Hacking and Hacking Defense

13

Hackingand Hacking Defense

Tableof Contents

Title 1

I. Introduction 3

II. Background Information 3

III. Methods used by Hackers 4

A.Password Cracking 4

B. Exploiting known security weaknesses 6

C.Network Spoofing 7

D. Social Engineering 8

III. Counter-Hacking Measures 8

VI. Conclusion 11

Reference List 13

Hackingis the process of gaining entry or access into a secure computersystem, secured network or an information system. The current cultureof hacking is motivated by a number of reasons that differ based onthe type of organization being hacked. However, the main reasons ofhackers gaining access to secured systems are for financial gain,pass targeted messages, disrupt operations or just illustrate theirprowess. By exploring the hacking menace, this paper will examine theways used by hackers to access secured systems and their successrate. Moreover, this paper will explore the systems and defensemethods that are being employed to defend organizations from hacking.

Backgroundinformation

.In the recent decades, hacking has been a common computer crime beingreported in the media as hackers enforce their skills and intentions.According to Perloth (2013) of the New York Times, the 2013 year hadover 621 cases of reported hacking and over 47,000 cases of securitybreaches. Perloth (2013) argues that most of the cases of hacking areeither never reported or never noticed by the victims. While most ofthe companies are hacked for financial gain, there are some who arehacking as a technical exercise of the hackers. According to Perloth(2013), 13% of the 2013 hacking cases reported in the United Stateswere perpetrated for financial gains.

Thetarget for hacking is any organization that has a computer system ora secure information or network system. The type or industriestargeted by hackers are diverse and not just one particular sector.According to Perloth (2013) the 2013 statistics revealed that 20% ofthe reported U.S hacking cases targeted firms in transportation,manufacturing and utility industries. At the same time, 20% of thehacked organizations in the same year were qualified and verifiedcomputer service expert companies. This means that all firms with ITsystems are vulnerable. This vulnerability shows the importance ofunderstanding the methods used by hackers to gain access to otherwisesecure systems.

Methodsused by Hackers

Passwordcracking

Passwordcracking is one of the most used methods used by hackers to illegallygain access to a secured system. The method allows hackers tosurreptitiously&nbspgainaccess to a system using the account of a verified user. Tiptonet al (2014) argues that passwordcracking is the process of determining the password code from a datatransmission system or from a stored location through guessing orrecovering. According to Vacca(2010), password cracking isapplied to recover a forgotten password or to get password forunauthorized access. Through this method, the hacker takes theidentity of a verified user by using his account. Therefore, thehacker cracks the password and other security details to access thesecured system.

Hackersnormally create algorithms and programs used to cracking passwords ofdifferent systems. According to Beaver (2010), hackers use thesealgorithms to create tools that can crack a system password in lesstime than before, so as to increase the rate of success. Mostly,hackers use the passwords tools to try every possible combination toget the final access code that logs them in through an unauthorizedaccess. According of Kostopoulos (2012), hackers use several typesof password cracking tools that either have a dictionary of passwordsor generate a series of passwords or accessing a secured system. Someof the tools used include Britus, Rainbow Crack tool, Wfuzzapplication, Cain and Abel, John and Ripper and THC Hydra.

Exploitingknown security weaknesses

Hackersuse this method of exploiting the most common weaknesses of aninformation system. According to Tiptonet al (2014), the two types ofsecurity weaknesses are security bugs and configuration errors.Configuration errors exist in a system when an IT system is organizedin such a manner that unwanted exposure is left hanging (Grahamet al, 2011). The configuration erroroccurs when the exposure leaves the system at a risk from any accessattempt, even a legitimate one.

Anexample of such a weakness is a situation where a system “exports”a file to another network or to the internet and makes the contentsof the file system available to other systems. This means that anexpert operator at the destination network can access the file systemand use his expertise to determine access details of the originalsystem (Beaver,2010).

Onthe other hand, security bugs are the unwarranted actions to takeplace in the system or are left unattended in the system. Thesituation occurs when unexpected events take place because ofloopholes in the programs within the system. According of Kostopoulos(2012), these loopholes are mostly created by the employees in anorganization, leaving the system vulnerable of penetration by experthackers. However, sometimes, the loopholes are so big that the systemis vulnerable to even very minor access attempts. An example ofsecurity bugs would be to send a lengthy string of keystrokes to aprogram meant to loc a screen. In case such an act leaves the programto crash, it leaves the entire system vulnerable to unauthorizedaccess.

Networkspoofing

Networkspoofing is the method used by hackers to access a secured system byusing one system to impersonate another. A hacker system presents toa target system itself as if it is the different system. Forinstance, if a hacker targets system A, he or she uses system B toimpersonate a trusted system C. In this case, system C is part of atrusted system that works alongside system A. This leads to theacceptance of requests and instructions from the target system A,thereby giving the hacker the access. As a result, the attackingsystem assumes the full identity of the impersonated system.

