A Review On Evolution of Hacking
Made By: Jyoti Singh Roll no. 17 MBA (e-Business) 3rd Semester
�Introduction
Is Hacking Always Bad?
It only depends on how to use it. But it wasn't until a group of these hackers decided to exert their knowledge in the computer mainframes. It doesn't matter if you aren't a computer expert or a system administrator of a big corporation. Computers are as much part of our history as airplanes and cars, and it should be common knowledge to know how they came to be. It's the only way you can understand the effects of computer hacking in our life.
�History of Hacking
The real meaning of hacking is to expand the capabilities of any electronic device; to use them beyond the original intentions of the manufacturer. The first hackers appeared in the 1960's at the Massachusetts Institute of Technology & their first victims were electric trains. The earliest known incidents of modern technological mischief date from 1878 and the early days of the Bell Telephone Company. During 1970's, different kind of hacker appeared: phreaks or phone hackers. By 1980's, phreaks started to migrate to computers & the first Bulletin Board Systems appeared. It wasn't until 1986 that the US government realized the danger that hackers represented to the national security. During the 1990's, when the use of the internet widespread around the world, hackers multiplied, but it wasn't until the end of the decade that system's security became mainstream among the public.
�TIMELINE OF COMPUTER SECURITY HACKER
�YEAR
TIMELINE OF COMPUTER SECURITY
1932 1939 1965 1971 1981 1982 1983 1984 1985 1986
Polish cryptologists: Marian Rejewski, Henryk Zygalski & Jerzy Rycki broke the Enigma machine code. Alan, Gordon and Harold worked together to develop the Bombe William Dixk, Mathews from MIT found vulnerability in a Multics CTSS running on a IBM 7094 John T. Draper, his friend Joe Engressia, and blue box phone phreaking hit the news with an Esquire Magazine feature story. Chaos Computer Club forms in Germany. The 414s break into 60 computer systems at institutions ranging from the Los Alamos Laboratories to Manhattan's Memorial Sloan-Kettering Cancer Center Group KILOBAUD is formed in February, kicking off a series of other hacker groups which form soon after. Comprehensive Crime Control Act gives Secret Service jurisdiction over computer fraud KILOBAUD is re-organized into The P.H.I.R.M., and begins sysopping hundreds of BBSs through-out the United States, Canada, and Europe. After more and more break-ins to government and corporate computers, Congress passes the Computer Fraud and Abuse Act, which makes it a crime to break into computer systems, The law, however, does not cover juveniles. The Christmas Tree EXEC "worm" causes major disruption to the VNET, BITNET and EARN networks
1987
�1988 1989 1990 1992 1993 1994 1995
The Morris Worm. Robert T. Morris, Jr. of Cornell University launches a worm on the government's ARPAnet theft. Jude Milhon (aka St Jude) and R. U. Sirius launch Mondo 2000, a major '90s techlifestyle magazine, in Berkeley, California. Operation Sundevil introduced. Bulgarian virus writer Dark Avenger wrote 1260, the 1st known use of polymorphic code The first DEF CON hacking conference takes place in Las Vegas. AOL gives its users access to USENET, precipitating Eternal September. AOHell is released, a freeware application The movies The Net and Hackers are released.
1996 Hackers alter Web sites of the United States Department of Justice, the CIA & Octoand the U.S. Air Force
1997 A 15-year-old Croatian youth penetrates computers at a U.S. Air Force base in Guam.
1998 Yahoo! notifies Internet users that anyone visiting its site in recent weeks might have downloaded a logic bomb and worm planted.
1999 2000 2001 Software security goes mainstream In the wake of Microsoft's Windows 98 release, 1999 becomes a banner year for security (and hacking) May: The ILOVEYOU worm, also known as VBS/Love letter and Love Bug worm, is a computer worm written in VBScript. Microsoft becomes the prominent victim of a new type of hack that attacks the domain name server
�2002
Bill Gates decrees that Microsoft will secure its products and services
2003 2004
2005 2006
CULT OF THE DEAD COW and Hack tivismo are given permission by the United States Department of Commerce to export software utilizing strong encryption Myron Tereshchuk is arrested for attempting to extort $17 million from Micropatent
Rafael Nez aka RaFa a notorious member of the hacking group, Hell is arrested Few worms to take after the old form of malware, destruction of data rather than the accumulation of zombie networks to launch attacks from, is discovered.
2007
2008
Estoni are covers from massive denial-of-service attack. FBI Operation Bot Roast finds over 1 million botnet victims.
Project Chanology Anonymous attacks Scientology website servers around the world. Private documents are stolen from Scientology computers and distributed over the Internet. Conficker worm infiltrated millions of PCs worldwide including many government-level top-security computer networks. UN department of safety and security hacked by turkish hacker Digit ALL(1923Turk) Mirror Link The Hacker group Lulz security is formed.
