What is Hacking?
Hacking means the act of breaching into a computer or network. Hacking can occur two ways, it can occur in person if the hacker has physical access to the computer or network or through the Internet which tends to be the most common way. It doesn’t matter how the hacking occurs because it is still illegal. In the Unites states and various other countries the act of hacking is considered a criminal offense. Some of the illegal acts performed during hacking are stealing important data like credit card information, corrupt a computer system, and create and disperse spam. Hacking has become quite easier due to the growing wireless network popularity, which allows hackers to gain unauthorized access to a wireless network by simply being a couple a hundred feet from an unsecured wireless access point.
Hacking is not only a concern for the average computer user, but can be a threat to national security to countries. There are so many systems that are run for security purposes with the use of Internet connection that a hacker could be able to get into a major government system. This has bought an increase risk in cyberterrorism.
There are many things that could be affected by cyberterrorism that include: banks, airlines, stock markets, and big systems like the nation’s power grid.
The majority of hackers conduct broad-based, indiscriminate probes of any and all computers connected to the internet. Targeted attacks against large businesses or government entities are far less common, but garner a lot of attention. This is why it is important for any computer user to take security measures that lessens the ability of hackers to steal the resources of a system. The resources of a computer system include the files and sensitive data stored on the computer, AND the computer itself.
Hijacked computers can be just as valuable as stolen data due to their raw computing power and internet connections. Any hijacked computer is a worthy addition to the hackers’ arsenal of zombie computers and botnets. Hackers will use hijacked computers to send out spam and emails containing viruses and other malware, disseminate illicit materials or take part in hacking attacks in other computer networks. In summary, hackers may use hijacked systems to perform the following illegal actions.
• To send unwanted spam.
• To engage in click fraud (A type of Internet crime that occurs in pay-per-click online advertising when a person, automated script or computer program imitates a legitimate web user clicking on an ad, for the purpose of generating a charge per click).
• To send malicious emails to your friends, family and clients. In this way hijacked systems function as a spreader of viruses, malware and spyware.
• To install a key logger and capture every username and password typed; they can then use your computer to log into your financial accounts; conduct transactions and perpetrate electronic theft.
• To mount a coordinated attack on select targets, such as banks or governmental institutions.
• To sniff out other traffic on your network. Any networked computer can be used to “sniff” out and copy traffic on your network, such as the network traffic from credit card or other data processing servers.
• To use your computer to send out data through the internet. In extreme cases, they can use it as a hub to exchange illicit, illegal or stolen materials, as a relay station to hide the true origin of certain content or as a message board for shady activities.
Below are six most common ways your data can be stolen
What is phishing?
Phishing is a fake email masquerading as legitimate. Hackers create phishing emails through which they intend to steal your confidential information like passwords and bank account details. This kind of email appears to have come from a well-known person or organisation like your bank or company that you work for. These emails generally try to create an urgency or panic to trick users into giving out their personal details
What is malware?
Malware is a malicious software that is written with the intent of compromising a system and stealing the data available on the system. These programmes can perform a variety of functions some of which include stealing or deleting sensitive data, modifying system’s core functionalities, and secretly tracking the victim’s activities. There are various factors that can lead to the installation of malware in your system. One is running an older or pirated version of an operating system which is not safe or updated and thus vulnerable to attacks. Clicking on unknown links or installing fake/pirated software can also lead to downloading of malicious programmes.
Major types of malware
Virus: A virus is a programme that is capable of infecting software and disabling or modifying a system’s core functionality. It tends to replicate itself into data files, programmes or boot sector of a computer’s hard drive and making the files/system inaccessible.
Trojans: This type of malware tends to create backdoors in your security to let attackers monitor your activities remotely. It disguises itself as legitimate software.
Spyware: Spyware is malware designed to spy on you. It hides in the background and tracks everything you do online, including your passwords, credit card numbers, surfing habits and chats. It can record keystrokes, videograph you from your webcam and even listen from your microphone.
Keylogger: This is a specific form of spyware that simply records the keys you type and where you type them. These logs are then sent to the attacker who can analyse them to find your passwords, chats, credit card numbers and much more.
3. Malicious mobile apps
What are malicious mobile apps?
There is a big misconception that every app available on Google Playstore or Apple store is safe and legitimate. However, this is not the case. Not every app available on these stores is safe for users. Some of these apps may contain malicious code that can put your privacy at risk.
How such apps can steal your data
The malicious apps may contain a code snippet that can install malware on your device. Besides this, the app may ask for unnecessary permissions that hackers may misuse to extract critical data including your contacts, messages and media.
It is advised to look out for the following permissions as they can be misused by an application:
Accounts access: It helps collect crucial data including contact lists and e-mail addresses.
SMS permission: It can be used to send SMSs to premium-rate numbers and drain out your balance.
Microphone access: It can record phone conversations.
Device admin permission: It can help a hacker take remote control of your phone, track it live and even wipe it remotely.
Contacts: It can help a hacker steal your contacts and sell it to ad networks.
What is Smishing?
Smishing is a form of phishing in which someone tries to trick you into giving them your private information via a phone call or SMS message. Smishing is becoming an emerging and growing threat in the world of online security.
How it can compromise your data
Smishing uses elements of social engineering to get you to share your personal information. This tactic leverages your trust in order to obtain your information. The information an attacker is looking for can be anything from an online password to your bank account details or OTPs to gain access to your accounts. Once the hacker has your required data, he can use it for various attacks.
Messages sometimes also come with shortened links with luring offers and deals that when clicked, install malware on your devices.
5. Physical security threats
What are physical security threats?
A physical threat is any threat to your sensitive information that results from other people having a direct physical access to your devices like laptops, hard drives and mobile devices.
Physical security threats are often underestimated in favour of technical threats such as phishing and malware. Physical device threats occur when someone is able to physically gain access to your confidential data like data gathered from stolen devices.
Physical security breaches can happen at your workplace or even at your home. For example, someone could get hold of your confidential files that they are not supposed to see or access an unattended system which is not password-protected.
6. Insecure networks
What are Insecure networks?
Connecting your system or device to an insecure network can create the possibility of a hacker gaining access to all the files on your system and monitoring your activity online. A hacker in control of your system can steal passwords of your social accounts, bank accounts and even inject malware on authentic websites that you trust. With programmes freely available on the Internet, anyone can sit in a car outside your home and access your critical files, accounting data, usernames and passwords, or any other information on the network. A competitor in possession of such in-depth knowledge of your official documents can be a damaging or even fatal threat to your business.
Connecting to a “free” airport/coffee shop WiFis is dangerous especially when you are carrying out critical activities online such as banking, private conversation or even browsing your email. These networks are often left unprotected which can allow a malicious hacker in the same shop/region to snoop on you easily.