IFV - Hacking
IFV - Hacking
=the act of identifying and then exploiting weaknesses in a computer system or network,
usually to gain unauthorized access to personal or organizational data.
Hacking is not always a malicious act, but it is most commonly associated with illegal activity
and data theft by cyber criminals.
HISTORY (1st slide)
Hacking first appeared as a term in the 1970s but became more popular through the next
decade. An article in a 1980 edition of Psychology Today ran the headline “The Hacker
Papers” in an exploration of computer usage's addictive nature. Two years later, two movies,
Tron and WarGames, were released, in which the lead characters set about hacking into
computer systems, which introduced the concept of hacking to a wide audience and as a
potential national security risk.
HOW HACKING WORKS? (2nd slide)
Social engineering
Hacking passwords
Hackers use different ways to obtain passwords. The trial and error method is known as
a brute force attack, which involves hackers trying to guess every possible combination to
gain access. Hackers may also use simple algorithms to generate different combinations for
letters, numbers, and symbols to help them identify password combinations. Another
technique is known as a dictionary attack, which is a program that inserts common words into
password fields to see if one works.
Infecting devices with malware (Malware, or malicious software, is any program or file that
is intentionally harmful to a computer, network or server.)
Hackers may infiltrate a user’s device to install malware. More likely, they will target
potential victims via email, instant messages and websites with downloadable content or peer-
to-peer networks.
TYPES OF HACKING:
There are typically four key drivers that lead to hacking websites or systems: (1) financial
gain through the theft of credit card details, (2) corporate espionage, (3) to gain
notoriety or respect for their hacking talents, and (4) state-sponsored hacking that aims
to steal business information and national intelligence. On top of that, there are politically
motivated hackers—or hacktivists—who aim to raise public attention by leaking sensitive
information, such as Anonymous, LulzSec, and WikiLeaks.
1. BLACK HAT HACKERS
= „The bad guys“
They go out of their way to discover vulnerabilities in computer systems and software
to exploit them for financial gain or for more malicious purposes, such as to gain
reputation, carry out corporate espionage, or as part of a nation-state hacking
campaign.
These individuals’ actions can inflict serious damage on both computer users and the
organizations they work for. They can steal sensitive personal information,
compromise computer and financial systems, and alter or take down the functionality
of websites and critical networks.
2. WHITE HAT HACKERS
= „The goos guys“
attempt to prevent the success of black hat hackers through proactive hacking. They
use their technical skills to break into systems to assess and test the level of network
security, also known as ethical hacking. This helps expose vulnerabilities in systems
before black hat hackers can detect and exploit them.
The techniques white hat hackers use are similar to or even identical to those of black
hat hackers, but these individuals are hired by organizations to test and discover
potential holes in their security defenses.
3. GREY HAT HACKERS
Grey hat hackers sit somewhere between the good and the bad guys. Unlike black hat
hackers, they attempt to violate standards and principles but without intending to do
harm or gain financially. Their actions are typically carried out for the common good.
For example, they may exploit a vulnerability to raise awareness that it exists, but
unlike white hat hackers, they do so publicly. This alerts malicious actors to the
existence of the vulnerability.
WHAT CAN BE HACKED?
Smart devices (smartphones – Android > Apple)
WebCams (spy on users, read their messages, see their browsing activity, take screenshots,
and hijack their webcam)
Routers (enables an attacker to gain access to data sent and received across them and
networks that are accessed on them)
Email (used to spread malware and ransomware and as a tactic for phishing attacks, which
enable attackers to target victims with malicious attachments or links. )
Advertisements like pop-up ads are also widely used by hackers. When clicked, they lead the
user to inadvertently download malware or spyware onto their device. Links should be treated
carefully, and strange links within email messages or on social media, in particular, should
never be clicked. These can be used by hackers to install malware on a device or lead users to
spoofed websites.
Use a VPN
Using a virtual private network (VPN) allows users to browse the internet securely. It hides
their location and prevents hackers from intercepting their data or browsing activity.
https://www.fortinet.com/resources/cyberglossary/what-is-hacking
https://www.kaspersky.com/resource-center/definitions/what-is-hacking
https://www.techtarget.com/searchsecurity/definition/malware