- What Is a Hacker?
- Who Are the Hackers?
- What Damage Can Hackers Do?
- Targets of a Hack Attack
- Hacker Motivation: I Think Therefore I Hack
- Tools of the Trade: Pass Me a Trojan Horse, Would You?
- Firewall: Shut Out the Hackers
- Software Firewalls: Programs That Stop Hackers
- How to Detect a Hacker Attack
- How to Fix a Hacker Attack
- Batten down the Hatches—10-Minute Tactics
- Wall off the World—Install a Better Firewall in an Afternoon
- The Absolute Minimum
Targets of a Hack Attack
Hacker interests lie in many types of computers on the Internet. Following is a discussion of the types of targets and their appeal to the perpetrators.
Corporate Networks
Corporate computers are often heavily fortified so hacking into one has high cachet. Behind corporate firewalls are repositories of customer information, product information, and sometimes, in the case of a software publisher, the product itself.
Web Servers
Web servers are computers that contain websites. While some contain customer financial information, web servers are usually targets for vandals because they can be defaced to display information the hacker chooses to the public.
Personal Computers
A personal computer by itself has little appeal for the high-profile hacker. However, it has its use in cyber crime. If it can be commandeered, it can be used to engage in hiding the perpetrator’s identity. There are several key uses for these hijacked computers, as follows.
Denial of Service Attacks
A hacker can gain control of a computer by planting a program on it, usually by using a virus or Trojan horse. After infected, the hijacked computer, called a zombie, can be use as a weapon to attack another computer. It’s commanded to blast chunks of data at a target computer in a coordinated effort with thousands of other zombies. This overwhelms the target machine and its stops functioning. This is called a distributed denial of service attack (DDoS). Sometimes a DDoS attack is used against companies who have policies with which the hacker disagrees.
It’s also used in extortion schemes. Gambling websites, typically located offshore, regularly receive threats of DDoS attacks unless they pay protection money. These threats are known to intensify around Super Bowl weekend in the United States, when the volume of bets is at an all time high.
Spam, Spam, Spam, Spam, Spam, Spam, Spam
Hackers are also interested in getting their code onto personal computers so they can be turned into spam machines. Sending large volumes of unsolicited email from one computer gets your Internet connection shut down. If you can hijack thousands of other computers to do the spam-sending, however, you retain your anonymity and have a spam network that’s hard to shut down because each sending machine has to be blocked one at a time.
Storage
I have had a web server computer hacked before and used as a depository for illegal software or programs that are being shared. Someone used a loophole to get into it and left gigabytes of data on it, presumably for others to fetch as needed.