
Attacks
This article is part of a series on |
Computer security |
|
Related security categories |
|
Threats |
|
Defenses |
|
|
A typical approach in an attack on Internet-connected system is:
- Network enumeration: Discovering information about the intended target.
- Vulnerability analysis: Identifying potential ways of attack.
- Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.[27]
In order to do so, there are several recurring tools of the trade and
techniques used by computer criminals and security experts.
Security exploits
Techniques
- Vulnerability scanner
- A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners.
These check to see which ports on a specified computer are "open" or
available to access the computer, and sometimes will detect what program
or service is listening on that port, and its version number. (Firewalls defend computers from intruders by limiting access to ports and machines, but they can still be circumvented.)
- Finding vulnerabilities
- Hackers may also attempt to find vulnerabilities manually. A common
approach is to search for possible vulnerabilities in the code of the
computer system then test them, sometimes reverse engineering the software if the code is not provided.
- Brute-force attack
- Password guessing. This method is very fast when used to check all
short passwords, but for longer passwords other methods such as the
dictionary attack are used, because of the time a brute-force search
takes.
- Password cracking
- Password cracking
is the process of recovering passwords from data that has been stored
in or transmitted by a computer system. Common approaches include
repeatedly trying guesses for the password, trying the most common
passwords by hand, and repeatedly trying passwords from a "dictionary",
or a text file with many passwords.
- Packet analyzer
- A packet analyzer ("packet sniffer") is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.
- Spoofing attack (phishing)
- A spoofing attack
involves one program, system or website that successfully masquerades
as another by falsifying data and is thereby treated as a trusted system
by a user or another program — usually to fool programs, systems or
users into revealing confidential information, such as user names and
passwords.
- Rootkit
- A rootkit
is a program that uses low-level, hard-to-detect methods to subvert
control of an operating system from its legitimate operators. Rootkits
usually obscure their installation and attempt to prevent their removal
through a subversion of standard system security. They may include
replacements for system binaries, making it virtually impossible for
them to be detected by checking process tables.
- Social engineering
- In the second stage of the targeting process, hackers often use Social engineering
tactics to get enough information to access the network. They may
contact the system administrator and pose as a user who cannot get
access to his or her system. This technique is portrayed in the 1995
film Hackers, when protagonist Dade "Zero Cool" Murphy calls a
somewhat clueless employee in charge of security at a television
network. Posing as an accountant working for the same company, Dade
tricks the employee into giving him the phone number of a modem so he
can gain access to the company's computer system.
- Hackers who use this technique must have cool personalities, and be
familiar with their target's security practices, in order to trick the
system administrator into giving them information. In some cases, a
help-desk employee with limited security experience will answer the
phone and be relatively easy to trick. Another approach is for the
hacker to pose as an angry supervisor, and when his/her authority is
questioned, threaten to fire the help-desk worker. Social engineering is
very effective, because users are the most vulnerable part of an
organization. No security devices or programs can keep an organization
safe if an employee reveals a password to an unauthorized person.
- Social engineering can be broken down into four sub-groups:
- Intimidation As in the "angry supervisor" technique
above, the hacker convinces the person who answers the phone that their
job is in danger unless they help them. At this point, many people
accept that the hacker is a supervisor and give them the information
they seek.
- Helpfulness The opposite of intimidation, helpfulness
exploits many people's natural instinct to help others solve problems.
Rather than acting angry, the hacker acts distressed and concerned. The
help desk is the most vulnerable to this type of social engineering, as
(a.) its general purpose is to help people; and (b.) it usually has the
authority to change or reset passwords, which is exactly what the hacker
wants.
- Name-dropping The hacker uses names of authorized
users to convince the person who answers the phone that the hacker is a
legitimate user him or herself. Some of these names, such as those of
webpage owners or company officers, can easily be obtained online.
Hackers have also been known to obtain names by examining discarded
documents (so-called "dumpster diving").
- Technical Using technology is also a way to get
information. A hacker can send a fax or email to a legitimate user,
seeking a response that contains vital information. The hacker may claim
that he or she is involved in law enforcement and needs certain data
for an investigation, or for record-keeping purposes.
- Trojan horses
- A Trojan horse is a program that seems to be doing one thing but is actually doing another. It can be used to set up a back door in a computer system, enabling the intruder to gain access later. (The name refers to the horse from the Trojan War, with the conceptually similar function of deceiving defenders into bringing an intruder into a protected area.)
- Computer virus
- A virus
is a self-replicating program that spreads by inserting copies of
itself into other executable code or documents. By doing this, it
behaves similarly to a biological virus,
which spreads by inserting itself into living cells. While some viruses
are harmless or mere hoaxes, most are considered malicious.
