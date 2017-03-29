Talk of hackers and hacking continue to make headline across the country. Concerns about online security also surfaced when a data breach on Vermont JobLink potentially exposed the personal information of thousands of Vermonters.

Tech expert Duane Dunston from Champlain College is at the Tech Desk with important information on how to protect yourself from hackers. Watch the video to see.

From Duane Dunston:

"Why do people hack?"

"What does someone want with my information?"

"So what someone can get to my email account or my bank account?"

"I don't have anything on my computer that someone would want."

These are statements we hear all the time. I hope you start to think differently about why people hack.

What does the term hacking mean? For the purposes of this discussion, the term "hacker" will be used to mean someone that is trying to do something malicious.

Once people better understand the motivations of a hacker and why they do it, I think it is easier to understand why you need to protect your computer system - for the sake of the rest of the Internet community - and why you should care if someone hacks your bank account, even if you have "nothing in there." They can put something in there and then transfer it somewhere else - in your name.

Why does someone hack?

First two quick definitions:

Vulnerability - This is a weakness in a computer system or software program that allows someone to gain more access than they should or perform some action(s) that they weren't authorized to perform. For example, if you leave your door unlocked at night and you leave quarters in the side of the door, the unlocked door is the vulnerability.

Exploit - method used to take advantage of a vulnerability. In the case of the unlocked door, someone can take advantage of that vulnerability by pulling the door handle to see if the door opens. Then they are free to rummage around your car.

People hack into computer systems for a few reasons:

Fun - hacking is fun to some people. They want to try to gain access to someone's computer just to see how "hacking" works. They may have learned about a vulnerability in a computer system or software program and test to see how the exploit works. Why? They are just curious and won't do any damage to the system - though the exploit may cause damage, but that is not their intention. They may never do anything with data they are able to access or download and probably won't do anything malicious. They accomplished their mission and they are out of the system and may never return.

Make a Point (aka Hacktivism) - Hacktivists have a social cause such as human rights violations or issues that they deem to be egregious and no one may be paying attention to their respective cause. They use hacking into systems or attempt to prevent access to a given website(s) in order to get their message across to as many people as possible. The most famous Hacktivist these days is the group Anonymous and they have a long list of targets:

https://en.wikipedia.org/wiki/Timeline_of_events_associated_with_Anonymous

Malicious - this could encompass many possible motives. A hacker could have a vendetta against a friend, family member, or organization and do something malicious such as log into their email account and delete email messages, send threatening email messages to someone else from the user's account, hack into their bank account information, delete files and data from someone's computer, etc. Malicious could also be a hacker that hacks into a banking system and threaten to contact the bank's customers if they don't give them money - virtual blackmail. A foreign government could try to hack into another government's computer system to steal information (Nation State attackers). If a hacker is being paid by a well-funded group or foreign government, more than likely, their methodology will be highly sophisticated and meticulous. These types of hackers will be experts in computer technologies and able to write code and new exploits on-the-fly. Whereas someone that wants to hijack your email account does need to have a strong cybersecurity background.

Opportunity - this is the big one. Hackers will gain access to a computer because of the opportunity it gives them, namely large amount of storage space and high-speed Internet access. Think about this, between the hours of 8 am and 5pm, where are a lof people in the US? School or work right? That or only a few people at home. In some foreign country, 8am in the US is 8pm in the evening for them. That's plenty of time to play around with someone's high-speed internet that will be at work for 8 hours, or more. Also, fast internet speeds allows multiple people to stream videos and movies, for example. That fast internet speed could allow the activities mentioned below to go unnoticed. Computers these days come with a large amount of storage and mostly goes unused. They can use that unused space to store illegal material on your computer. Opportunism is a major reason for the attacks mentioned below.

Host illegal software - Here it may be for personal use or for them to share with other hackers via IRC (Internet Relay Channel aka "chat channels") and newsgroups. Not just hackers make use of this software, but people who want software that they can't afford. Programs like Adobe Photoshop that you'd normally have to pay could be hosted on your computer systems.

Host exploit software - In this case an attacker will use a computer to host exploit software that can be automatically downloaded by other hackers to have access to if and when they hack into another computer system.

Basically, hackers will have a suite of tools for their dirty work. They may hack a dozen computers and leave that suite of tools on another hacked computer. Then, when they hack a computer, they download those tools to that computer? Why? They may want to gain further access into the computer they just hacked and they want to ensure their tools are always available. Storing those tools multiple computers provides backup and redundancy for their nefarious activity.

Host adult or child pornography - again this could be for personal use or to allow others to have access to the images or movies.

Attack other computer systems - Another opportunistic attack. Hackers don't want to get caught hacking. It could mean jail or prison time or fines. Hackers will often "daisy chain" or hack into multiple computers before getting to their target. By doing this, it is possible that their trails will be lost in one of the computers they hacked into. A hacker may daisy chain using computers around the world. An attacker could hack into a computer in South Africa, then Taiwan, then Iceland, and then gain access to a high valued target computer system or network.

It is hoped, by the attacker, that some admin won't know how to check the computer system to determine how the hacker got in or that someone didn't even know they were in their computer system. One of the countries involved in the attack may choose not to participate in an investigation or simply reinstall the operating system.

Distributed Denial-of-Service (DDoS) attacks are performed by using hacked computer systems. A hacker will hack into hundreds of computer systems and upload zombie software. When the master gives the command, it will connect to each zombie and have it send a little bit of data to one or more servers. This may seem like it wouldn't do anything, but when you have hundreds or thousands of computers trying to contact one site at a time, it could cause a DoS which is an Availability attack. The "master" can be one computer and the zombies (the malicious code) are installed on a few dozen, few hundred, or a few thousand computer systems. Why do they do this? It is usually used to prevent legitimate people from gaining access to a website. For example, a DDoS could have a major financial impact on Amazon.com if it was attacked by a DDoS attack (which happened several years ago and made these attacks famous).

The above are some reasons why people hack and what they could do when their hacking is successful. Do you want your organization to be hosting child pornography or illegal software? How about your home computer? How about your grandma's computer? Again, what is outlined above are just examples of what someone could do. What is possible is only limited by the intentions of the attacker.

Who can be a hacker?

A hacker can be anyone. It could be a friend, family member, employee, pissed off customer, curious teenager, curious adult, a competitor, or someone from a rival company. Just as the enemy could be anyone, the method to attack or get at your information or assets is unlimited. This can be done via publicly available services, paying an insider, pretending to be an employee or reporter, or chatting it up with a sales person that will divulge information, or any other vector.

Terrorist groups, governments, organized crime groups, and hate groups are also potential adversaries. These types of attackers and groups are funded to hire the best hackers and are more likely to not get caught.

Computer crime is not much different than other crimes. It is an easier and faster method to attack a target than trying to confront the target face-to-face. Again, in general, a criminal that commits murder doesn't want to get caught anymore than a criminal that blackmails a bank out of $10 million or an identity theft that ruins one person's credit or criminal history.

Understanding the motives behind hacking helps you to understand the types of attacks that are possible and it provides you with a potential "profile" of attackers targeting your computer systems. That way you can ensure you have the appropriate controls in place to minimize the likelihood of hackers compromising your information assets.

Now, can you answer these questions?

