Wednesday, December 11, 2019
Professional Report Criminalizing Hacking
Questions: Discuss about the Professional Report Criminalizing Hacking Should be Encouraged to Enhance their skills. Answers: Introduction The following topic deals with how Hacking can be used as a medium to help others rather than destroying the lives of others. The world today is fully digitalized. The most frightening thing that anyone can dream of in this world is someone stealing away all his/her data with a blink of an eye over the internet. Hacking is defined as breaking into the personal space of individual without their consent. It can be used either to help humankind or to bring the world to its knees (Taylor et al. 2014). There are many forms of hacking but the most common are the White Hats and Black Hats which are basically two sides of a coin. Ethical hackers are the ones who work for government and maintain their sites and protect others from sniffing (Trabelsi and Ibrahim 2013) (Behera and Dash 2015). Black hats are the ones who try to get into the system to steal the data like banks and government sites. Hacking was first used to find the flaws or vulnerabilities, while setting up a system but later it tuned to harm others (Berger and Jones 2016). There are many instances where hacking is meant to destroy an organization but also there are many instances where hacking is used to counterpart that. Hacking Hacking is a process in which someone tries to access computers or networks without any authorization. Hacking is the attempt to coup a computer system or a private network (Behera and Dash 2015). The term Hacker is referred to a person who is having a deep knowledge about computers and who uses this skill to commit any crime which often damages organizations or spread viruses or even can cause financial loss (Taylor et al. 2014). They are highly skilled people as it takes a lot of talent to cease a system than to create it. A hacker tries to get inside a system by using that systems vulnerabilities as its main course of weapon. Figure: Classifications of Hackings (Source: Berger, H. and Jones, A., 2016) Ethical Hacking Ethical Hacking is usually performed by an individual or group of people who helps the government or an organization to find the flaws or limitations which could have been bypassed (Berger and Jones 2016). Ethical hackers help the government or any organization to protect its data from any outer source (Prasad 2014). Reasons to Enhance Ethical Hacking Ethical hacking can be advantageous in various forms. The advantages of ethical hacking are- Hackers are defined as the person, who digs out information in a form or the other (Behera and Dash 2015). The most advantageous factor of hacking is that it helps us to get great protection form thefts. Thefts are very common now a day and they can happen online as well as offline. Hackers steal information (Regalad et al. 2015). If an organization is planning to be secure from the theft of their information then they can schedule regular ethical hacking exercise to find out whether there is any flaw in their system. This reduces the vulnerability of their system and makes it secure form the outside hackers (Prasad 2014). Hacking is responsible for the growth of bugs in the software thus making the software weak (Verma and Pathak 2014). This in turn, can be used to make the software even more powerful and less relevant to bugs and viruses. Thus, an organization can ask a professional hacker to test hacking the software to test if the software is strong enough. Hacking can help a nation to be secure. A nation can spy or monitor the activities of other nation to be ready for any type of ill- action by the opponent nation (Juneja 2013). This way hacking can be helpful to get early information about the activities of any country and thus it can be very helpful to increase the security of any nation (Engebretson 2013). Today we have so many anti-virus applications to fix our pc, laptop and various other devices if viruses or worms (Trabelsi and Ibrahim 2013) attack them. This is the result of hacking as the companies today are aware of the level of hacking and thus they manufacture even strong anti-viruses to keep the device secured from the attack of viruses (Juneja 2013). Being good at hacking can help a person be excellent at programming as hackers are said to be outstanding programmers. If a person or a student is aware of the security threats and weakness, that hacking can cause to the system then it will be very helpful to enhance his/her programming skills (Verma and Pathak 2014). Hacking can be helpful to get protection from the lawsuits. Lawsuit is a claim brought to law for adjudication. With the help of ethical hacking, such lawsuits can be prevented. The advancements of computers has increased due to hacking as the softwares are made powerful enough to kill the bugs and thus they are more useful (Regalad et al. 2015). Hacking is stealing sensitive information from an organization. A