Hacking For Dummies. Kevin Beaver
kiddies (hacker wannabes with limited skills) aside, traditional hackers are adventurous and innovative thinkers who are always devising new ways to exploit computer vulnerabilities. (For more on script kiddies, see the section “Who Breaks into Computer Systems” later in this chapter.) Hackers see what others often overlook. They’re very inquisitive and have good situational awareness. They wonder what would happen if a cable was unplugged, a switch was flipped, or lines of code were changed in a program. They do these things and then notice what happens.
When they were growing up, hackers’ rivals were monsters and villains on video-game screens. Now hackers see their electronic foes as only that: electronic. Criminal hackers who perform malicious acts don’t really think about the fact that human beings are behind the firewalls, web applications, and computer systems they’re attacking. They ignore the fact that their actions often affect those human beings in negative ways, such as jeopardizing their job security and putting their personal safety at risk. Government-backed hacking? Well, that’s a different story, as those hackers are making calculated decisions to do these things.
On the flip side, the odds are good that you have at least an employee, contractor, intern, or consultant who intends to compromise sensitive information on your network for malicious purposes. These people don’t hack in the way that people normally suppose. Instead, they root around in files on server shares; delve into databases they know they shouldn’t be in; and sometimes steal, modify, and delete sensitive information to which they have access. This behavior can be very hard to detect, especially given the widespread belief among management that users can and should be trusted to do the right things. This activity is perpetuated if these users passed their criminal background and credit checks before they were hired. Past behavior is often the best predictor of future behavior, but just because someone has had a clean record and authorization to access sensitive systems doesn’t mean that they won’t do anything bad. Criminal behavior has to start somewhere!
As negative as breaking into computer systems often can be, hackers and researchers play key roles in the advancement of technology. In a world without these people, the odds are good that the latest network and cloud controls, endpoint security, or vulnerability scanning and exploit tools would likely be different — if they existed at all. Such a world might not be bad, but technology does keep security professionals employed and the field moving forward. Unfortunately, the technical security solutions can’t ward off all malicious attacks and unauthorized use because hackers and (sometimes) malicious users are usually a few steps ahead of the technology designed to protect against their wayward actions. Or, the people in charge of these technologies are so distracted that they miss the obvious.However you view the stereotypical hacker or malicious user, one thing is certain: Somebody will always try to take down your computer systems and compromise information by poking and prodding where they shouldn’t — through denial of service (DoS) attacks or by creating and launching malware, especially ransomware. You must take the appropriate steps to protect your systems against this kind of intrusion.
THINKING LIKE THE BAD GUYS
Malicious attackers often think and work like thieves, kidnappers, and other organized criminals you hear about in the news every day. The smart ones devise ways to fly under the radar and exploit even the smallest weaknesses that lead them to their targets. Following are examples of how hackers and malicious users think and work. This list isn’t intended to highlight specific exploits that I cover in this book or tests that I recommend that you carry out, but it demonstrates the context and approach of a malicious mindset:
Evading an intrusion prevention system by changing the MAC or IP address every few minutes (or packets) to get farther into a network without being blocked.
Exploiting a physical security weakness by being aware of offices that have already been cleaned by the cleaning crew and are unoccupied (and, thus, easy to access with little chance of getting caught). For example, such a weakness might be made obvious by the fact that the office blinds are opened, and the curtains are pulled shut in the early morning.
Bypassing web access controls by elevating their privileges via a vulnerable web page, the application’s login mechanism, or a vulnerable password reset process.
Using unauthorized software that would otherwise be blocked at the firewall by changing the default TCP port on which it runs.
Setting up a wireless “evil twin” near a local Wi-Fi hotspot to entice unsuspecting Internet surfers onto a rogue network, where their information can be captured and easily manipulated.
Using an overly trusting colleague’s user ID and password to gain access to sensitive information that they’d otherwise be highly unlikely to obtain and that could then be used for ill-gotten gains.
Unplugging the power cord or Ethernet connection to a networked security camera that monitors access to the computer room or other sensitive areas and subsequently gaining unmonitored system access.
Performing SQL injection or password cracking against a website via a neighbor’s unprotected wireless network to hide the malicious user’s own identity.
Malicious hackers operate in countless ways, and this list presents only a small number of the techniques hackers may use. IT and security professionals need to think and work this way to find security vulnerabilities that may not otherwise be uncovered.
Who Breaks into Computer Systems
Computer hackers have been around for decades. Since the Internet became widely used in the 1990s, the mainstream public has started to hear more about hacking. Certain hackers, such as John Draper (also known as Captain Crunch) and Kevin Mitnick, are well known. Many more unknown hackers are looking to make names for themselves, and they’re the ones you have to look out for.
In a world of black and white, describing the typical hacker is easy. The historical stereotype of a hacker is an antisocial, pimply teenage boy. But the world has many shades of gray, and many types of people do the hacking. Hackers are unique people, so a profile is hard to outline. The best broad description of hackers is that all hackers aren’t equal. Each hacker has unique motives, methods, and skills.
Hacker skill levels
Hacker skill levels fall into three general categories:
Script kiddies: These hackers are computer novices who take advantage of the exploit tools, vulnerability scanners, and documentation available free on the Internet but who don’t have any real knowledge of what’s going on behind the scenes. They know just enough to cause you headaches but typically are very sloppy in their actions, leaving all sorts of digital fingerprints behind. Even though these guys are often the stereotypical hackers that you hear about in the news media, they need only minimal skills to carry out their attacks.
Criminal hackers: Sometimes referred to as crackers, these hackers are skilled criminal experts who write some of the hacking tools, including the scripts and other programs that the script kiddies and security professionals use. These folks also write malware to carry out their exploits from the other side of the world. They can break into networks and computers and cover their tracks. They can even make it look as though someone else hacked their victims’ systems. Sometimes, people with ill intent may not be doing what’s considered to be hacking; nevertheless, they’re abusing their privileges or somehow gaining unauthorized access.Advanced hackers are often members of collectives that prefer to remain nameless. These hackers are very secretive, sharing information with their subordinates (lower-ranked hackers in the collectives) only when they deem those subordinates to be worthy. Typically, for lower-ranked hackers to be considered worthy, they must possess unique information or take the ganglike approach by proving