Columnists Features

Hacking: What it is?


AS THE world advances in technology, so are the people. We are now living in a society where out of an approximated world total population of 7.4 billion, at least 46.1 percent (approximately 3.4 billion people) use the internet. This information is based on the statistics obtained from the internet live stats for the year 2016. What do these statistics tell us? When we critically think of it, half of the population is using the internet, but the question is, what are we using the internet for? I believe we have a lot of different answers to this question. It is definitely a question one can write a book about. In this modern era, the internet is one of the most addictive platforms on which most of us are spending a great amount of time on. This isn’t an exaggeration but I am sure all those who use the internet on their mobile gadgets as well as office equipment understand what I am talking about.
The first thing we do when we wake up is grab our phones from our bedside and check the social media platforms. Similarly, when we report at our workplaces we always rush to switch on our computers and get glued to the internet for the next good number of minutes, if not hours. As we enjoy this habit, we download and upload a lot of stuff, some of which is very sensitive and important to our lives and this is where my topic of discussion begins. I thought of discussing hacking, what it is, who a Hacker is, how they hack and why they hack!
From my understanding, hacking is the gaining of unauthorised and/or access to the system or resources of a system. This process or procedures are conducted either by authorised personnel to test the security environment of an organization or for malicious reasons. The personnel that conduct these procedures are known as hackers. There are primarily two (2) different types of hackers who I will explain a little later in the article.
There are what are called black hat hackers – these do hacking for all the wrong reasons such as acquiring money, fun, harm and fame. Then we also have white hat hackers – these do hacking with good intentions usually referred to as penetration testers as they try to discover loopholes in systems and provide solutions to them. There is another hybrid type of hackers called grey hat hackers. It is a hybrid type because it is a mixture of black and white hat hackers who practice both types of hacking and are formally certified and licensed to do so. Depending on the situation at hand, hackers are very technically competent (experts), usually with strong skills in advanced computer programming and network engineering.
There is also another classification of hackers who usually are newbies and have no direction when performing hacking procedures. These are known as script kiddies and usually do not possess a complete knowledge or expertise but have ideas in most of the technical related fields in computing. Mostly, these perform hacking by trying different third-party software obtained from the internet illegally or as freeware. Students usually fall in this category as they do it for fun or accident. There are also suicidal hackers. These are usually people who do it to frustrate without caring about the consequences, outcomes or penalties. Lastly, across the globe, it is now common practice for governments to set up and sponsor organisations that perform these activities with specific objectives in order to safeguard the interests of their citizens. These in most cases also are privileged to conduct security assessment exercises on other governments. These are done through legal frameworks bound by both countries.
Hacking is a reality and happens almost every time. There are a lot of ways in which it is done, some of which include sending malicious documents through email systems with special or malicious scripts attached to them such that upon opening them they spread the script to the network and give access to the hacker. Sometimes hackers knowing our love for the internet, they create a fake wireless access point duplicating your original access point name called service set identifier (SSID). One might think they are connecting to their network without realising they have been deviated to the hackers’ network with very good internet speed where they sniff and capture all your logon details and use them on your actual network. This is followed by them issuing a denial of service (DoS) attack, which is an attempt to make a computer or network resource unavailable to its intended users, such as to temporarily or indefinitely interrupt or suspend services of a computer connected to the Internet by flooding it with arbitrary requests, slowing down the system. And in a case of a network system, they might issue a distributed denial of service (DDoS) attack where multiple systems flood the bandwidth (internet speed) or resources of a targeted system, usually on one or more web servers. Such an attack is often the result of multiple compromised systems. E.g. Botnet (also known as a zombie army) refers to a number of computers connected to the internet that, although their owners are unaware of them, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet.
Though it is not easy to run away from hacking, organisations need to carry out some penetration testing so that they discover their system’s vulnerabilities and take appropriate actions. As for individuals, we need to ensure that we always use very strong passwords and change them regularly. Avoid sharing of passwords, too. Hacking is real and data is expensive.
The author is Zambia Daily Mail deputy manager – ICT.

Facebook Feed