country can make its information more secure and safe if regular hacking test is done to check whether the information is safe from the hackers and attackers of other nations (Trabelsi 2016). Ethical hackers who work as the security professionals, they keep on checking their system and network using the same tool that a hacker may use against the network or to compromise the network (Jones 2015). Unethical Hacking Unethical hacking is the type of hacking done with malicious intentions. Hackers often use this tier of hacking to break into systems or networks to steal confidential data, money or to plant a virus or worm, which can seriously affect the system and in extreme cases. It may collapse the whole system or network (Behera and Dash 2015). The person who performs this act is often called the Cracker who is described as the malicious meddlers who sniffs into the computer to steal the data. Types of Hackers There are seven categories of hackers. They are Figure: Classifications of Hackers (Source: Prasad 2014). Script Kiddie Script kiddies are the ones who have less information about hacking, all they do is just copy a used code and make a virus out of it or and SQL injection. They do not code from their own, they just download the used code or software (Metasploit) and refer to some YouTube video on how to use that. They are mainly famous for doing DoS or DDos attacks which floods an IP with numerous request, which collapses a server (Prasad 2014). White Hat These are known as Ethical Hackers who usually work for an organization or government and help them find any flaws (Chowdappa, Lakshmi and Kumar 2014). Black Hat They are known as Crackers and they hack into the computer systems or networks to make the lives of common people more difficult. Their main intention is to steal money, data or even some confidential data. Grey Hat These are the type of hackers, who are not black hats but still they do not work with any government or organization (Regalado et al. 2015). Green Hat These are the hackers who are in their beginning stage where they care about hacking and even dream of becoming a renowned hacker. They mostly spend their time in the community learning from the professionals. Red Hat These are similar to white hats as they try to put an end on the black hats but they are too frightened to do as on those who are in this field for a long time. Instead of reporting, they shut down the computers by uploading a virus or by the means of DoS. They cannot perform any penetration testing on any computers (Chowdappa, Lakshmi and Kumar 2014). Blue Hat Unlike the script kiddie, they are only focused on taking revenge on those who means harm to them (Prasad 2014). Unethical Hacking example Twenty thousand internal emails were leaked due to an attack in the Democratic National Committees server on the eve of Democratic convention. In a separate attack, Democratic Lawmakers mobile phone number and other personal information was leaked from the committee of Democratic Congressional Campaign (Ft.com 2017). A group goes by the name Hackappcom breached the security of Apple iCloud and leaked all the sensitive photos of celebrities and spreading it all over the internet. It was performed by using a key which all users had to enter that and by entering that, they were made victims and the hackers gained their access to all the Apple products like the iCloud, iBook and many more (Ft.com 2017). Another instance is the hacking of the European Commission where they all got the mail that they are under attack and after that for several hours; the internet was down (Eder and Eder 2017). The biggest of threats that have been reported till date is that attack of Mirai malware. It spreads to all the unprotected devices if any like the web cameras, routers, phones and modems and turn them into bots which can do anything the hacker wishes to. The hack conducted was the DDoS attack. In this type of attack, the server is flooded with multiple requests hence it forces to shut it down. The attack conducted took 620 gigabytes of data every second from all parts of the world (Mail Online 2017). The first appearance of ZeroAccess rootkit made its way in the year 2011 infecting about ten million computer systems worldwide. The main purpose of the root kit was to target a computer system remotely, infecting it with the virus in order to control them from far away. It was designed so cleverly that the trace of the attack is still unknown. After the rootkit affected it, botnet would have been installed on that system. About 1.9 millions computers were affected by the year 2013. The main way of attacking using the botnet was by DDoS attacks in which the victim computer is flooded with several requests, which put the system out of service. Still some components of the rootkit are operational and are still affecting many computers worldwide. Live example There are numerous examples where ethical hacking was of great help in enhancement of the security. Such