What you need to know about how to protect yourself from hackers

What is a hacker?

“Hacker” is one of those terms that has a different meaning depending on who is using it. Thanks to Hollywood, most people think of a hacker as someone who gains illicit access to a computer and steals things or breaks into military networks and launches missiles for fun.

These days, a hacker doesn’t have to be a geek from a top university breaking into banks and government systems. A hacker can be anyone, even the guy next door.

With an ordinary laptop, anyone can download simple software from the Internet to see everything going in and out of a computer on the same network. And the people who do this don’t always have the best of intentions.

A brief history of hackers

Today, the word “hacker” has become synonymous with people who sit in dark rooms, anonymously terrorizing the Internet. But it was not always like this. The original hackers were benign creatures. In fact, they were students.

To anyone who attended the Massachusetts Institute of Technology during the 1950s and 1960s, the term “hacking” simply meant an elegant or inspired solution to any given problem. Many of MIT’s early tricks tended to be practical jokes. One of the most extravagant saw a replica of a campus police car perched on top of the Institute’s Great Dome.

Over time, the word became associated with the burgeoning computer programming scene at MIT and beyond. For these early pioneers, a hack was a feat of programming progress. Such activities were much admired as they combined expert knowledge with a creative flair.

Why does a hacker hack?

Hackers’ motivations vary. For some, it is cheap. They make a living through cybercrime. Some have a political or social agenda: their goal is to smash high-profile computers to make a statement. This type of hacker is called a cracker because their main goal is to break the security of high-profile systems.

Others do it out of sheer excitement. When asked by the website SafeMode.org why he defaces web servers, one cracker replied, “A high-profile defacement gives me a shot of adrenaline and then after a while I need another shot, so I can’t stop.” . [1]

These days, we’re dealing with a new kind of hacker: your next door neighbor. Every day, thousands of people download simple software tools that allow them to “sniff” Wi-Fi connections. Some do this just to eavesdrop on what others are doing online. Others do this to steal personal data in an attempt to steal an identity.

The most common attacks

1. Lateral Raise / Sniff

Sidejacking is a web attack method in which a hacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies are usually sent back to browsers unencrypted, even if the original website login was protected via HTTPS. Anyone listening in can steal these cookies and then use them to access your authenticated web session. This made headlines recently because a developer released a Firefox add-on called Firesheep that makes it easy for an intruder sitting near you on an open network (such as a public Wi-Fi hotspot) to intercept many sessions from popular websites. For example, an assistant using Firesheep could take control of your Facebook session, thereby gaining access to all of your sensitive data, and even send viral messages and wall posts to all of your friends.

2. DNS cache poisoning

In DNS cache poisoning, data is entered into the Domain Name System (DNS) name server cache database that did not originate from authoritative DNS sources. It is an unintended result of a misconfigured DNS cache or a malicious attack on the nameserver. A DNS cache poisoning attack effectively changes the entries in the victim’s copy of the DNS nameserver, so that when you type in a legitimate site name, you are sent to a fraudulent page.

3. Man-in-the-middle attacks

A man-in-the-middle attack, bucket brigade attack, or Janus attack, is a form of active espionage in which the attacker establishes independent connections with victims and transmits messages between them, leading them to believe that they are speaking directly to each other. another over a private connection, when in reality the entire conversation is being controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones. For example, an attacker within receiving range of an unencrypted Wi-Fi hotspot can insert himself as a man in the middle. Or an attacker can pose as an online bank or merchant, allowing victims to log in over an SSL connection, and then the attacker can log into the real server using the victim’s information and steal credit card numbers. credit.

4. hurt

Packet sniffers allow spies to passively intercept data sent between your laptop or smartphone and other systems, such as web servers on the Internet. This is the simplest and most basic type of wireless attack. Any email, web search, or file you transfer between computers or open from network locations on an unsecured wireless network can be captured by a nearby hacker using a sniffer. The tracking tools are freely available on the web and there are at least 184 videos on YouTube to show budding hackers how to use them. The only way to protect against Wi-Fi detection on most public Wi-Fi hotspots is to use a VPN to encrypt everything sent over the air.

5. Mass meshing

Also known as mass SQL injection, this is a method by which hackers poison websites by illegally embedding a redirect javascript from legitimate websites previously infected and controlled by the hackers. These javascripts redirect the visitor’s computer to servers that contain additional malware that can attack a user’s computer.

The most common goals

Hackers are interested in many types of computers on the Internet. The following list describes different types of targets and their attractiveness to hackers. [2]

1.Corporate Networks

Corporate computers are often heavily fortified, so hacking one carries great prestige. Behind corporate firewalls are repositories of customer information, product information, and sometimes, in the case of a software publisher, the product itself.

2. Web servers

Web servers are computers that host websites. While some contain customer financial information, web servers are often targeted by vandals because they can be defaced to display information the hacker chooses to the public.

3. Personal computers

With the increasing use of Wi-Fi, laptops are becoming one of the most hacked devices. Anything a person visits online can be exposed to someone using software to “sniff” that connection. Website URLs, passwords used to log into an online banking account, Facebook images, tweets, and an entire instant message conversation can all be exposed. It is the easiest way to hack as it requires little skill.

4. Palm Top Tablets and Devices

Tablets, cell phones, and other mobile devices are just as popular as laptops in Wi-Fi hotspots. A hacker at a public hotspot can see a mobile device, and all the data going in and out of it, just as easily as they can see a laptop.

How can you protect yourself?

The simple truth is that anyone who connects to the Internet is vulnerable to being hacked. Therefore, it is necessary to be proactive when it comes to protecting yourself from such attacks.

Tracking attacks are the most dangerous, as firewalls and antivirus software can’t help. Only a personal VPN can protect a person from a tracker. The potential victim, if connected to a personal VPN, has all their data routed through a secure server, making it impossible for the hacker to detect. A user who has a secure VPN can browse as if invisible to hackers. PRIVATE WiFi provides such VPN service.

Reference:

1. cs.utah.edu/~elb/folklore/afs-paper/node3.html

2.inform.com/articles/article.aspx?p=425380