- Computer worm
- Like a virus, a worm
is also a self-replicating program. It differs from a virus in that
(a.) it propagates through computer networks without user intervention;
and (b.) does not need to attach itself to an existing program.
Nonetheless, many people use the terms "virus" and "worm"
interchangeably to describe any self-propagating program.
- Keystroke logging
- A keylogger
is a tool designed to record ("log") every keystroke on an affected
machine for later retrieval, usually to allow the user of this tool to
gain access to confidential information typed on the affected machine.
Some keyloggers use virus-, trojan-, and rootkit-like methods to conceal
themselves. However, some of them are used for legitimate purposes,
even to enhance computer security. For example, a business may maintain a
keylogger on a computer used at a point of sale to detect evidence of employee fraud.
Tools and Procedures
- A thorough examination of hacker tools and procedures may be found in Cengage Learning's E|CSA certification workbook.[29]
Notable intruders and criminal hackers
Notable security hackers
- Andrew Auernheimer, sentenced to 3 years in prison, is a grey hat hacker whose security group Goatse Security exposed a flaw in AT&T's iPad security.
- Dan Kaminsky is a DNS
expert who exposed multiple flaws in the protocol and investigated
Sony's rootkit security issues in 2005. He has spoken in front of the
United States Senate on technology issues.
- Ed Cummings (also known as Bernie S) is a longstanding writer for 2600: The Hacker Quarterly.
In 1995, he was arrested and charged with possession of technology that
could be used for fraudulent purposes, and set legal precedents after
being denied both a bail hearing and a speedy trial.
- Eric Corley (also known as Emmanuel Goldstein) is the longstanding publisher of 2600: The Hacker Quarterly. He is also the founder of the Hackers on Planet Earth (HOPE) conferences. He has been part of the hacker community since the late 1970s.
- Gary McKinnon is a Scottish hacker who was facing extradition to the United States to face criminal charges. Many people in the UK called on the authorities to be lenient with McKinnon, who suffers from Asperger syndrome. The extradition has now been dropped.[30]
- Gordon Lyon, known by the handle Fyodor, authored the Nmap Security Scanner as well as many network security books and web sites. He is a founding member of the Honeynet Project and Vice President of Computer Professionals for Social Responsibility.
- Guccifer 2.0, who claimed that he hacked into the Democratic National Committee (DNC) computer network
- Jacob Appelbaum is an advocate, security researcher, and developer for the Tor
project. He speaks internationally for usage of Tor by human rights
groups and others concerned about Internet anonymity and censorship.
- Kevin Mitnick is a computer security consultant and author, formerly the most wanted computer criminal in United States history.[31]
- Len Sassaman was a Belgian computer programmer and technologist who was also a privacy advocate.
- Meredith L. Patterson is a well-known technologist and biohacker who has presented research with Dan Kaminsky and Len Sassaman at many international security and hacker conferences.
- Michał Zalewski (lcamtuf) is a prominent security researcher.
- Rafael Núñez, a.k.a. RaFa, was a notorious hacker who was sought by the Federal Bureau of Investigation in 2001. He has since become a respected computer security consultant and an advocate of children's online safety.
- Solar Designer is the pseudonym of the founder of the Openwall Project.
Customs
The computer underground
[1] has produced its own specialized slang, such as
1337speak.
Its members often advocate freedom of information, strongly opposing
the principles of copyright, as well as the rights of free speech and
privacy.
[citation needed] Writing software and performing other activities to support these views is referred to as
hacktivism. Some consider illegal cracking ethically justified for these goals; a common form is
website defacement. The computer underground is frequently compared to the Wild West.
[32] It is common for hackers to use aliases to conceal their identities.
Hacker groups and conventions
The computer underground is supported by regular real-world gatherings called
hacker conventions or "hacker cons". These events include
SummerCon (Summer),
DEF CON,
HoHoCon (Christmas),
ShmooCon (February),
BlackHat,
Chaos Communication Congress, AthCon, Hacker Halted, and HOPE.
[citation needed]
Local Hackfest groups organize and compete to develop their skills to
send a team to a prominent convention to compete in group pentesting,
exploit and forensics on a larger scale. Hacker groups became popular in
the early 1980s, providing access to hacking information and resources
and a place to learn from other members. Computer
bulletin board systems
(BBSs), such as the Utopias, provided platforms for information-sharing
via dial-up modem. Hackers could also gain credibility by being
affiliated with elite groups.
[33]