examples are- The United States Air Pressure used ethical hacking and conducted a security analysis of an operating system. In that process, they were to check the flaws in the software such as faulty software program, vulnerable program and procedural security. It was kept in mind that even a relatively low degree of attempt, the intruder might fly away with the precious information and their security might get bypassed. Moral hacking could stop such thing. The person who was in-charge of this job (a hacker), treated the system as if he was the actual enemy of the organization and he tried every possible way he could to break the systems security and to interrupt the system. This way the systems security could be judged. At Philadelphedia U.S.A, in the year 2014, Heartbleed flaw was a defect in the openSSC cryptography, which was discovered by an ethical hacker Neel Metha who worked for Googles security team. Jack Whittion of U.K, in the year 2013 found out a bug in the system of facebook that would let any generous hacker with a phone to take over users account. He discovered it when facebook invited him to find the flaws in their system. Jared DeMott of Michigan, U.S.A was awarded third in the blue hat competition arranged by Microsoft. He was rewarded because he found out bugs in the coding done by Microsoft experts and also bypassed all of their security measures. This is a great task done by him as it asks a lot of talent to bypass the coding done by experts. Conclusion Hence, from the above discussion it can be said that enriching ethical hacking can be very fruitful if chances are given. Hacking is very powerful tool if used positively as it can help an organization know about the flaws and limitations in their security systems and to secure the system. Hacking must not be treated as a criminal offense but it should be brought up positively and hackers should be encouraged to become the white hat hackers as they can be of great help to a particular organization as well as the whole nation. Several examples have come up which prove that hacking can be beneficial and it should not be treated as a criminal activity. References: Behera, M.P.C. and Dash, M.C., 2015. Ethical Hacking: A Security Assessment Tool to Uncover Loopholes and Vulnerabilities in Network and to Ensure Protection to the System. Berger, H. and Jones, A., 2016, July. Cyber Security Ethical Hacking For SMEs. InProceedings of the The 11th International Knowledge Management in Organizations Conference on The changing face of Knowledge Management Impacting Society(p. 12). ACM. Chowdappa, K.B., Lakshmi, S.S. and Kumar, P.P., 2014. Ethical hacking techniques with penetration testing.International journal of computer science and information technologies,5(3), pp.3389-3393. Coleman, E.G., 2013.Coding freedom: The ethics and aesthetics of hacking. Princeton University Press. Eder, F. and Eder, F. (2017). Hackers attack European Commission. [online] POLITICO. Available at: https://www.politico.eu/article/hackers-attack-european-commission/ [Accessed 6 Feb. 2017]. Engebretson, P., 2013.The basics of hacking and penetration testing: ethical hacking and penetration testing made easy. Elsevier. Ft.com. (2017). US confident that Russia directed hacking attacks. [online] Available at: https://www.ft.com/content/ab3c8610-8cc6-11e6-8cb7-e7ada1d123b1 [Accessed 6 Feb. 2017]. Jones, D.A., 2015.An Examination of Penetration Testing (Ethical Hacking) and Delivering(Doctoral dissertation, Cardiff Metropolitan University). Juneja, G.K., 2013. Ethical hacking: A technique to enhance information security.International Journal of Innovative Research in Science, Engineering and Technology,2(12), pp.7575-7580. Mail Online. (2017). Security experts warn of online attacks after hackers publish bot code. [online] Available at: https://www.dailymail.co.uk/sciencetech/article-3819882/Are-risk-Experts-fear-spike-hacking-code-used-one-largest-cyber-attacks-history-released.html [Accessed 6 Feb. 2017]. Prasad, S.T., 2014. Ethical hacking and types of hackers.International Journal of Emerging Technology in Computer Science Electronics (IJETCSE),11, pp.24-27. Regalado, D., Harris, S., Harper, A., Eagle, C., Ness, J., Spasojevic, B., Linn, R. and Sims, S., 2015.Gray Hat Hacking the Ethical Hacker's Handbook. McGraw-Hill Education Group. Taylor, R.W., Fritsch, E.J. and Liederbach, J., 2014.Digital crime and digital terrorism. Prentice Hall Press. Trabelsi, Z. and Ibrahim, W., 2013, March. Teaching ethical hacking in information security curriculum: A case study. InGlobal Engineering Education Conference (EDUCON), 2013 IEEE(pp. 130-137). IEEE. Trabelsi, Z. and McCoey, M., 2016. Ethical hacking in information security curricula.International Journal of Information and Communication Technology Education (IJICTE),12(1), pp.1-10. Verma, V., Pathak, A.A., Bathini, D.R. and Pereira, A., 2014. EnterAll InfoSec Solutions: Growing an Ethical Hacking Business.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.