Throughthe implication of the trust created by the spoofing is that thesystem administrator of the attacked system is in normal operations.However, the trust concept does not mean that system B trust systemA, it is only that system B is used as a tool for impersonatingsystem C which is the trusted by A. The danger of network spoofing isthat the attacking system dominates its trust on the target system ina manner that blocks the impersonated system. In this example, if Clater tries to access system A, the access is denied, unless itimpersonates system B.

Networkspoofing is implemented by hackers using three main types protocolspoofing, DNS spoofing and MAC spoofing. Protocol spoofing is done bycreating and IP packet with a source address that is intended toconceal its identity. According to Beaver(2010), the concealing of theidentity is done in a way that it impersonates another trustedsender. By sending the packets with the impersonated identity, thetarget system is hacked or accessed to retrieve certain informationas required by the hackers. DNS spoofing on the other hand uses thedomain name system to impersonate a system to the target. Similarly,MAC spoofing uses the Media Access Control address to registerconnections to a target system.

Socialengineering

Thisis a psychological or social process where a person manipulatesanother person to give confidential information. In systems security,this process involves social processes to gain information and logindetails of a system from the authorized persons. People who succeedin this method use a complex trick to divulge the confidence of aperson towards giving secured information through the normal humaninteraction processes. Mann(2008) argues that this isbecause social engineering is purely a non-technical method ofcausing people to break the normal security procedures. This methodis dangerous because it exploits the basic elements of humaninteractions that expose weaknesses. In addition, the socialengineering procedures are run against trusted organizational staffoutside the confines of the organization, making the vulnerable togive information.

Mostof the social engineering methods or tricks are based on certainfeatures of decision making of the target person. According to Mann(2008), the social sciencesrecognize these points of weaknesses or attribute as cognitivebiases. Hadnagy(2011),the tricks used can be done awayfrom the target organization or within the target organization, aslong as the hacker gains access to the target individuals. Forinstance, if a hacker posts a new help desk number on the companynotice board, he will be able to interrogate those who call. Forinstance, if an employee calls, the hacker may easily request forpassword as the target thinks it is a way of verifying his or heridentity.

Othermethods used in social engineering include phishing, diversion, theftand pre-texting. Phishing is the sending of emails that require therespondent to provide some information that the hacker uses toprovide information. Diversion theft is running a con game thatdiverts the target to provide some information (Hadnagy,2011).Pre-texting on the other hand is inventing a scenario that forces thetarget to divulge some specific information that hackers use toaccess the targeted system. Pre-texting can also be used byimpersonating co-workers, banks, insurance staff or tax authorities.

Counter-HackingMethods

Tosecure organizational from the hacking menace, organizations mustimplement certain security features that are way beyond the reach ofhackers. To achieve this, organizations must engage qualifiedpersonnel to develop, manage and update their systems. In addition,organizations should adherence to safety rules and conditions so asto avoid vulnerabilities and weaknesses that hackers utilize (Grahamet al, 2011). The following are the mainmethods and systems thatare being used to block the attacks and defend organizationalsystems

PacketFiltering

Packetfiltering is one of the main methods of defending a secure systemagainst network spoofing. In particular, packet filtering is aneffective method of protecting the system from the IP spoofing methodof network spoofing. According to Vacca(2010), this is done through theperformance of ingress filtering by a gateway to a network installedon the protected system. The gateway filters incoming packets byblocking the packets from external sources that have their sourceaddress reflect an inside network (Kostopoulos, 2012). Thiseffectively stops an outsider from spoofing an inside machine oraddress to access another inside machine, system of program. Inaddition, the gateway would also perform egress filtering for theoutgoing packets. This will effectively prevent spoofing by blockingthe outgoing packets from inside the network but have sourceaddresses being outside the internal network.

Employeetraining and evaluation

Thisis a method that seeks to present human-related errors that leave thesystem vulnerable to attacks. Employees are trained about the methodsof protecting system information and details about the organization.They are educated about the need for securing passwords,confidentiality and dangers of social engineering (Vacca,2010). In addition, they aretrained on the dangers posed by engaging in some practices that maylead to the divulging of information about the organization’ssystem. In addition, employees are evaluated regularly on the type ofsecurity measures they are putting up to protect the system (Vacca,2010). Employees are able to bealert to report any suspicious cases that risk the system security.Moreover, they are trained on regular checks like changing ofpasswords.

