How Do Hackers Get Into Your Computer Systems?

What is a hacker?

During the 1990s, the term “hacker” originally denoted a skilled programmer proficient in machine code and computer operating systems. In particular, these individuals could always hack on an unsatisfactory system to solve problems and engage in a little software company espionage by interpreting a competitor’s code.

Unfortunately, some of these hackers also became experts at accessing password-protected computers, files, and networks and came to known as “crackers.” Of course, an effective and dangerous “cracker” must be a good hacker and the terms became intertwined. Hacker won out in popular use and in the media and today refers to anyone who performs some form of computer sabotage.

In time, the basics of hacking evolved to:

Steal secrets.
Obtain passwords.
Get credit card information.
Exploit vulnerabilities in mobile devices, often hacking a phone to gain access to personal messages, photos, or even location data.
Create so much traffic that a website has to shut down.

Hackers are ALWAYS at work, either trying to steal information for their own gain or disrupt business as usual. You hear a lot of about hackers on the news now and then, but just what are they doing?

Here’s a bit of background to help you understand what it means when a website or company is “hacked.”

Hackers aren’t heroes.

For some reason, there are those who think that hackers are “cool” and that their spirit of mischief and sneaking is admirable. But the IT (Internet technology) experts who spend a lot of money building business or government networks would disagree. And, for that matter, so would anyone who has ever had their money or identity stolen by a hacker. There’s nothing playful about that.

Most people would agree that there are three types of hackers:

Young kids “having fun.” These are adolescents who are essentially vandals on the Internet and are also know as Script Kiddies. They’re not looking for more than a few hours of their fun messing with websites or networks.
Recreational “hackers.” These are savvy computer users who intrude on networks when they feel they have a valid reason to…in their minds at least. They may have a grudge against a certain website or company and take their dislike out by “hacking” or disrupting the website.
Professionals. When a computer expert gets a taste of hacking and likes the flavor, he or she will continue to use their skill, often for breaking into people’s accounts to steal money. They also might like taking down a big network for “fun.”

Stealing passwords and getting in the system.

Finding out a password is the usually the first step in cracking a network’s security. (That’s why there are so many articles telling you to change your passwords often and make them hard to figure out!)

Here are a few key terms that you’ll hear in discussions about hackers and what they do:

Back door. A secret pathway a hacker uses to gain entry to a computer system.
Buffer overflow. A method of attack where the hacker delivers malicious commands to a system by overrunning an application buffer.
Denial-of-service attack. An attack designed to cripple the victim’s system by preventing it from handling its normal traffic, usually by flooding it with false traffic.
Email worm. A virus-laden script or mini-program sent to an unsuspecting victim through a normal-looking email message.
Root access. The highest level of access (and most desired by serious hackers) to a computer system, which can give them complete control over the system.
Root kit. A set of tools used by an intruder to expand and disguise his control of the system.
Script kiddie. A young or unsophisticated hacker who uses base hacker tools to try to act like a real hacker.
Session hijacking. When a hacker is able to insert malicious data packets right into an actual data transmission over the Internet connection.
Trojan horse. A seemingly helpful program that tricks the computer user into opening it, only to deliver (unnoticed and behind the scenes) an unexpected attack on the user’s computer.

Hacker Tools

There now are more than 100,000 known viruses with more appearing virtually daily. The myriad of hackers and their nefarious deeds can affect any computer owner whether an occasional home user, e-mailer, student, blogger, or a network administrator on site or on the internet. No matter your level of computer use, you must protect your computer, business, or even your identity. The best way to know how to protect your computer is to understand the hacker’s tools and recognize their damage.

Viruses, Exploits, Worms, and More

The term computer “virus” originated to describe machine code command inserted into a computer’s memory that, on execution, copies itself into other programs and files on the computer. Depending on the hacker’s intent, the design of a virus can merely be an inconvenience or have very serious consequences up to a potential catastrophe.

Generally, a virus is a piece of software, a series of data, or a command sequence that exploits a bug, glitch, or vulnerability. Each example is appropriately termed an “exploit.” An exploit causes unintended or unanticipated behavior to occur in a computer’s operating system or applications while propagating itself within the computer.

An exploit and operates through a network security vulnerability or “hole” without previous access to the vulnerable system is a “remote” exploit. An exploit that needs prior access to a system is termed a “local” exploit. These are usually intended to increase the hacker’s access privileges beyond those granted by a system administrator.

Worms are simply viruses that send copies over network connections. A bomb resides silently in a computer’s memory until set off by a date or action. A Trojan horse is a malicious program that cannot reproduce itself, but is distributed by CD or e-mail.

Protect Your Computer: Avoid Computer Holes/Vulnerabilities

Install only trusted software and delete unknown emails. If you have any doubt about a piece of software’s function, do not install it. If you receive e-mails from random people’s names, resist your curiosity and do not open it, just delete it.

Under no conditions download or open attachments from anyone that you do not know and even then be cautious. Banks and most companies that create online personal accounts will not send you attachments. If they do, it is probably best to go to the company site and request the download or at least see if it is legitimate. Avoid adult web sites, a hacker’s paradise.

Whether in your e-mail or online, do not click on ads. If the ad is of interest, find the site. Be careful with what you physically put into your computer. This is especially true for shared R/W CDs, USB hard disks, or flash drives. This is an easy path for a virus to follow from computer to computer.

Protection: Install Anti-Virus Software

Anti-virus software searches for evidence of the presence of viral programs, worm, bombs, and Trojan horses by checking for the characteristic appearances or behaviors that is typical of these programs. When found the program logs its discovery, its type, often its name or an identifier, and it potential for damage. The anti-virus software then eliminates or isolates/quarantines the infected files. For the individual, commercial software is relatively inexpensive; however, there are free anti-virus programs available.

Since new viruses appear almost daily with new code it is imperative that you update you antivirus program often to keep up with these threats; therefore, make sure to set your program to update automatically. To avoid the annoyance of computer slowdown schedule full scale scans late at night.

The same is true for your Windows Operating System. Very often, your OS is where hackers discover the holes to exploit. Of course, in an ever-continuing battle, this software is continuously updated with security patches.

Finally, secure your wireless network with a router that has a built in firewall. Almost all wireless routers are set to no security when first installed. Log into the router and at least set it to basic security with a strong password to replace the factory setting that any hacker knows. A firewall or router that is not configured properly or non-existent allows hackers to scan passwords, e-mails, or files that cross your network connection.