Introduction

‘Hacking’ is a word, which the world thinks illegitimate. However, that is not true. A person who hacks doesn’t necessarily have to be a thief. As long as it is harmless, hacking is fun. Hacking is fine if you’re looking to quench your curiosity. The person, who secures data, be it from an organization or a mere personal computer is also a hacker. Many companies recruit hackers to their official team for safeguarding their data and enhancing their security. As surprising as it is, one can make a good career with hacking. Hackers can also freelance as a contract hacker for a limited period of time, which allows them to work with different companies. Many multi-national companies (MNC) hire professional hackers. However, it is important to keep it ethical and not give in to the darker side of hacking. People also have the wrong impression that hacking is only meant for highly skilled computer geniuses known as coders. Hacking isn’t limited to techies but also can be done by anyone who wishes to protect their information from others. There are several topics one could cover under hacking with several books that cover them right from the basics to the professional details. However, this book is targeted at the beginners’ who aren’t well versed in the basics of hacking. This book mainly focuses on understanding the critical concepts in hacking like cracking, malware, viruses and IT security. This book also deals with the concepts in ethical hacking with which you can secure your data the crowd of unethical hackers. I hope you find this book to be beneficial and informative and I want you to thank you for choosing this book. Have a good read!

Chapter 1: The Basics of Computer Hacking – What you Need to Know to Get Started in Hacking

We have all heard about hackers thanks to our media and the way that Hollywood likes to portray them in movies. We think of someone who is smart and sits in their basement while getting onto any network that they choose. It is exciting when we watch movies and the media portray hacking in their own ways, but neither Hollywood nor the mainstream press really shows the true story of hacking. The term hacker came up during the 1960s and was originally used to describe a programmer or someone who was able to hack out a computer code. These people were able to see future ways to use a computer and would create new programs that no one else could. They were basically innovators in their fields at the time, and they would ultimately end up being the ones who led the computer industry to where it is today. These early hackers were interested in their work. They were excited to create a new program, but they wanted to learn how other systems worked as well. If there happened to be a bug in another system, these hackers would be the ones who would create patches that could help fix the problem. While at first, these people were visionaries that contributed to create programs and even fix what wasn’t working for others, things started to change once the computer system started going over into networks. Then the term hacker would expand to be seen as someone who was able to get onto a network where their access was restricted. Sometimes this hacker may have been on a particular network because they were curious to find out how it worked and other times it was for more malicious intents and purposes. As you can see, there is a big difference between what was considered to be a hacker a few decades ago and what is considered as a hacker today. Some of this confusion exists because there are two sides to hacking- which we will analyze in more detail later- and each one will work slightly differently to either expose or protect the network in question. The process of hacking is something that is often in the news, but most people don’t understand what it is all about. Basically, hacking is the process of modifying the software and hardware of a computer to accomplish a goal that was outside its original purpose. It can also include any time that someone enters into a network that they are not allowed. Those who engage in this process are known as hackers, and they are often able to get onto computers, systems, and find access to information they may not be authorized to. While the media may lead us to believe that all hackers are up to no good, for the majority of them, this is just not the case. Some just see it as a challenge and an adrenaline rush to get onto a system, even if they shouldn’t. Others enjoy learning about computers and figuring out what they are able to do. Most of the hacking that goes on today is not meant to be destructive or criminal at all, although the law may look at these things differently. Since many hackers are considered computer prodigies, there are actually quite a few corporations in America who employ them on their technical staff. These hackers are able to work with the company to figure out any flaws present in the security system, making it easier to fix these problems before a criminal hacker gets in. These individuals can help stop identity theft, protect the organization, and so much more. In addition, computer hacking has led to other developments in technology. One such example is Dennis Ritchie, a former hacker, who created the UNIX operating system, which had a significant impact on how Linux was later developed. Shawn Fanning, who is the creator of Napster, is also known as a computer hacker as well as a leader in technology. Of course, it is those with less noble motives for hacking that are the ones that get the most intention. Some are out to steal your personal information, break into a company’s information, and get onto a network without the proper authorization. This is a criminal offense and can land you in jail for 20 years as well as have you paying many hefty fines. These are the types of people that have brought about heavier laws against hacking, more stringent anti-virus and malware, and more. As you can see, there are many sides to the hacking world. Most hackers are just really interested in computers and have the ability to put this knowledge to work in the technology field while others are less noble and will work to get onto networks and steal information that is not theirs.   