Systemreviews

Reviewingcompany system security on regular basis is vital in the detection ofany abnormal events in the system. According to Krause (2006), suchsecurity evaluations provide critical information about theweaknesses of the organizational system. In addition, regularsecurity reviews will expose certain operational activities that riskthe security of the system. Carrying out thorough system checks onregular or surprise basis will help system administrators to identifysecurity bugs that are regularly used as weak points for hackers.While there cannot be a perfect security system in terms of itsintegrity, regular checks are important for exposing points ofweakness. According to Godbole(2008), identifying the points of weakness early provides time forsolving the problem before an attack is made on the system.

Strictsecurity protocols

Settingof strict security protocols is important for an organization toensure the security of an organization is upheld. According toBidgoli(2006), this is done byidentifying the sensitive information and evaluating the impact ofits exposure. After the analysis of all the information and accesspoints, the security policies would be set and implemented in amanner that the most secure information is only accessed to theauthorized and verified personnel. In addition, all employees aregiven access according to their position and company protocol. Anyinformation demand outside the protocol is denied and reported to therelevant authority (Bidgoli,2006). Moreover, establishingframeworks of trust, according to the organizational protocol isimportant to determine who to entrust with system details or not.

Passwordprotection

Oneof the methods of securing passwords from cracking is to use MD5passwords. These are Message-DigestAlgorithms passwords that have higher security features to protectfrom hacking. In addition, using a shadow file will help anorganization from password cracking. According to Krause(2006),a shadow file keeps the passwords in an encrypted format for theaccounts of the users. A shadow file secures all the fields of thepassword and separates them with symbols to avoid decoding. Thismeans that the user information is secured from any access orcracking.

StrictPassword Policy

Thereis no single method that completely secures as a system from passwordcracking. However, there are a several methods that increase thesecurity of passwords and protect the system from hacking, especiallywhen also are observed. These are precautionary methods that securethe system from technical and human vulnerabilities. According toBidgoli(2006), maintenance of regularchanges to passwords is one of the methods. For instance,organizations have a policy of password aging where employees arerequired to change passwords on demand or regular basis to avoidcracking. In addition, employees are not required to use obviousfeatures as passwords or easy passwords. Strong passwords are amandatory requirement by organizations at all times.

Thepolicy should not allow exchange or sharing of passwords between oramong employees. This will avoid the divulgence of information thatwill run the system vulnerable. In addition, employees should use thesame password on different systems or for personal access points.Krause (2006) argues that this will separate the passwords for everysystem and alienate it from other systems and programs, includingcomputer machines. Writing passwords are prohibited to avoidretrieval trough social engineering techniques. For systemadministrators, they should use systems that disallow weak passwordsand aging. They should also install features that disable useraccounts that record a specified sensitive number of times of failedlogins.

Conclusion

Systemsecurity is important for the protection of the organizationalinformation and resources. However, hacking is a dangerous breach oforganizational security by gaining unauthorized access to the systemthrough various methods. The recent media reports of hacking casesindicate an increasing level of vulnerability of organizations indifferent industries. The vulnerability calls for understanding ofthe methods used by hackers and putting systems and measures todefend the organization from hacking. Hackers use password crackingtools, exploitation of known weaknesses in the system, socialengineering methods and network spoofing. However, organizations areimplementing password protection mechanisms, strict password policiesand packet data filtering to secure their systems. In addition,organizations implement regular security evaluations, educatingemployees and system security reviews. This way, organizations cansecure their organizations from being the next statistics in thehacking reports.

ReferenceList

Beaver,K. (2010).&nbspHackingfor Dummies.Hoboken, NJ: Wiley Pub

Bidgoli,H. (2006). Handbookof Information Security, Threats, Vulnerabilities, Prevention,Detection, and Management.Hoboken,NJ: John Wiley &amp SonsGraham,J., et al. (2011). CyberSecurity Essentials.New York, CRC Press

Godbole,N. (2008). InformationSystems Security: Security Management, Metrics, Frameworks and BestPractices.New Delhi: Wiley India Pvt. Limited

Hadnagy,C. (2011).&nbspSocialEngineering: The Art of Human Hacking,&nbspNewYork: Wiley &amp Sons Publishing

Tipton,H.F. (2014). InformationSecurity Management Handbook, Fourth Edition.New York, CRC Press

Kostopoulos,G. (2012). Cyberspace andCybersecurity.New York, CRC Press

Krause,M. (2006). InformationSecurity Management Handbook,2006 Edition. New York, CRC Press

Mann,I. (2008).&nbspHackingthe Human: Social Engineering Techniques and SecurityCountermeasures&nbspPublishedby Gower Publishing Ltd.

Perloth,N. (2013). The Year in Hacking, bythe Numbers. Retrieved From,&lthttp://bits.blogs.nytimes.com/2013/04/22/the-year-in-hacking-by-the-numbers/?_r=0&gtMarch 6, 2015

Vacca,J.R. (2010). ManagingInformation Security.New York: Syngress Publishing