2009 2010 2011
�Ethical Hacking
They dedicate their skills to serve their clients. Instead of spending long nights inside obscure rooms filled with computers looking for some victim, they work inside corporations, finding ways to protect the networks and computer systems. A hacker is a person who finds enjoyment in increasing the capacity of any device. When the personal computers appeared, hackers turned their attention to them and a new underground was created. Unfortunately, bad elements within the community and criminal organizations have given a bad reputation to this group. Among the public opinion the media is widely responsible for reporting crackers as hackers. Their lack of knowledge on means adopted by hackers and crackers has brought a bad name to hackers as well.
�Types of Hackers
White hackers: are GOOD hacker who help organizations locate & fix security flaws & who use their knowledge for selling their services to clients who want to protect their networks. Black hackers: (also known as crackers) engaged in same activities but without pay or any buy-in from the targeted organizations with the intention of causing harm. They break into web-sites & reveal the confidential or proprietary information they find. Grey hackers: are more ambiguous & believes they are pursuing some greater good by breaking in & discover the weaknesses in a system security & then publish them. They don't do it for the money. They want to show the world and their hacker friends how good they are.
�Hackers & Crackers
HACKER: an individual who intends to gain unauthorized access to a computer system. a person who commits the fraudulent act or the penal offense of exploring into the other computers in order to know the details of the programmable system & how they work. generally does not have intention destroy data maliciously or to steel things. CRACKER: a technical person who has mastered in the art of breaking systems, often not for acquiring knowledge, by the dint of few programs & software used as tools. a person just more secretive as compared to the hacker. breaks through the system's security & proves to be far more dangerous than the hackers who just quench his/her thirst by simply discovering the workings of a system.
�Different Kind of Hackers
Professional hackers:
Black Hats the Bad Guys White Hats Professional Security Experts
Underemployed Adult Hackers:
Cant get employment in the field Want recognition in hacker community Big in Eastern European countries
Ideological Hackers: Hack as a mechanism to promote some political or ideological purpose. They usually coincide with political events Criminal Hackers: Real criminals, are in it for whatever they can get no matter who it hurts. Disgruntled Employees: Most dangerous to an enterprise as they are insiders. Since many companies subcontract their network services a disgruntled vendor could be very dangerous to the host enterprise.
�Hackers Weapons or Tools
DeCSS 1.2b: is used as a cracking tool. was originated in the year 1999, October and requires storage of minimum 253 KB. is highly engineered software that has been designed in order to modify the other software with an intention to remove the usage restriction. A worth mentioning instance is a "patch generator", which replaces bytes at specific location of a file, giving it a licensed version. Coldlife 4.0: is another tool for website hacking that falls in the category of flooder. This is a program that has been designed to overload the connection by certain mechanisms like a fast pinging that causes a sudden DOS attack.
�Different Type of Hacking Attacks
Inside Jobs- Most security breaches originate inside the network that is under attack. It include stealing passwords, performing industrial espionage, causing harm or committing simple misuse. Rogue Access Points- Rogue access points are unsecured wireless access points that outsiders can easily breech. Back Doors- Hackers can gain access to a network by exploiting back doors administrative shortcuts, configuration errors, easily deciphered passwords & unsecured dial-ups. Viruses and Worms- Viruses are self-replicating computer programs that has the ability to replicate or make copies of itself & spread to other files. Worms is designed to spread computer to computer. It does not need to be activated by a user or programme in order to replicate itself. Trojan Horses- Are attached to other programs. It is not itself a virus because it does not replicate. It is a way for viruses or other malicious code to be introduced into a computer system.
�Continued..
Denial of Service- DOS attacks give hackers a way to bring down a network without gaining internal access. DOS attacks work by flooding the access routers with bogus traffic. DOS attacks involve the use of bot networks, so they called Distributed Network Crackers and Kiddies -Crackers are hobbyists or professionals who break passwords and develop Trojan horses or other Software. Script kiddies are hacker. They have no real hacker skills, so they buy or download which they launch. Sniffing and Spoofing It is a type of eavesdropping program that monitors information travelling over a network. It enables hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files or personal information will be made public. Spoofing is the act of misrepresent oneself by using fake e-mail addresses or masquerading as someone else.
�Conclusion
The threats on the applications are on a continuous rise & developers need to be aware of these and educate themselves so as to involve a secure methodology in the lifecycle of the development. Real hackers dont use mice. Hackers are only hack anything just for their own pleasure or just for greed. Hacker phenomenon has diversified over time. Hacker activities have broadened beyond mere system intrusion to include thefts of goods & information. Hacker Evolution is a very difficult and fast with a digital twist & if that concept makes tick, it does a very good job of providing that experience.
�THANK YOU..
