Hacker

What is hacking?

Hacking refers to activities that seek to compromise digital devices, such as computers, smartphones, tablets, and even entire networks. And while hacking might not always be for malicious purposes, nowadays most references to hacking, and hackers, characterize it/them as unlawful activity by cybercriminals—motivated by financial gain, protest, information gathering (spying), and even just for the “fun” of the challenge.

Many think that “hacker” refers to some self-taught whiz kid or rogue programmer skilled at modifying computer hardware or software so it can be used in ways outside the original developers' intent. But this is a narrow view that doesn't begin to encompass the wide range of reasons why someone turns to hacking. (For an in-depth look at hackers, read “Under the hoodie: why money, power, and ego drive hackers to cybercrime” by Wendy Zamora.)

Hacking is typically technical in nature (like creating malvertising that deposits malware in a drive-by attack requiring no user interaction). But hackers can also use psychology to trick the user into clicking on a malicious attachment or providing personal data. These tactics are referred to as “social engineering.”

In fact, it's accurate to characterize hacking as an over-arching umbrella term for activity behind most if not all of the malware and malicious cyberattacks on the computing public, businesses, and governments. Besides social engineering and malvertising, common hacking techniques include:
Botnets
Browser hijacks
Denial of service (DDoS) attacks
Ransomware
Rootkits
Trojans
Viruses
Worms

As such, hacking has evolved from teenage mischief into a billion-dollar growth business, whose adherents have established a criminal infrastructure that develops and sells turnkey hacking tools to would-be crooks with less sophisticated technical skills (known as “script kiddies”). As an example, see: Emotet.

In another example, Windows users are reportedly the target of a wide-spread cybercriminal effort offering remote access to IT systems for just $10 via a dark web hacking store—potentially enabling attackers to steal information, disrupt systems, deploy ransomware, and more. Systems advertised for sale on the forum range from Windows XP through to Windows 10. The storeowners even offer tips for how those using the illicit logins can remain undetected.

Protect your device from hackers

Keep your personal data safe from hackers.
Download Malwarebytes Premium free for 14 days.

LEARN MORE

History of hacking/hackers

In its current usage, the term dates back to the 1970s. In 1980, an article in Psychology Today used the term “hacker” in its title: “The Hacker Papers,” which discussed the addictive nature of computer use.

Then there's the 1982 American science fiction film, Tron, in which the protagonist describes his intentions to break into a company's computer system as hacking into it. The plot of another movie released the next year, WarGames, centered on a teenager's computer intrusion into the North American Aerospace Defense Command (NORAD). It was a fiction that introduced the specter of hackers as a threat to national security.

Turns out, art was prologue to reality in that same year when a gang of teenage hackers broke into computer systems throughout the United States and Canada, including those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center, and Security Pacific Bank. Soon afterward, a Newsweek article with a cover shot of one of the young hackers was the first to use the term “hacker” in the pejorative sense in the mainstream media.

Thereafter, Congress got into the act, passing a number of bills concerning computer crime. After that, throughout the rest of the 1980s, any number of hacker groups and publications formed in America and abroad, attracting hacking enthusiasts in pursuit of diverse missions—some benign, others not so much. There were spectacular attacks and break-ins into government and corporate computers, more anti-hacking legislation, and many noteworthy arrests and convictions. All the while, popular culture kept hacking and hackers in the public consciousness with a parade of movies, books, and magazines that are dedicated to the activity.

For a lengthy timeline of hacker history, including the emergence of terrorist and state-sponsored hacking in the modern era, go here.

Types of hacking/hackers

Broadly speaking, you can say that hackers attempt to break into computers and networks for any of four reasons.

• There's criminal financial gain, meaning the theft of credit card numbers or defrauding banking systems.
• Next, gaining street cred and burnishing one's reputation within hacker subculture motivates some hackers as they leave their mark on websites they vandalize as proof that they pulled off the hack.
• Then there's corporate espionage, when one company's hackers seek to steal information on a competitor's products and services to gain a marketplace advantage.
• Finally, entire nations engage in state-sponsored hacking to steal business and/or national intelligence, to destabilize their adversaries' infrastructure, or even to sow discord and confusion in the target country. (There's consensus that China and Russia have carried out such attacks, including one on Forbes.com. In addition, the recent attacks on the Democratic National Committee [DNC] made the news in a big way—especially after Microsoft says hackers accused of hacking into the Democratic National Committee have exploited previously undisclosed flaws in Microsoft's Windows operating system and Adobe Systems' Flash software. There are also instances of hacking courtesy of the United States government.)

There's even another category of cybercriminals: the hacker who is politically or socially motivated for some cause. Such hacker-activists, or “hacktivists,” strive to focus public attention on an issue by garnering unflattering attention on the target—usually by making sensitive information public. For notable hacktivist groups, along with some of their more famous undertakings, see Anonymous, WikiLeaks, and LulzSec.

