What is hacking?

Hacking refers to activities that seek to compromise digital

devices, such as computers, smartphones, tablets, and even entire
networks. And while hacking might not always be for malicious
purposes, nowadays most references to hacking, and hackers,
characterize it/them as unlawful activity by cybercriminals—
motivated by financial gain, protest, information gathering (spying),
and even just for the “fun” of the challenge.

Many think that “hacker” refers to some self-taught whiz kid or

rogue programmer skilled at modifying computer hardware or
software so it can be used in ways outside the original developers'
intent. But this is a narrow view that doesn't begin to encompass
the wide range of reasons why someone turns to hacking. (For an in-
depth look at hackers, read “Under the hoodie: why money, power,
and ego drive hackers to cybercrime” by Wendy Zamora.)

Hacking is typically technical in nature (like creating malvertising

that deposits malware in a drive-by attack requiring no user
interaction). But hackers can also use psychology to trick the user
into clicking on a malicious attachment or providing personal data.
These tactics are referred to as “social engineering.”

“Hacking has evolved from teenage

mischief into a billion-dollar growth
business.”
In fact, it's accurate to characterize hacking as an over-arching
umbrella term for activity behind most if not all of the malware and
malicious cyberattacks on the computing public, businesses, and
governments. Besides social engineering and malvertising, common
hacking techniques include:
Botnets
Browser hijacks
Denial of service (DDoS) attacks
Ransomware
Rootkits
Trojans
Viruses
Worms
As such, hacking has evolved from teenage mischief into a billion-
dollar growth business, whose adherents have established a
criminal infrastructure that develops and sells turnkey hacking tools
to would-be crooks with less sophisticated technical skills (known
as “script kiddies”). As an example, see: Emotet.

In another example, Windows users are reportedly the target of a

wide-spread cybercriminal effort offering remote access to IT
systems for just $10 via a dark web hacking store—potentially
enabling attackers to steal information, disrupt systems, deploy
ransomware, and more. Systems advertised for sale on the forum
range from Windows XP through to Windows 10. The storeowners
even offer tips for how those using the illicit logins can remain
undetected.

History of hacking/hackers
In its current usage, the term dates back to the 1970s. In 1980, an
article in Psychology Today used the term “hacker” in its title:
“The Hacker Papers,” which discussed the addictive nature of
computer use.

Then there's the 1982 American science fiction film, Tron, in which

the protagonist describes his intentions to break into a company's
computer system as hacking into it. The plot of another movie
released the next year, WarGames, centered on a teenager's
computer intrusion into the North American Aerospace Defense
Command (NORAD). It was a fiction that introduced the specter of
hackers as a threat to national security.

“A gang of teenage hackers broke

into computer systems throughout
the United States and Canada.”
Turns out, art was prologue to reality in that same year when a gang
of teenage hackers broke into computer systems throughout the
United States and Canada, including those of Los Alamos National
Laboratory, Sloan-Kettering Cancer Center, and Security Pacific
Bank. Soon afterward, a Newsweek article with a cover shot of
one of the young hackers was the first to use the term “hacker” in
the pejorative sense in the mainstream media.
Thereafter, Congress got into the act, passing a number of bills
concerning computer crime. After that, throughout the rest of the
1980s, any number of hacker groups and publications formed in
America and abroad, attracting hacking enthusiasts in pursuit of
diverse missions—some benign, others not so much. There were
spectacular attacks and break-ins into government and corporate
computers, more anti-hacking legislation, and many noteworthy
arrests and convictions. All the while, popular culture kept hacking
and hackers in the public consciousness with a parade of movies,
books, and magazines that are dedicated to the activity.

For a lengthy timeline of hacker history, including the emergence of

terrorist and state-sponsored hacking in the modern era, go here.

Types of hacking/hackers
Broadly speaking, you can say that hackers attempt to break into
computers and networks for any of four reasons.

 There's criminal financial gain, meaning the theft of credit

card numbers or defrauding banking systems.

 Next, gaining street cred and burnishing one's reputation

within hacker subculture motivates some hackers as they
leave their mark on websites they vandalize as proof that they
pulled off the hack.

 Then there's corporate espionage, when one company's

hackers seek to steal information on a competitor's products
and services to gain a marketplace advantage.

 Finally, entire nations engage in state-sponsored hacking to

steal business and/or national intelligence, to destabilize their
adversaries' infrastructure, or even to sow discord and
confusion in the target country. (There's consensus that China
and Russia have carried out such attacks, including one on
Forbes.com. In addition, the recent attacks on the Democratic
National Committee [DNC] made the news in a big way—
especially after Microsoft says hackers accused of hacking
into the Democratic National Committee have exploited
previously undisclosed flaws in Microsoft's Windows
operating system and Adobe Systems' Flash software. There
are also instances of hacking courtesy of the United States
government.)
There's even another category of cybercriminals: the hacker who is
politically or socially motivated for some cause. Such hacker-
activists, or “hacktivists,” strive to focus public attention on an
issue by garnering unflattering attention on the target—usually by
making sensitive information public. For notable hacktivist groups,
along with some of their more famous undertakings,
see Anonymous, WikiLeaks, and LulzSec.

