Cracking the hackers

Hackers are the sworn enemies of e-commerce companies because they pose a very real threat to online business. E-business Review...

Hackers are the sworn enemies of e-commerce companies because they pose a very real threat to online business. E-business Review explores the cloak-and-dagger world of online infiltration

What is a hacker?
In the old days, a hacker was simply someone who broke into computer systems. These days, the subculture that these people move in has defined not one but two terms: crackers and hackers. The former is a person that infiltrates computer systems illegally, while the latter is a person who wants to find out all about computer systems simply because they thirst for knowledge, while occasionally using it for the odd playful prank.

Is the business community aware of the difference? Do companies care?
Generally not, and no, respectively. Anyone who uses a security loophole in a system to gain access to a corporate computer is considered an enemy of the company concerned. Security officers will do their best to stop them - no matter what they call themselves.

What makes hackers tick?
Hackers find loopholes in systems because they consider it a personal challenge. They do it simply because it's there. Crackers will do it for issues including financial gain, or simple machismo, proving to their peers that their skills are superior. Others may do it for ideological reasons - as an anti-corporate statement, for example. The majority of crackers are 'script kiddies' - people with very little technical knowledge who use tools and utilities freely available on the Web to find vulnerabilities in systems and penetrate them.

What tools do they use?
Often, such tools have been developed for network security staff to try to pinpoint vulnerabilities in their systems. A good example of this is the Security Administrator Tool for Analysing Networks (Satan). This tool can be run on a machine and used to identify security flaws in any given host.

Others include the infamous BackOrifice, a Trojan which gives others access to a PC, and also Cops, Rootkit and Priest.

How do they do it?
Using tools such as these enables people to launch infiltration attacks directly across the Internet, but some attacks don't involve infiltration at all. Instead, the cracker simply bombards an organisation with traffic in order to bring it to its knees. Known as a Denial of Service (DoS) attack, this form of cracking has been superseded by the Distributed Denial of Service (DDoS) attack, in which different machines across the Internet are co-opted using virus programs and turned into 'zombies', programmed to bombard a particular site with traffic at a given time. It is very difficult for companies to defend themselves against such attacks.

Finally, many crackers use social engineering, duping staff into giving out critical security information such as passwords by pretending to be someone that they're not.

What three things can I do to make myself less vulnerable?
Security measures work on the 80-20 rule; you can protect yourself against the large majority of attacks by taking a few simple steps. Firstly, run a tool such as Satan against your own network to find any flaws, and then take steps to resolve them. Secondly, make sure that you check your software and hardware vendors' websites on a regular basis so that you can keep abreast of any security flaws that they highlight in their applications or operating systems. Often, they will post patches to fix these problems, and downloading them will ensure that you have the latest protection. Beware - crackers and hackers will be watching these sites too, so failing to install the patches puts you at risk.

Thirdly, ensure that you have a proper organisational security policy in place. This will include things like training staff to protect them against social engineering, making sure passwords are changed on a regular basis, and making sure that physical security in your building is adequate.

How can I recruit good IT security people?
Experience is the best bet here. Go for someone with a background in networking who understands the ins and outs of network routing and firewall configuration, for example. If you really want qualifications, then you could do worse than find someone with an MSc in Information Security or Secure Electronic Commerce from the Royal Holloway Information Security Group at the University of London. Be warned, though - it will cost you.

Read more on Antivirus, firewall and IDS products