There's also another way we parse hackers. Remember the classic old Western movies? Good guys = white hats. Bad guys = black hats. Today's cybersecurity frontier retains that Wild West vibe, with white hat and black hat hackers, and even a third in-between category.

If a hacker is a person with deep understanding of computer systems and software, and who uses that knowledge to somehow subvert that technology, then a black hat hacker does so for stealing something valuable or other malicious reasons. So it's reasonable to assign any of those four motivations (theft, reputation, corporate espionage, and nation-state hacking) to the black hats.

White hat hackers, on the other hand, strive to improve the security of an organization's security systems by finding vulnerable flaws so that they can prevent identity theft or other cybercrimes before the black hats notice. Corporations even employ their own white hat hackers as part of their support staff, as a recent article from the New York Times online edition highlights. Or businesses can even outsource their white hat hacking to services such as HackerOne, which tests software products for vulnerabilities and bugs for a bounty.

Finally, there's the gray hat crowd, hackers who use their skills to break into systems and networks without permission (just like the black hats). But instead of wreaking criminal havoc, they might report their discovery to the target owner and offer to repair the vulnerability for a small fee.

Latest hacking news

Perspectives on Russian hacking
UK law enforcement: an uphill struggle to fight hackers
Biohacking

Hacking on Android phones

While most associate hacking with Windows computers, the Android operating system also offers an inviting target for hackers.

A bit of history: Early hackers who obsessively explored low-tech methods for getting around the secure telecommunication networks (and expensive long-distance calls of their era) were originally called phreaks—a combination of the words phone and freaks. They were a defined subculture in the 1970s, and their activity was called phreaking.

Nowadays, phreakers have evolved out of the analog technology era and become hackers in the digital world of more than two billion mobile devices. Mobile phone hackers use a variety of methods to access an individual's mobile phone and intercept voicemails, phone calls, text messages, and even the phone's microphone and camera, all without that user's permission or even knowledge.

Compared to iPhones, Android phones are much more fractured, whose open-source nature and inconsistencies in standards in terms of software development put the Androids at a greater risk of data corruption and data theft. And any number of bad things result from  Android hacking.

Cybercriminals could view your stored data on the phone, including identity and financial information. Likewise, hackers can track your location, force your phone to text premium websites, or even spread their hack (with an embedded malicious link) to others among your contacts, who will click on it because it appears to come from you.

Of course, legitimate law enforcement might hack phones with a warrant to store copies of texts and emails, transcribe private conversations, or follow the suspect's movements. But black hat hackers could definitely do harm by accessing your bank account credentials, deleting data, or adding a host of malicious programs.

Phone hackers have the advantage of many computer hacking techniques, which are easy to adapt to Androids.  Phishing, the crime of targeting individuals or members of entire organizations to lure them into revealing sensitive information through social engineering, is a tried and true method for criminals. In fact, because a phone displays a much smaller address bar compared to a PC, phishing on a mobile Internet browser probably makes it easier to counterfeit a seemingly trusted website without revealing the subtle tells (such as intentional misspellings) that you can see on a desktop browser. So you get a note from your bank asking you to log on to resolve an urgent problem, click on the conveniently provided link, enter your credentials in the form, and the hackers have you.

Trojanized apps downloaded from unsecured marketplaces are another crossover hacker threat to Androids. Major Android app stores (Google and Amazon) keep careful watch on the third-party apps; but embedded malware can get through either occasionally from the trusted sites, or more often from the sketchier ones. This is the way your phone ends up hosting adware, spyware, ransomware, or any other number of malware nasties.

Other methods are even more sophisticated and don't require manipulating the user into clicking on a bad link. Bluehacking gains access to your phone when it shows up on an unprotected Bluetooth network. It's even possible to mimic a trusted network or cell phone tower to re-route text messages or log-on sessions. And if you leave your unlocked phone unattended in a public space, instead of just stealing it, a hacker can clone it by copying the SIM card, which is like handing over the keys to your castle.

Hacking on Macs

Lest you think that hacking is only a Windows problem, Mac users, be assured—you are not immune.

For instance, in 2017  a phishing campaign targeting Mac users, mostly in Europe. Conveyed by a Trojan that was signed with a valid Apple developer certificate, the hack phished for credentials by throwing up a full-screen alert claiming that there's an essential OS X update waiting to be installed. If the hack succeeded, the attackers gained complete access to all of the victim's communication, allowing them to eavesdrop on all web browsing, even if it's an HTTPS connection with the lock icon.

