How do malicious hackers get into computer systems?
We all know that cyber crime is on the increase and it seems that even the systems that you would expect to be well protected, such as government agencies, major news websites and financial institutions, are far from immune to attacks by malicious hackers.
You may have a complex password (although a huge majority of people do not), anti-virus and anti-malware software, and a firewall but these cyber criminals use a whole range of techniques that can breach even highly sophisticated system security measures, such as Distributed Denial of Service attacks (DDoS), Botnets, Viruses etc.
The only sure way to beat the hackers is to learn how they work. Major organisations are now sending their IT specialists for IT security training to effectively learn how to be an “ethical” hacker i.e. use the same techniques as malicious hackers but in order to identify and repair security weaknesses.
But what exactly are these techniques?
The premise of a Distributed Denial of Service (DDoS) attack is to flood a system with traffic from many different computers in many different locations to the point where the bandwidth of the system can no longer cope with these extreme levels of traffic and becomes unavailable to genuine users. This can cause very real problems for customers of, for example, banks if they cannot access their money over an extended period.
But whilst this method is the most common form of a DDoS attack there are a range of other methods that can also cause severe disruption such as locking genuine users out of important systems, or wiping entire databases. And because they work in a similar way to legitimate users it is often hard to identify the source of the problem. Clearly many organisations wish to allow access to their systems from pretty much anywhere for genuine customers to undertake tasks such as internet banking, checking an online bill, commenting on a news item or submitting a tax return. By opening up their very secure systems there will always be opportunities for hackers.
Some organisations tackle the potential issue of DDoS by investing in excessive amounts of bandwidth but this comes at a cost and it is also important to ensure that all software and hardware, including routers and switches, is kept up to date as hackers are notorious for exploiting loopholes in out-dated systems which, in many cases, have been fixed in the latest versions.
Some companies are also gathering and analysing information from its customer behaviours in an attempt to identify suspicious behaviour more easily and so predict a DDoS attack when it starts and before it becomes a problem.
The term for this type of malicious threat comes from “Robot” and “Network” and refers to a whole network of computers (many, many thousands, in some cases) that are controlled remotely because they have been infected with malware and are used for malicious or criminal activity. We all know that spam or phishing emails with attachments are a danger but such emails are increasingly sophisticated and harder to tell apart from a genuine email that many home computers become infected – often without the owner realising. Indeed, this method has been used by criminal gangs to steal millions of dollars from banks across the world.
A computer virus is a small piece of code designed to disrupt a computer system or carry out tasks to a malicious or criminal end. They spread from computer to computer on a network by replicating themselves and can alter data, such as bank account balances as seen in the recent hacks on banks by the Carbanak gang who artificially inflated a bank balance and then withdrew the excess money without the individual account holder ever being aware that anything was amiss.
The most typical way for viruses to be distributed is via online downloads (particularly those that are free), files attached to emails, or physical media like CDs, DVDs, or USB drives.
People often refer to all sorts of unwanted programs as viruses, but a true virus is only once that can replicate itself over and over again. They do this by connecting to a regular computer program and when that is used it is loaded into the computer’s memory along with the virus. One of the most difficult issues with viruses is detecting them – most are designed to reside on a computer without doing any apparent harm so that they can spread more easily to other computers. By not alerting the user to a problem the virus is more likely to spread further.
You may think you will be protected by your anti-virus software or would know if your machine was infected but that is often not the case. Some viruses are so sophisticated that they can modify themselves so they look different on each infected system and thus can even avoid detection by the best anti-virus software. Naturally the anti-virus software manufacturers are fighting back by studying how viruses work but will they always be one step behind?