Common Terms to Know Now that you have an idea of what hacking is about, it is important to know some of the standard terms that come about in the hacking word. Make sure to look over some of these terms and understand them because that will make it much easier to absorb the information in the following chapters. Adware—Adware is a type of software that is designed to make pre-selected adds come on your software. Some of it will be malicious and will take over your computer and slow down your system, tying up resources and making it impossible to use the computer how you want. Backdoor—this is a point of entry into a computer or system that will circumvent normal security and is often used to access a computer system or network. The system developer may have created this as a shortcut during the developmental stage, but if they forget to remove it, hackers can get it. Sometimes, the hacker is able to create their own back door into the system. Black hat—this is the bad guy, the hacker that wants to use the information in a bad way. They may also share this information with other black hats to exploit the system. Cookies—this is a bit of information that a website will store in your computer browser about your search history. It can save time when filling out forms on a site and so on. A hacker could get this information and use it if you don’t delete on occasion. Cracker—these are the hackers that use their skills to get onto sites and networks illegally, usually to cause harm. Firewall—this is a barrier to the system that helps keep unwanted intruders away from the network. These can be either a software or a physical device, and if it is designed well, it can keep hackers out. Gray hat—this is a hybrid between white hat and black hat. They usually work to expose flaws that are in the security of the system. They may use some illegal means to do so but can help to protect an individual or company in the process, sometimes even working for that company. Keylogger—this program won’t destroy your computer, but it will log every stroke that you make on the computer. The information can be sent back to a black hat who will use it to determine your username and password to use later. This can put your banking information, private information, and even social media at risk. Often this is combined with a screenshot hack so that the hacker has better access to what sites you are visiting when you type in your information. Malware—this is a malicious program that will cause damage and can include things like logic bombs, time bombs, worms, viruses, and Trojans. Phishing—this is when you receive a message, usually in an email, that looks legitimate but is from a black hat who is trying to get personal information. You may receive something that looks like it comes from your bank, for example, asking for your name, address, PIN, and social security number. Remember that banks and other institutions will never ask for this online. A good way to stay safe with these emails is to never click on the link directly in the email. Go to your search browser and type in the website and visit from there. Virus—this is a malicious code or program that will attach to another program file and even replicate itself to infect other systems. It is kind of like the flu in that it will spread around and infect many systems at once. It can be spread using a networked system, a memory stick, CD, or through email. White hat—these are hackers that use their skills for ethical purposes. They may use them to thwart off a black hat and keep the computer system working properly. Many companies will hire white hats to keep their system running properly. Man in the middle attack—this is when the hacker will insert themselves into the network in order to watch traffic and change the messages that are being sent. The system will see them as legitimate, and the targets often don’t realize that their messages and traffic are being manipulated. When the first computer sends information, it will go to the hacker computer, who can then make changes to the information, or just read it through to learn about the network, before sending it on to the intended receiver. Both the receiver and the sender will assume that the hacker should be there if the man in the middle attack works successfully. Brute force attack—this is a tactic that can take a bit of time since it will use all combinations of letter, numbers, and characters to get onto a system. It is inefficient, but it does work and is often saved for when all other alternatives are not working. Denial of service attack—this is an attack that is used to make a network or website unresponsive. It is often achieved when the hacker sends a huge amount of content requests so that there is an overload to the server. While the server is unresponsive, the hacker is able to get in and get the information that they want. IP—this is the internet protocol address. It is the fingerprint that every device will carry to help it to connect. If the hacker has the IP address of a device, they are able to find out where it is located, track any activity on it, and even find out who is using the computer. These are just a few of the terms that you may come across when dealing with the hacking world. There are many other terms of attacks that black hats can perform on computer systems in order to receive the information they want, take over the computer and more. Understanding the various methods of attack and learning how hacking works can help you to understand the many different aspects of the hacking world. Common Misconceptions About Hacking Hacking has been around for some time, and because of the media and what you have heard about the process, you may have some misconceptions about what this process is about. Here we will explore some of the common misconceptions with hacking to develop a better understanding. Hacking is always illegal When you read an article online or in a newspaper about hacking, it is usually in regards to the illegal hacking where someone got onto a network they weren’t supposed to and caused mayhem or hackers that spread malware and viruses. These types of hacking are illegal, but that doesn’t mean that all hacking is illegal. There is a kind of hacking called ethical hacking. These are people who work for companies