A hacker is a person who attempts to gain unauthorised access to a network system. They are often young teenagers although they are usually fairly skilled programmers (people who write computer programs). Sometimes, the type of person who becomes a hacker is referred to as a 'geek' (an expert lacking in social skills), or as an 'anorak' (a slang term for an eccentric, socially inept person with little or no fashion sense and having an obsessive interest in a hobby or subject). Although 'geek' was originally a derogatory term it is now used in computing to mean a dedicated expert. Although it is illegal, people become hackers for different reasons including: making money, criminal purposes, or to expose political information. But often people hack (break into a computer system) just because it is an exciting challenge. Parents are often unaware that their children are hacking into computer systems although they usually receive very large telephone bills. Young hackers are often caught by boasting about their successes to their friends.
Since hacking (attempting to gain unauthorised access to a network system) is illegal, hackers want to keep their true identity secret but they often like to call themselves by special names such as 'the Analyser'. The Internet has made hacking more common and hackers are found throughout the world. They sometimes form hacking groups or teams that work together and exchange ideas. These groups also like to be known by names such as 'Hackers Unite'.
Hackers like to attack and penetrate computer systems belonging to large, important organisations such as the Pentagon's computer systems, computer systems belonging to US military bases and Hotmail, the free email service provided by the Microsoft Corporation. In fact, hackers compete with each other to be the first to hack into really powerful systems. Often, breaking into a system is done gradually, with the hacker gaining entry to a system then planting passwords in the system, allowing them to gain access to the system more easily in the future.
When a hacker gains access to a system they don't usually break into the system using the Internet and steal all the data on the system, as is often portrayed in the cinema. In fact, most hacks (break-ins) are done by company staff misusing the company network system. Hackers have been known to do a variety of things to computer systems, including:
a) Downloading files (copying files from a server computer) and leaking confidential information. Posting information is the term used for making information available to a large number of users in a newsgroup (an Internet discussion group that uses a restricted area on a server computer to display messages about a common interest) or on a bulletin board (an electronic noticeboard system that enables users to display messages for other users to read).
b) Exposing email (electronic mail) correspondence managed by well known email services, causing the service to be shut down while the exposed weakness in the system is repaired.
c) Programming email server computers to reroute email (send to a different email address than the one it was originally sent to).
d) Hijacking websites by redirecting the Web address (URL) to point to another website.
e) Defacing websites by changing the text and graphics on the webpages, sometimes leaving very rude messages on the system.
f) Blackmailing the owners of websites by threatening to damage their systems by doing something like releasing a virus (a program that can reproduce itself and is written with the purpose of causing damage or causing a computer to behave in an unusual way) onto their system, although such a threat often turns out to be nothing more than a hoax.
Sometimes, young hackers put their experience and knowledge to good use when they become older. Many former hackers have been hired by large companies as security experts. They are employed to test out the company systems by trying to hack into them to find any weaknesses in the systems. Cyberspace is the combination of all the data on all the computer networks throughout the world, accessed using the Internet. A person who uses their skills to make cyberspace safer is referred to as a 'white hat' hacker.
A computer system can be hacked (broken into) in various ways including:
a) guessing somebody's password (secret code used to control access to a network system)
b) finding a bug (a fault in a system) that allows certain passwords to access information they are not supposed to access
c) phoning a company, pretending to be a company employee and asking for a password. People tend to be too trusting.
Connecting to a computer network involves logging in (sometimes referred to as logging on) by typing a username or ID (identification username) and a password. Usernames that are often used on networks systems include 'guest', 'demo' and 'help'.
To avoid a computer system being hacked into, the people managing the system must work hard to keep ahead of the hackers. There are different ways of avoiding being hacked into including:
a) installing a firewall (a combination of hardware and software used to control the data going into and out of a network)
b) using a callback system (a system that automatically disconnects a telephone line after receiving a call and then dials the telephone number of the system that made the call, to reconnect the line. It is used in remote access systems to make sure that connections can only be made from permitted telephone numbers.)
c) having really secure passwords (secret codes used to control access to a network system) - don't use common names or dictionary words
d) auditing the system regularly (checking the system regularly using event logs to find failed access attempts).
Some people do not like to give out their credit card numbers on the Internet. Hackers have been known to get databases (applications programs used for storing information so that it can be easily searched and sorted) of credit card numbers by hacking computer systems. However, in the opinion of the ex-hacker in this unit, using your credit card on the Internet is no more dangerous than giving your credit card number on the telephone or throwing away a credit card receipt. There are various things you can do to avoid credit card theft on the Internet including:
a) using a separate credit card for Internet purchases
b) having a small credit limit on the credit card you use
c) buying a pre-paid charge card for small purchases.
In the future, smart cards (plastic cards containing a processor and memory chip that can be used to store large amounts of confidential data) will be used instead of credit cards. This will require smart card readers (devices used for reading smart cards) to be attached to computers.