It’s hard to miss all of the news headlines about hacker groups and security intrusions. These attacks now seem to be unavoidable even for Government agencies. For weeks now the public has been following the Sony Incident, which now appears to have been only the tip of the iceberg. Even the State Senate computers have fallen victim to a group of hackers known as Lulze Security.
Anonymous
In the past week both the Lulze Security group as well as the cyber group “Anonymous” have taken responsibility for several attacks. Lulze Security have claimed responsibility for the attacks on the Sony Picture’s website, PBS.com, Fox.com, and the DDoS attacks on game company Bethesda. According to thier LulzSec Twitter Page they are now apparently taking hacking request through a messaging hotline. As for Anonymous they have claimed to be responsible for the Bank of America attack, the Spanish Police Department attack, and are thought to be behind the Sony PSN disaster. To prove their infiltration on the Senate network Lulze Security has posted a list of files online along side their other postings. However, it was said that none of the data taken from the Senate’s network contained sensitive information. Although it’s not completely clear whether or not sensitive files were actually obtained, the intrusion itself displays the group’s capabilities and malicious intent.
Compared to last couple months, it seems that these types of attacks have changed direction moving from the acquisition of personal information to the infiltration of high powered and influential organizations. Besides gaining access to personal or financial information, perhaps these attacks are based on retaliation, display of power, or reputation. Speculation aside what’s truly concerning is the lack of security or the effectiveness of our current security.
Where is the security? Granted, these hackers are extremely clever and well versed when it comes to bypassing security measures but shouldn’t the current security for most organizations be able to slow them down at the very least?
Traditionally hackers or crackers are people who illegally obtain access to computers or computer networks to gain a profit, to protest, to expose security flaws, to challenge themselves, or to become infamous through their actions. As the hacking community continues to outperform one another as well as the security protocols of major businesses it is often the innocent consumers that pay the price.
There are different types of hackers along with different level of hackers. Not all hackers have the same attributes, some are good, some are bad, and some operate in the shades of gray. The following are the categories and characteristics commonly used to classify hackers.
White Hat: Also known as an ethical hacker this type performs intrusions for non-malicious purposes either contractually or to test their own personal security. They perform penetration/vulnerability tests to access the level of security and to improve it.
Black Hat: Represents the complete extreme to white hat hackers, they use their knowledge and ability to illegally infiltrate systems with malicious intent or for personal gain. These computer criminals identify a target, research their target, find security gaps, and then access it illegally. They perform hacks to destroy data, collect data for monetary value, or to build their reputation amongst the hacking community.
Gray Hat: As the name implies, a gray hat hacker is a combination of black and white hat tactics. A gray hat hacker may use black hat techniques to infiltrate a network for the purpose of identifying security flaws. Once identified, some hackers will offer a service fee to fix the vulnerabilities. This type of hacker acts under white hat motives but operates with black hat methods. Although these attacks occur without malicious intent they are still violating the organizations and individual privacy which can cause a lot of problems.
Black, white, and gray hat hackers are only the most basic breakdown, hackers can also be further identified by skill level, reputation, and intent. The following are different terms associated with these hackers.
Blue hat: Like a white hat hacker the blue hat hacker typically works with security consulting firms and is contacted to perform operational and system security testing.
Neophyte: Neophyte is used to describe someone that is a beginner to hacking and possesses very little knowledge or skills required for hacking.
Script kiddie: This category is made up of hackers who are more experienced than Neophytes but is still unable to devise their own methods of gaining access. They often rely on pre-packaged automated tools that are created by other hackers.
Elite Hacker: Is a name reserved for the most skillful and recognized hackers. These individuals or groups have built a reputation among the community. They continue to gain credibility by gaining access to harder targets, causing devastation, and being publicized by the news following their attacks.
Hacktivist: Also known as a cyber terrorist, with these hackers there are clear and present goals in mind to express a social, ideological, religious, or political point of view.
A typical system or network hack occurs in three steps, network enumerating, vulnerability scanning, and exploitation. Network enumeration is where information and the vulnerabilities are obtained using network scanners or enumerators. These are programs that report back information like user names, networked services, and shared resources. White hat hackers will use these reports to resolve the discovered security gaps whereas a black hat hacker would use them to gain deeper access. Vulnerability Analysis is when an attacker seeks out system flaws. To be vulnerable a system has to meet three conditions, it must have a flaw, the hacker has to have access to that flaw, and the hacker must be skillful enough to exploit that flaw. Lastly exploitation occurs by attempting to compromise the system through the flaws found in the vulnerability scan.
Some of the techniques hackers frequently use to gain access to a computer system or network are vulnerability scanning tools, password cracking, packet sniffing, spoofing or phishing, rootkit, social engineering, intimidation, helpfulness, name-dropping, Trojan horses, viruses, worms and key loggers.
Although the recent attacks have caused a lot of disruption and concern, hopefully something good will come from them like stronger security. Companies and organizations should view these attacks as a warning and take the time to strengthen their protection and conduct their own vulnerability testing while they still can. Not only is it important for major companies and Government agencies to be prepared but the individual users should be prepared as well. Computer users should make sure that they have sufficient computer security and keep up to date with the latest security news.
Thanks for Reading and Have a Great Day!
Dustin