to help them expose flaws in the system, those who work to keep others out, and so on. These people will help to protect networks and systems for companies and individuals, rather than using them for evil purposes. All hackers are young Another misconception that you may come across is that all hackers are young, either they are teenagers or in their early 20s. While there are some hackers who fit into this age range, hackers are anyone who knows a lot about computers and how to get into places they may not be allowed in. Often younger hackers are the ones who are caught doing illegal hacking because they are younger with less experience, but anyone of any age can be a hacker. Security software will stop hacking Having a security system in place may help to keep your computer safe from some threats, but it is not always a safe way to protect from all hackers. Hackers are often able to get through this software in order to get your sensitive information. Plus, often the issue isn’t because of the software, but because the user does something wrong. Hackers are going to use tricks and other ways to convince you to let them into your system, regardless of the software you have on your computer. For example, you may have the best security system on your computer, but if you click on a link and hand over the information, the hackers still won. Many times hackers will send emails or information looking like someone else, like your bank, and request this personal information. Those who aren’t paying attention will send out the information and expose themselves to the hacker, regardless of their security software. Hacking Needs, a lot of software Thanks to Hollywood, there are many rumors and misconceptions that come with hacking and one of these is that you need special software, sometimes obtained illegally, in order to hack into other systems. But in reality, you only need some simple tools to get it done. For example, you can use a Web application for hacking that will take a look at different websites and find the vulnerabilities that are on them. White hat hackers will use these to help find the mistakes and make the site safer, but the black hat hackers will go through this to exploit the site. For the most part, hacking is about trying lots of different things, just a bit differently, until you find a way that breaks the system. You won’t need the most exotic software to do this, but you will need some horsepower on the computer and a lot of patience to get it done. You need an advanced degree to be a hacker Some hackers do have an advanced degree for their jobs. These are the ones who maybe have a love for computers and work for a big company to find flaws in the system. They went to school to help get their foot in the door and to ensure that they knew the latest technology in hacking to help out others. Becoming a hacker does not require years of education. In fact, many of the best hackers have never gone to college at all, or at least not for a computer related study. You just need to have a love for computers and the ability to learn how they work. You can easily learn how to do a lot of the work with hacking from your own home, and many of those who get into the hacking field go this way rather than through college. Ethical vs. Unethical Hacking There are two worlds when it comes to hacking. There are those who will use their hacking skills to help out others. They may do it in their free time and find loopholes or backdoors in a corporate website and alert that company in order to help them. Some of these individuals even work for hospitals, corporations, and other businesses with the sole purpose of finding and fixing any weak points in security to keep personal information safe. They may hack through the system, but they do it in an ethical way to help out. The other world is a bit darker and is full of hackers that use their skills for their own personal advantages. They may hack into a system to get personal information. They can send emails and links requesting personal information for identity theft and other mischief. They are not helping out anyone but themselves in this process. Each of these worlds will work the same when it comes to hacking and using the same tools, but they will do so for different reasons. While the media will spend most of their time looking at the black hat hacking- those who get in trouble for their endeavors- there is a whole world of ethical hacking that is doing a lot of good in the world and saving people a lot of money, time, and headaches in the long run. Ethical Hacking Ethical hackers are going to use a lot of the same techniques and methods as criminal hackers to get past the defenses in place for a network, but they are going to do so for different reasons. Ethical hackers go past the security systems in order to document these loopholes and provide some advice on how to fix these issues. Many of them will work for the corporation that has the website so they can make the documentation and help to put a plan in place to fix the issue. Others may just find out about the loophole and will notify the company, without having any affiliation with them. The idea behind ethical hacking is to check out the security of a network. The company understands that there are hackers out there who may want to get on the network and steal personal information. When it comes to online stores, hospitals, and other companies, there can be a lot of personal information for a broad range of clients. If a black hat gets in, this information is freely available, and thousands of people could be affected. Knowing this information, companies will hire white hats to help locate any vulnerabilities that will be in their system. They will also spend time trying to figure out whether any malicious activities could happen within the software in the future. These vulnerabilities are often going to be found in improper system configurations, such as a software flaw, and the white hat will work to get them fixed up to protect that valuable information. Pretty much any company that has their connection over the internet and holds personal information of their clients on the database should consider having a white hat help them out, or at least someone who has knowledge of basic