“Today's cybersecurity frontier

retains that Wild West vibe, with
white hat and black hat hackers.”
There's also another way we parse hackers. Remember the classic
old Western movies? Good guys = white hats. Bad guys = black hats.
Today's cybersecurity frontier retains that Wild West vibe, with
white hat and black hat hackers, and even a third in-between
category.

If a hacker is a person with deep understanding of computer

systems and software, and who uses that knowledge to somehow
subvert that technology, then a black hat hacker does so for
stealing something valuable or other malicious reasons. So it's
reasonable to assign any of those four motivations (theft,
reputation, corporate espionage, and nation-state hacking) to the
black hats.

White hat hackers, on the other hand, strive to improve the security
of an organization's security systems by finding vulnerable flaws so
that they can prevent identity theft or other cybercrimes before the
black hats notice. Corporations even employ their own white hat
hackers as part of their support staff, as a recent article from the
New York Times online edition highlights. Or businesses can even
outsource their white hat hacking to services such as HackerOne,
which tests software products for vulnerabilities and bugs for a
bounty.

Finally, there's the gray hat crowd, hackers who use their skills to
break into systems and networks without permission (just like the
black hats). But instead of wreaking criminal havoc, they might
report their discovery to the target owner and offer to repair the
vulnerability for a small fee.
Latest hacking news
Perspectives on Russian hacking
UK law enforcement: an uphill struggle to fight hackers
Biohacking

Hacking on Android phones

While most associate hacking with Windows computers, the Android
operating system also offers an inviting target for hackers.

A bit of history: Early hackers who obsessively explored low-tech

methods for getting around the secure telecommunication networks
(and expensive long-distance calls of their era) were originally
called phreaks—a combination of the words phone and freaks. They
were a defined subculture in the 1970s, and their activity was
called phreaking.

Nowadays, phreakers have evolved out of the analog technology era

and become hackers in the digital world of more than two billion
mobile devices. Mobile phone hackers use a variety of methods to
access an individual's mobile phone and intercept voicemails,
phone calls, text messages, and even the phone's microphone and
camera, all without that user's permission or even knowledge.

“Cybercriminals could view your

stored data on the phone, including
identity and financial information.”
Compared to iPhones, Android phones are much more fractured,
whose open-source nature and inconsistencies in standards in
terms of software development put the Androids at a greater risk of
data corruption and data theft. And any number of bad things result
from  Android hacking.

Cybercriminals could view your stored data on the phone, including

identity and financial information. Likewise, hackers can track your
location, force your phone to text premium websites, or even spread
their hack (with an embedded malicious link) to others among your
contacts, who will click on it because it appears to come from you.
Of course, legitimate law enforcement might hack phones with a
warrant to store copies of texts and emails, transcribe private
conversations, or follow the suspect's movements. But black hat
hackers could definitely do harm by accessing your bank account
credentials, deleting data, or adding a host of malicious programs.

Phone hackers have the advantage of many computer hacking

techniques, which are easy to adapt to Androids.  Phishing, the
crime of targeting individuals or members of entire organizations to
lure them into revealing sensitive information through social
engineering, is a tried and true method for criminals. In fact,
because a phone displays a much smaller address bar compared to
a PC, phishing on a mobile Internet browser probably makes it
easier to counterfeit a seemingly trusted website without revealing
the subtle tells (such as intentional misspellings) that you can see
on a desktop browser. So you get a note from your bank asking you
to log on to resolve an urgent problem, click on the conveniently
provided link, enter your credentials in the form, and the hackers
have you.

Trojanized apps downloaded from unsecured marketplaces are

another crossover hacker threat to Androids. Major Android app
stores (Google and Amazon) keep careful watch on the third-party
apps; but embedded malware can get through either occasionally
from the trusted sites, or more often from the sketchier ones. This
is the way your phone ends up
hosting adware, spyware, ransomware, or any other number of
malware nasties.

“Bluehacking gains access to your

phone when it shows up on an
unprotected Bluetooth network.”
Other methods are even more sophisticated and don't require
manipulating the user into clicking on a bad link. Bluehacking gains
access to your phone when it shows up on an unprotected
Bluetooth network. It's even possible to mimic a trusted network or
cell phone tower to re-route text messages or log-on sessions. And
if you leave your unlocked phone unattended in a public space,
instead of just stealing it, a hacker can clone it by copying the SIM
card, which is like handing over the keys to your castle.
Hacking on Macs
Lest you think that hacking is only a Windows problem, Mac users,
be assured—you are not immune.

For instance, in 2017  a phishing campaign targeting Mac users,

mostly in Europe. Conveyed by a Trojan that was signed with a valid
Apple developer certificate, the hack phished for credentials by
throwing up a full-screen alert claiming that there's an essential OS
X update waiting to be installed. If the hack succeeded, the
attackers gained complete access to all of the victim's
communication, allowing them to eavesdrop on all web browsing,
even if it's an HTTPS connection with the lock icon.

