~ Hacking ~

Well , hacking (again its a very subjective) has become common these days as there are lots of tools for professional script kiddies to play around with it. An unprotected computer or system can be easily compromised by many different ways (I call it flavours , lots of flavours). Some will try to use a worm to gain entry to your  , others will silently install a keylogger to log all your keystrokes (including your password and other things) and some other folks will silently hack your WiFi so that he/she can get Free Internet service. You may ask , what do they want out of me , why do these hackers want. Some of these hackers want to get confidential information from your system (especially if you are in a government sector) ,others want to get your personal information which they can they can use (pretend to be you that is) or that can be sold to third party folks and make a profit . Others will do it for the lulz (or in other words – for fun) , and there are some hackers that do it for educational purpose (to teach these people a lesson so that they will secure their PC)

Hackers -
Hackers aka "The Dark Jedi"

Becoming a Hacker
So now you may ask – How one can become a hacker. Its just the same concept as how a Jedi turns into a Dark Jedi. Usually , to be a authentic hacker (that is you got some knowledge and not just using some lame cheap tools to attack people – that is called a script kiddie) , you’ll have undergo some form of training. That is learning the basics of Networking , programming and other things. There are many flavours of hackers , mostly people are interested in networking. Usually , these people have learnt how networks work , how packets are sent across the Internet and other things. Of course you can get to be the good guy by working as a Networking Consultant or specialist or a security analyst. But if you want to experience what does the dark side of the force has in store for you , you’ll be a hacker – Its simple as that. Yep , its that simple (okay fine ,but it takes lots of effort and patience of course) . So a hacker pretty much scans a set of system to find if there are any holes (or vulnerability) or not. If there is , they’ll use it to their advantage. That is how it works in the theory. I am just going to touch a couple of stuff on this blog entry – which mainly focuses on wifi hacking !. of course I do touch a bit on weak passwords and other sort of things
In Today’s Cyberspace
But if we take a look in today’s world – thanks to the growing web sites , blogs and other things. People can easily get information on how to hack and which tools to use. These people are called script kiddies , as they rely on a script to do their job. They don’t do any sort of thinking. All they have to do is run a script and Voila – Its done. This is why we have people setting up fake websites (aka phishing) , to lure average computer users to click on it – thinking that its an genuine site , and bam filling up all your information. The scammer gets away with your information and sells it to a 3rd party or use it to purchase something on the Internet with your credentials (such as your Credit Card Number , Social Security Number/I.C Number).
Wifi Hacking/Cracking – a form of hacking 
Ethics of Wardriving. Usually wardrivers will mark use this symbols to alert other wardrivers weather if the wifi network is protected or not
Ethics of Wardriving. Usually wardrivers will mark use this symbols to alert other wardrivers  if the wifi network is protected or not

Some of us also may say that Wardriving (Wardriving itself is something legal but again its a very wide field. Is it normal for us to discover and add new wifi networks both protected and unprotected )and WiFi hacking is a form of  art of too. It is true , especially when it is affordable for consumers to buy more then 1 computer (i.e one desktop and laptop) as computers have become common and there are lots of things that we can do with it and now that we prefer a “mobile lifestyle” and not to mention that laptops these days do have WiFi built-in that allows us to surf the Internet wirelessly. I am sure that most of us do have a Wireless router at home and how many of us do protect our WiFi Hotspot with a WEP key at least. If you do not protect your wifi router with some sort of encryption , Tom , Dick and Mary (equal rights)  can use your free internet service for their own purposes. Some of them may use it to send illegal content over the internet (such as child pornography for example) and if the police or the authorises manages to trace back the sender via an IP address (IP Address is something like our house address , it pretty much tells where we are from) which will actually trace back to you – so pretty much you are the one who will be caught and the hacker or the person who uploaded the picture can get away easily as the Internet service isn’t registered under his name and there is no proof/evidence for you as well – So you’ll be charged. That is just an example. sometimes , some people may go a step forward by running some tools to crack into wifi places which have encryption on them (usually WEP). This video from YouTube shows how easy for someone with the right tools to hack into a protected wifi network in just under 1 minute. What that troubles me is that most private and government organisations only use WEP to protect their WiFi system or worst – no security at all. If you are thinking that nobody will hack you , think again and see the video below 
No , i am not encouraging on how to hack or what-so-ever. Just take a look at the video , it shows that its possible for someone to hack your wifi network and to use your Internet service too. sure you may use a better encryption system such as WPA/WPA2 , but then one day someone will find a way and seek weakness in the system and crack it too. What I am trying to say here is that , you can’t pretty much stop hackers/script kiddies from hacking your wifi router or even your computer (via the Internet). Is it up to you to take up preventive measures to protect yourself.
Weak Passwords
I have noticed that a lot of people use a weak set of passwords for their facebook ,Instant Messaging service. Hackers generally will take advantage of this situation as you are making their lifes easier. My recommendation is that try to use two to three different password for each websites. For websites that you trust (i.e facebook , yahoo , google) , then use a strong password which doesn’t match with any of other 2 passwords. For sites that you don’t trust fully (such as messaging boards , file hosting service) then use another password and lastly for sites that you don’t trust at all. It would be advisable to use a different password , that is totally different from the rest. Here are some examples of common passwords that we all use (well most of us) . If you have no idea on thinking of a strong password , I would suggest you to try a password generator
This is a very wide scope and usually I would say that try to use a bit of our common sense and you can easily keep them at bay. Its pretty simple , just do not download things from sources that you do not trust. Just verify where is the file actually coming from (a trusted source such as Microsoft/Download.com) and the genre of the file itself (.exe , .zip or an extension that you never heard of). Even if the file comes from a trusted source , it would be recommended for you to think twice before downloading and do have your antivirus updated to its latest definitions. Oh yeah , one more thing , never ever fall for the trap  – Usually virus writers are smart. they will come up with something that will touch your heart or make you surprise. For example , the infamous MSN Messenger worm/virus – once its infected in your PC , it will send a message to your buddies in your MSN Messenger , something like this :-
“Hey mate. Is that you in that picture <link>”
Of course , we humans (due to our nature) , we tend to click it without thinking twice. after knowing that its a virus , then only we regret. Try to use a bit of our human senses. Together combined with an antivirus you can be safe from all those pesky viruses out there !
When our PC is infected with viruses. We will usually call the Tech Support team for the rescue !
When our PC is infected with viruses. We will usually call the Tech Support team for the rescue !

