We have seen in many movies, or web-series a hacker is wearing hoodies, typing fast on a computer with random codes appearing in different colours, and a lot of enthusiasm and can-do attitude on actors faces. But in real life do they look in the same way? Do they keep typing that fast to hack anything? Let us find out.
Starting with the appearance, a hacker need not wear a hoodie, have a dark make up etc. They look like normal people with normal clothes and stuff. They don’t live dark rooms or remain isolated and move freely in society and have regular interactions with people.
Coming to the actual hacking, you need not type lines and lines of codes to hack anything. The process is not that complicated, and there are pre-built software’s that do most of the job. To understand more on this we need to know how is hacking done actually.
Before that, we need to know what are the types of hackers. Not all hackers are bad guys; some hackers protect many businesses from hacking and malware attacks. Primarily there are three types of hackers.
- Black Hat Hackers.
- White Hat Hackers.
- Grey Hat hackers.
- Black Hat Hackers: These are bad guys in the hacking world, they enter the systems without authorization. They introduce malicious files and destroy the system files. They are criminals, they steal the data, lock your systems, infect it and demand money to release it. The money is generally digital currency like bitcoin. They do this for financial gains or fun. The black hat hackers are a threat to data security in the world.
- White Hat Hackers: These are certified hackers, who work for the government and other business organisations. They do testing of the data and find loopholes and act as defenders to protect the data from black hat hackers. Therefore, they can be considered as the opposite of black hat hackers. They are also known as “Ethical hackers” or “Cybersecurity experts.”
- Grey Hat Hackers: These fall between black hat and white hat hackers. Generally, grey hat hackers find the system vulnerabilities and report it to the system administrator. Usually, they ask a small fee to fix it. The system administrator might accept or report it. If reported, they come under the black hat because they entered the system without the permission of the administrator.
We have learnt the primary type of hackers and their roles, now let us try to learn the type of hacking techniques generally used. There are 9 of them.
- Bait & Switch: As the name suggests, hackers use some deal price or a widget of a browser widget to hack. When you click on these links, it will redirect to another website which has a booby trap. When you enter that website and download anything or enter your details, they will be hacked.
- Cookie Theft: Cookies theft mainly happens when we use unverified browser widgets. Cookies have a lot of information about internet footprint and usage. Cookies are plain or encrypted based on the website; secure websites use encrypted cookies for data privacy. When the widget is the booby trap, it scans cookies and sends it to the attacker.
- Denial of Service/Distributed Denial of Service (DoS/DDoS): This is a very classic technique to bring down systems or websites. The hackers use bots as traffic and hit a website with that; the traffic is overwhelming that it makes the website inoperable. Therefore, this exposes a vulnerability on the website, and the hackers can infect it with malicious files.
- Eavesdropping: This is a technique used by hackers to hack a conversation between two parties and get as much information as possible. Hackers use tools to hack messages, calls or any digital conversation and get as much information as possible to hack.
- Keylogging: The hackers install a software or a tool on the system, the tool records everything you type using your keyboard, and the information is sent to the hacker. Therefore, the hacker gets all information you type this can include passwords and other important stuff. Thus, they have all the information they need to hack.
- Malware: The hackers use some sort of software to introduce malware into your system. For example, you might have seen many a download links on a few websites. If you accidentally click on the wrong link, a software which is infected will be downloaded and the hackers get access to your system.
- Phishing: This attack uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need. For example, you might receive an email notification that it is your bank and they want you to log in. As soon as you open the link it looks that the website is of your bank. Once you enter your login information, it directly goes to the hacker and your bank account is hacked.
- Watering Hole and WAP Attacks: In this, the hacker uses an open WIFI connection to lure in the users, as soon as you connect and start using it, the entire internet session you have used will be with the hacker.
- “Man in the Middle” (or “MITM”) Attack: It is a bit similar to eavesdropping, but in this technique the hackers have an option to be the middle man between the sender and receiver. Therefore the hacker can modify or even the destroy the data, this attack happens when we use a unauthenticated website for communications.
We have learnt the types of hackers and methods they use to hack. Now let us learn on how to save ourselves from cyberattacks.You can follow these steps to save yourselves from cyberattacks.
- Never use or give your information on an unsecured website.
- Never open malicious emails.
- Don’t download malicious software’s.
- Never share your passwords via digital medium unless it is an emergency.
- Never connect to public open WI-FI.
- Don’t log in on an unsecured website.
- Never use non-secure widgets.
- Update your system and servers regularly as the developers release patches to defend against attacks.
If we follow the above steps we are very safe from being attacked or infected from any malware.