What’s a Hacker?
“Hacker” is one of those terms that has a different meaning depending on who uses it. Thanks to Hollywood, most people think a hacker is a person who gains illicit access to a computer and steals stuff or breaks into military networks and launches missiles for fun.
These days, a become hacker doesn’t have to be a geek from a top university who breaks into banks and government systems. A hacker can be anyone, even the kid next door.
With an ordinary laptop, anyone can download simple software off the Internet to see everything that goes into and out of a computer on the same network. And the people who do this don’t always have the best of intentions.
A Brief History of Hackers
Nowadays, the word “hacker” has become synonymous with people who sit in dark rooms, anonymously terrorizing the Internet. But it was not always that way. The original hackers were benign creatures. In fact, they were students.
To anyone attending the Massachusetts Institute of Technology during the 1950s and 60s, the term “hack” simply meant an elegant or inspired solution to any given problem. Many of the early MIT hacks tended to be practical jokes. One of the most extravagant saw a replica of a campus police car put on top of the Institute’s Great Dome.
Over time, the word became associated with the burgeoning computer programming scene at MIT and beyond. For these early pioneers, a hack was a feat of programming prowess. Such activities were greatly admired as they combined expert knowledge with a creative instinct.
Why Does a Hacker Hack?
Hackers’ motivations vary. For some, it’s economic. They earn a living through cybercrime. Some have a political or social agenda – their aim is to vandalize high-profile computers to make a statement. This type of hacker is called a cracker as their main purpose is to crack the security of high profile systems.
Others do it for the sheer thrill. When asked by the website SafeMode.org why he defaces web servers, a cracker replied, “A high-profile deface gives me an adrenalin shot and then after a while I need another shot, that’s why I can’t stop.” [1]
These days, we are faced with a new type of hacker – your next door neighbor. Every day, thousands of people download simple software tools that allow them to “sniff” wifi connections. Some do this just to eavesdrop on what others are doing online. Others do this to steal personal data in an attempt steal an identity.
The Most Common Attacks
1. SideJacking / Sniffing
Sidejacking is a web attack method where a hacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies are generally sent back to browsers unencrypted, even if the original website log-in was protected via HTTPS. Anyone listening can steal these cookies and then use them access your authenticated web session. This recently made news because a programmer released a Firefox plug-in called Firesheep that makes it easy for an intruder sitting near you on an open network (like a public wifi hotspot) to sidejack many popular website sessions. For example, a sidejacker using Firesheep could take over your Facebook session, thereby gaining access to all of your sensitive data, and even send viral messages and wall posts to all of your friends.
2. DNS Cache Poisoning
In DNS cache poisoning, data is introduced into a Domain Name System (DNS) name server’s cache database that did not originate from authoritative DNS sources. It is an unintended result of a misconfiguration of a DNS cache or of a maliciously crafted attack on the name server. A DNS cache poisoning attack effectively changes entries in the victim’s copy of the DNS name server, so when he or she types in a legitimate site name, he or she is sent instead to a fraudulent page.