Many movies have made hacking seem very simple and trivial. Hacking however is a very sophisticated and complicated subject and it is definitely not simple as the movies make it look. However, there are some factors than can make you an easy target for hacking.
In this article, we will be talking about some ways hackers can use to exploit your computer and some ways to mitigate it. We will discuss detailed mitigation techniques in future articles
What is hacking
Hacking as a word has two main definitions:
- To gain unintended/unauthorised access to a (non) computer system
- To exploit something for other purposes beside its intended use
Hacking in the context of this article will be used to refer to either or both of the above definition in the domain of computer systems. Below are some of the means computers are hacked
Software exploits is one of the primary ways computers get hacked. Several software have programming loopholes which a hacker can use/exploit in order to gain access to a computer. As a user you will notice that you are often prompted to update your software, and yet these updates do not come with any new features. Updates meant to address these loopholes (exploits) are called security updates. You are advised to keep your applications up to date in order to avoid being exploited (not 100% guaranteed though)
An application backdoor is a secret way of gaining access to a software. Majority of software have backdoors which are often intended by developers to be used for emergency recovery, maintenance and other good/bad purposes. Nothing however prevents a software author or someone who knows about the backdoor from using it for evil purposes. In fact, a hacker can create a useful application which many people will use; then use the backdoor to hack your device.
Application backdoor approach to hacking is the most intelligent (in my opinion) approach hackers can use. Imagine how devastating it would be if Whatsapp or Snapchat has a backdoor, and someone working there intends to take advantage of it.
Technically, there’s no sure way to keep yourself safe from this kind of attack, but you can minimize it by using open source software which have been reviewed by many users and using software which the author take legal responsibility for any damage caused (I don’t know if these kinds of software are common, as many software come without any liability)
Dictionary Based Attack
Dictionary based attack is a semi-intelligent hacking approach used by hackers to gain access to devices. The hacker writes a simple script/computer program that tries to “guess” your password by using words from a dictionary. You are often safe from this form of attack if you use a strong password which cannot be easily generated from a dictionary. Hacking dictionaries have now evolved to contain various versions of words. This means words such as alive, 4l1ve, @live and their various variants can be found in hacking dictionaries .This kind attack is often carried out in two forms which we will discuss in later posts:
- Direct/forward dictionary lookup
- Reverse dictionary lookup
You are adviced to use a strong password that contains capital letters, small letters, numbers and special characters in order to be safe from this kind of attacks. We will discuss dictionary based attacks in more details in later articles if God permits
Brute force simply means that a hacker is not using any intelligent approach, but is rather guessing and trying different ways till he succeeds. Obviously, the attacker will not be manually doing that, but will rather be using a dedicated computer program which may be running on several hacked computers in order to make it difficult to be detected. Brute attacks obviously are irrelevant on personal computers, but they have diverse side effect such as denial of service (people cannot access your services) when the target is a server. The nature of brute force attacks now, such as those using botnets, now have made it difficult to have a simple way of dealing with them