In addition to social engineering hacks on Macs, the occasional hardware flaw can also create vulnerabilities, as was the case with the so-called Meltdown and Spectre flaws that The Guardian reported in early 2018. Apple responded by developing protections against the flaw, but advised customers to download software only from trusted sources such as its iOS and Mac App Stores to help prevent hackers from being able to use the processor vulnerabilities.

And then there was the insidious Calisto, a variant of the Proton Mac malware that operated in the wild for two years before being discovered in July 2018. It was buried in a fake Mac cybersecurity installer, and, among other functions, collected usernames and passwords.

So, from viruses, malware, to security flaws, hackers have created an extensive toolkit to wreak hacker havoc on your Mac, the most recent of which the Malwarebytes Labs team has documented here.

Hacking prevention

If your computer, tablet, or phone is at the bull's-eye of the hacker's target, then surround it with concentric rings of precautions.

First and foremost, download a reliable anti-malware product (or app for the phone), which can both detect and neutralize malware and block connections to malicious phishing websites. Of course, whether you're on Windows, Android, a Mac, an iPhone, or in a business network, we recommend the layered protection of  Malwarebytes for Windows,  Malwarebytes for Mac,  Malwarebytes for Android, Malwarebytes for Chromebook, Malwarebytes for iOS, and  Malwarebytes business products.

Second, only download phone apps from the legitimate marketplaces that police themselves for malware-carrying apps, such as Google Play and Amazon Appstore. (Note that Apple policy restricts iPhone users to download only from the App Store.) Even so, every time you download an app, check the ratings and reviews first. If it has a low rating and a low number of downloads, it is best to avoid that app.

Know that no bank or online payment system will ever ask you for your login credentials, social security number, or credit card numbers by means of email.

Whether you're on your phone or a computer, make sure your operating system remains updated. And update your other resident software as well.

Avoid visiting unsafe websites, and never download unverified attachments or click on links in unfamiliar emails.

All the above is basic hygiene, and always a good idea. But the bad guys are forever looking for a new way into your system. If a hacker discovers one of your passwords that you use for multiple services, they have apps that can breach your other accounts. So make your passwords long and complicated, avoid using the same one for different accounts, and instead use a password manager. Because the value of even a single hacked email account can rain disaster down on you.

How does hacking affect my business?

For criminal minded hackers, business is booming. Case in point, attacks on businesses went up 55 percent in the second half of 2018 with Trojans and ransomware proving to be the most popular types of attacks. Specifically, Trojan attacks on businesses rose 84 percent while ransomware attacks went up 88 percent.

The two biggest Trojan threats to businesses right now are Emotet and TrickBot, while the majority of ransomware cases as of late have been the result of GandCrab. Emotet, Trickbot, and GandCrab all rely on malspam as their primary vector of infection. These malicious spam emails, disguised as familiar brands, trick your end users into clicking malicious download links or opening an attachment loaded with malware. In an interesting twist, Emotet has evolved from being a banking Trojan in its own right into a tool for delivering other malware, including other banking Trojans like Trickbot.

So what happens when cybercriminals are able to hack into your network?

Emotet, for instance, hobbled critical systems in the City of Allentown, PA, requiring help from Microsoft’s incident response team to clean up. All told, the city racked up remediation costs to the tune of $1 million.

GandCrab is just as awful. It’s been estimated the ransomware with the gross sounding name has already netted its authors somewhere around $300 million in paid ransoms, with individual ransoms set from $600 to $700,000.

In light of the ransomware and Trojan attacks currently favored by criminal hackers, the question now is: how can I protect my business from hacking? Here’s some tips for staying safe.

• Implement network segmentation. Spreading your data across smaller subnetworks reduces your exposure during an attack. This can help contain infections to only a few endpoints instead of your entire infrastructure.
• Enforce the principle of least privilege (PoLP). By only giving users the access level they need to do their jobs and nothing more you can minimize the potential damage from ransomware attacks.
• Backup all your data. This goes for all the endpoints on your network and network shares too. As long as your data is archived, you can always wipe an infected system and restore from a backup.
• Educate end users on how to spot malspam. Users should be wary of unsolicited emails and attachments from unknown senders. When handling attachments, your users should avoid executing executable files and avoid enabling macros on Office files. When in doubt, reach out. Train end users to inquire further if suspicious emails appear to be from a trusted source. One quick phone call or email goes a long way towards avoiding malware.
• Educate staff on creating strong passwords and implement some form of multi-factor authentication (MFA)—two-factor authentication at a bare minimum.
• Patch and update your software. Emotet and Trickbot rely on the Windows EternalBlue/DoublePulsar vulnerabilities to infect machines and spread across networks so keep your systems up-to-date.
• Get proactive about endpoint protection. Malwarebytes, for example, has multiple options for your business with Endpoint Protection and Endpoint Detection and Response.