hacking. This will help them take care of the vulnerabilities a bit better and will make it easier to protect their customers. While hacking has been around for a bit, it wasn’t until the 1970s when the first ethical hacking process began. The United States realized that they were in possession of a lot of personal information and that black hats would love to get this information. The government decided to call in experts, who were known as red teams, to hack into the computer systems and find where any vulnerabilities were. This soon became a significant industry within the information security market, and many big corporations now include this kind of work in their infrastructure to keep safe. Now that so much personal information is being shared over the internet, there are various standards in place that require all organizations that connect to the internet to have a penetration test. This is basically a test that the organization has to go through to ensure that their information is safe and that the loopholes are all taken care of. Smaller organizations may hire an ethical hacker to help out with this on occasion to keep up to date, and bigger companies will have whole teams that work for them full time to keep intruders out. There are many ways that an ethical hacker can help out their clients, and it is becoming a growing field. While many people still feel that a hacker is someone who is only up to mischief or interested in stealing information, there are many more hackers who work in an ethical way to help keep computer networks safe. They may use some of the same techniques as their black hat counterparts, but they use them for good rather than evil. Ethical hacking has grown in popularity and has been a great way for organizations to take their security into their own hands. A white hat hacker will work for the company to go through the hacking process to help keep clients’ information safe from unscrupulous people. Some security professionals go by different names because they don’t like the correlation with “hacker, ” but they work in a similar manner- for the purpose of helping out. Criminal Hacking The other side of hacking is a bit darker. Rather than trying to protect the personal information of others and to help a company stay safe, a criminal hacker steals the information for their own personal use. They may get into a company’s network in order to steal emails and credit card numbers to use as their own. They may send a virus around or ask for information, pretending to be someone else, to harm the other person and help themselves. Basically, criminal hacking is any act that is committed by someone who has a lot of knowledge of computers, who will then use that knowledge to accomplish various acts of intellectual property theft, identity theft, credit card fraud, vandalism, terrorism, and other crimes on the computer. It will often infringe on the privacy of the other person or groups of people and can even cause some damage to a computer-based property. There are a lot of reasons that criminal hacking will happen, but often it is to see a financial gain for the hacker. There are several ways a criminal hacker can get onto the network and find personal information they can use maliciously. Viruses are an attractive option that can get on your computer and will send the information back to the original sender. Trojan horses will get to your computer because they look like a legitimate program but are often providing an easy backdoor for the hacker to get into your system. Other programs can quietly add on to your computer and will document your keystrokes in order to figure out your username and passwords to emails, banking sites, and more. Another method that many black hat hackers will use is to send emails. These emails will look like they come from legitimate sites, such as your bank, and will have links inside. If you click the link, you may end up with a virus or another issue on the computer. Some will even go so far as to send you a form asking for personal information. If you provide the information, you will find that it goes straight to the hacker and the request was never from your bank or the source it claimed. There is a lot of damage that can be caused by black hat hackers, especially if an individual or company is not taking the right steps to ensure there is computer safety around them. People could lose a lot of money, have to deal with identity theft, and so much more. It is a good idea to always keep a vigilant eye out to find when these breaches could be happening. There are some cases of famous hackers over the last few decades. For example, David Smith is one of the most notable of these cases when he launched the Melissa Virus in 1999. This virus was able to get to 1.2 million computers, and businesses in Europe and the United States lost $80 million. Once he was caught, Smith was convicted of criminal hacking and had a sentence of forty years. He was released after just shy of two years in prison after agreeing to work for the FBI. This is just one of the cases of criminal hacking, and most of them will not happen so widespread as the one above. Still, they cost millions of dollars in financial losses each year to many businesses when a “black hat” hacker is able to get onto a computer and take this personal information. There is basically a race between the black hat and white hat hackers. The white hats are working to close up all the loopholes and back doors that they can find on networks, and other computers and the black hats are trying to get in before things are closed or find a new way to cause a mess. Sometimes the white hats win and can keep people out, but there are many times when a black hat will be able to beat them to it and will do their damage. White hat and black hat hackers will use a lot of the same techniques in order to take over a computer system. They will be able to get onto the systems, in the same way, look at the information, and complete the same tasks. The difference in that an ethical hacker is going to do this in order to find vulnerabilities in a network in order to fix them while a criminal hacker is more interested in finding out personal information, causing a loss for a company, and causing other mischief with their work.