Impact on society and me 
Well, I’ve been a victim of hacking before. Last time , someone stole my yahoo mail account and used it for something else. That was long time ago. But when you take a look at the impact on society. It has impaired the society in many ways. For example , SMEs will have to spend some money on improvising their security system to prevent script kiddies and hackers from hacking their system. For SMEs , the costs would be great as these kinds of measures requires a lot of 
There are couple of things that you could do to minimise the risk of being a victim of a hacker (Trust me , I’ve learnt my lesson and I am just sharing it with you all so that you will be more alert. Here are some of my tips (you may have already seen/read some of the tips that i’ve posted here before)

  1. If you get an e-mail from your Bank or from a payment vendor system such as Paypal – Do not open the links that is given in the e-mail. Instead go to the site manually and check if they ask you to update any personal information. Usually , script kiddie and phishers will send such e-mail to trap you thinking that the mail originated from the bank itself. Even if you click on the URL , the site will look exactly like the original website. you may never know the difference 
  2. If you have a WiFi Router at home , kindly change the SSID from ‘Linksys’ or from ‘default’ to something else. Secondly , enable some sort of encryption (WEP will do – heh , I am using WEP too) , if you are being paranoid , then enable WPA/WPA2. You may also want to enable MAC Filtering too. Kindly consult your wifi router manual on how to configure it
  3. Use a Web Browser such as Internet Explorer 7 or Mozila firefox with addons to detect phishing /fake sites. I think that one should install it to detect if the site is actually a genuine site or a fake site. Modern  antivirus/antispyware software comes with one as well 
  4. Get yourself up-to-date information on security information from sites such as Microsoft Security , Security Magazine or just from any computer magazines. They will usually keep you up to date on the current happenings 
  5. Enroll yourself or register for a security conference such as Complimentary Workshop on Cybersecurity (if you are in Malaysia). There are similar workshop elsewhere in the world. But if you are have zero knowledge or a very little knowledge on security , then I would suggest to attend the workshop ! 
  6. Another Important Tip – Do not ever use common passowrds such as your birthday , IC Number , your mobile phone number or something which can be guessed. Make sure your password is a combination of alphanumerical so that it would be stronger and it would be harder for people to crack your password (via brute force method) 
Lastly but not least , I am going to quote this famous Chinese proverb  
Which is true. So instead of people spoon-feeding you , it is wiser for you to learn on how to protect yourself so that can keep the hackers and viruses at bay !

One thought to “~ Hacking ~”

  1. hey, great post. good to let malaysians know a bit of web security. but i disagree on the way you describe hackers as “dark jedis”. those are called crackers/black hat hackers. there are security experts that pen test corporate servers/websites as a living. they are no less a hacker in essence.
    this site gives some information what hackers do.
    PS. its such irony that my anti-V found a worm in the cybersecurity site eccouncilacademy.org posted here.

Leave a Reply

Your email address will not be published. Required fields are marked *