In addition to social engineering hacks on Macs, the occasional

hardware flaw can also create vulnerabilities, as was the case with
the so-called Meltdown and Spectre flaws that The Guardian
reported in early 2018. Apple responded by developing protections
against the flaw, but advised customers to download software only
from trusted sources such as its iOS and Mac App Stores to help
prevent hackers from being able to use the processor
vulnerabilities.

And then there was the insidious Calisto, a variant of the Proton

Mac malware that operated in the wild for two years before being
discovered in July 2018. It was buried in a fake Mac cybersecurity
installer, and, among other functions, collected usernames and
passwords.

So, from viruses, malware, to security flaws, hackers have created

an extensive toolkit to wreak hacker havoc on your Mac, the most
recent of which the Malwarebytes Labs team has documented here.

Hacking prevention
If your computer, tablet, or phone is at the bull's-eye of the hacker's
target, then surround it with concentric rings of precautions.

First and foremost, download a reliable anti-malware product (or

app for the phone), which can both detect and neutralize malware
and block connections to malicious phishing websites. Of course,
whether you're on Windows, Android, a Mac, an iPhone, or in a
business network, we recommend the layered protection
of  Malwarebytes for Windows,  Malwarebytes for
Mac,  Malwarebytes for Android, Malwarebytes for
Chromebook, Malwarebytes for iOS, and  Malwarebytes business
products.

“Know that no bank or online

payment system will ever ask you
for your login credentials, social
security number, or credit card
numbers by means of email.”
Second, only download phone apps from the legitimate
marketplaces that police themselves for malware-carrying apps,
such as Google Play and Amazon Appstore. (Note that Apple policy
restricts iPhone users to download only from the App Store.) Even
so, every time you download an app, check the ratings and reviews
first. If it has a low rating and a low number of downloads, it is best
to avoid that app.

Know that no bank or online payment system will ever ask you for
your login credentials, social security number, or credit card
numbers by means of email.

Whether you're on your phone or a computer, make sure your

operating system remains updated. And update your other resident
software as well.

Avoid visiting unsafe websites, and never download unverified

attachments or click on links in unfamiliar emails.

All the above is basic hygiene, and always a good idea. But the bad
guys are forever looking for a new way into your system. If a hacker
discovers one of your passwords that you use for multiple
services, they have apps that can breach your other accounts. So
make your passwords long and complicated, avoid using the same
one for different accounts, and instead use a password manager.
Because the value of even a single hacked email account can rain
disaster down on you.
How does hacking affect my
business?
For criminal minded hackers, business is booming. Case in
point, attacks on businesses went up 55 percent in the second half
of 2018 with Trojans and ransomware proving to be the most
popular types of attacks. Specifically, Trojan attacks on businesses
rose 84 percent while ransomware attacks went up 88 percent.

The two biggest Trojan threats to businesses right now

are Emotet and TrickBot, while the majority of ransomware cases
as of late have been the result of GandCrab. Emotet, Trickbot, and
GandCrab all rely on malspam as their primary vector of infection.
These malicious spam emails, disguised as familiar brands, trick
your end users into clicking malicious download links or opening an
attachment loaded with malware. In an interesting twist, Emotet
has evolved from being a banking Trojan in its own right into a tool
for delivering other malware, including other banking Trojans like
Trickbot.

So what happens when cybercriminals are able to hack into your

network?

Emotet, for instance, hobbled critical systems in the City of

Allentown, PA, requiring help from Microsoft’s incident response
team to clean up. All told, the city racked up remediation costs to
the tune of $1 million.

GandCrab is just as awful. It’s been estimated the ransomware with

the gross sounding name has already netted its authors somewhere
around $300 million in paid ransoms, with individual ransoms set
from $600 to $700,000.

In light of the ransomware and Trojan attacks currently favored by

criminal hackers, the question now is: how can I protect my
business from hacking? Here’s some tips for staying safe.

 Implement network segmentation. Spreading your data across

smaller subnetworks reduces your exposure during an attack.
This can help contain infections to only a few endpoints
instead of your entire infrastructure.

 Enforce the principle of least privilege (PoLP). By only giving

users the access level they need to do their jobs and nothing
 more you can minimize the potential damage from ransomware
attacks.

 Backup all your data. This goes for all the endpoints on your
network and network shares too. As long as your data is
archived, you can always wipe an infected system and restore
from a backup.

 Educate end users on how to spot malspam. Users should be

wary of unsolicited emails and attachments from unknown
senders. When handling attachments, your users should avoid
executing executable files and avoid enabling macros on
Office files. When in doubt, reach out. Train end users to
inquire further if suspicious emails appear to be from a trusted
source. One quick phone call or email goes a long way
towards avoiding malware.

 Educate staff on creating strong passwords and implement

some form of multi-factor authentication (MFA)—two-factor
authentication at a bare minimum.

 Patch and update your software. Emotet and Trickbot rely on

the Windows EternalBlue/DoublePulsar vulnerabilities to
infect machines and spread across networks so keep your
systems up-to-date.

 Get proactive about endpoint protection. Malwarebytes, for

example, has multiple options for your business with Endpoint
Protection, Endpoint Security, and Endpoint Detection and
Response.