fbpx
Wikipedia

Security hacker

January 01, 1970

Not to be confused with Hacker or Hacker culture.

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network.[1] Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering,[2] challenge, recreation,[3] or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.

Longstanding controversy surrounds the meaning of the term "hacker." In this controversy, computer programmers reclaim the term hacker, arguing that it refers simply to someone with an advanced understanding of computers and computer networks,[4] and that cracker is the more appropriate term for those who break into computers, whether computer criminals (black hats) or computer security experts (white hats).[5][6] A 2014 article noted that "the black-hat meaning still prevails among the general public".[7] The subculture that has evolved around hackers is often referred to as the "computer underground".

History

Further information: Timeline of computer security hacker history
 
Bruce Sterling, author of The Hacker Crackdown

Birth of subculture and entering mainstream: 1960s–1980s

The subculture around such hackers is termed network hacker subculture, hacker scene, or computer underground. It initially developed in the context of phreaking during the 1960s and the microcomputer BBS scene of the 1980s. It is implicated with 2600: The Hacker Quarterly and the alt.2600 newsgroup.

In 1980, an article in the August issue of Psychology Today (with commentary by Philip Zimbardo) used the term "hacker" in its title: "The Hacker Papers." It was an excerpt from a Stanford Bulletin Board discussion on the addictive nature of computer use. In the 1982 film Tron, Kevin Flynn (Jeff Bridges) describes his intentions to break into ENCOM's computer system, saying "I've been doing a little hacking here." CLU is the software he uses for this. By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon,[8] but there was no public awareness about such activities.[9] However, the release of the film WarGames that year, featuring a computer intrusion into NORAD, raised the public belief that computer security hackers (especially teenagers) could be a threat to national security. This concern became real when, in the same year, a gang of teenage hackers in Milwaukee, Wisconsin, known as The 414s, broke into computer systems throughout the United States and Canada, including those of Los Alamos National Laboratory, Sloan-Kettering Cancer Center and Security Pacific Bank.[10] The case quickly grew media attention,[10][11] and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story in Newsweek entitled "Beware: Hackers at play", with Patrick's photograph on the cover.[12] The Newsweek article appears to be the first use of the word hacker by the mainstream media in the pejorative sense.

Pressured by media coverage, congressman Dan Glickman called for an investigation and began work on new laws against computer hacking.[13][14] Neal Patrick testified before the U.S. House of Representatives on September 26, 1983, about the dangers of computer hacking, and six bills concerning computer crime were introduced in the House that year.[14] As a result of these laws against computer criminality, white hat, grey hat and black hat hackers try to distinguish themselves from each other, depending on the legality of their activities. These moral conflicts are expressed in The Mentor's "The Hacker Manifesto", published 1986 in Phrack.

Use of the term hacker meaning computer criminal was also advanced by the title "Stalking the Wily Hacker", an article by Clifford Stoll in the May 1988 issue of the Communications of the ACM. Later that year, the release by Robert Tappan Morris, Jr. of the so-called Morris worm provoked the popular media to spread this usage. The popularity of Stoll's book The Cuckoo's Egg, published one year later, further entrenched the term in the public's consciousness.

Classifications

In computer security, a hacker is someone who focuses on the security mechanisms of computer and network systems. Hackers can include someone who endeavors to strengthen security mechanisms by exploring their weaknesses and also those who seek to access secure, unauthorized information despite security measures. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. White hat is the name given to ethical computer hackers, who utilize hacking in a helpful way. White hats are becoming a necessary part of the information security field.[15] They operate under a code, which acknowledges that breaking into other people's computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context.

Subgroups of the computer underground with different attitudes and motives use different terms to demarcate themselves from each other. These classifications are also used to exclude specific groups with whom they do not agree.

Cracker

Eric S. Raymond, author of The New Hacker's Dictionary, advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as a wider hacker culture, a view that Raymond has harshly rejected. Instead of a hacker/cracker dichotomy, they emphasize a spectrum of different categories, such as white hat, grey hat, black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker for more malicious activity.

According to Ralph D. Clifford, a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system."[16] These subgroups may also be defined by the legal status of their activities.[17]

White hat

Main article: White hat (computer security)

A white hat hacker breaks security for non-malicious reasons, either to test their own security system, perform penetration tests or vulnerability assessments for a client, or while working for a security company that makes security software. The term is generally synonymous with ethical hacker, and certifications, courseware, classes, and online training covering the diverse arena of ethical hacking have been developed.[17]

Black hat

Main article: Black hat (computer security)

A black hat hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" (Moore, 2005).[18] The term was coined by Richard Stallman, to contrast the maliciousness of a criminal hacker versus the spirit of playfulness and exploration in hacker culture, or the ethos of the white hat hacker who performs hacking duties to identify places to repair or as a means of legitimate employment.[19] Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal".[20]

Grey hat

Main article: Grey hat

A grey hat hacker lies between a black hat and a white hat hacker, hacking for ideological reasons.[21] A grey hat hacker may surf the Internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example. They may then offer to correct the defect for a fee.[20] Grey hat hackers sometimes find the defect in a system and publish the facts to the world instead of a group of people. Even though grey hat hackers may not necessarily perform hacking for their personal gain, unauthorized access to a system can be considered illegal and unethical.

Elite hacker

A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.[22]

Script kiddie

Main article: Script kiddie

A script kiddie (also known as a skid or skiddie) is an unskilled hacker who breaks into computer systems by using automated tools written by others (usually by other black hat hackers), hence the term script (i.e. a computer script that automates the hacking) kiddie (i.e. kid, child an individual lacking knowledge and experience, immature),[23] usually with little understanding of the underlying concept.

Neophyte

A neophyte ("newbie", or "noob") is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.[20]

Blue hat

Main article: BlueHat

A blue hat hacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat to represent a series of security briefing events.[24][25][26]

Hacktivist

Main article: Hacktivist

A hacktivist is a hacker who utilizes technology to publicize a social, ideological, religious or political message.

Hacktivism can be divided into two main groups:

Nation state

Intelligence agencies and cyberwarfare operatives of nation states.[27]

Organized criminal gangs

Groups of hackers that carry out organized criminal activities for profit.[27] Modern-day computer hackers have been compared to the privateers of by-gone days.[28] These criminals hold computer systems hostage, demanding large payments from victims to restore access to their own computer systems and data.[29] Furthermore, recent ransomware attacks on industries, including energy, food, and transportation, have been blamed on criminal organizations based in or near a state actor – possibly with the country's knowledge and approval.[30] Cyber theft and ransomware attacks are now the fastest-growing crimes in the United States.[31] Bitcoin and other cryptocurrencies facilitate the extortion of huge ransoms from large companies, hospitals and city governments with little or no chance of being caught.[32]

Attacks

Main article: Computer security

Hackers can usually be sorted into two types of attacks: mass attacks and targeted attacks.[33] They are sorted into the groups in terms of how they choose their victims and how they act on the attacks.[33]

A typical approach in an attack on Internet-connected system is:

  1. Network enumeration: Discovering information about the intended target.
  2. Vulnerability analysis: Identifying potential ways of attack.
  3. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.[34]

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

Security exploits

Main article: Exploit (computer security)

A security exploit is a prepared application that takes advantage of a known weakness.[35] Common examples of security exploits are SQL injection, cross-site scripting and cross-site request forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), PHP, SSH, Telnet and some Web pages. These are very common in Web site and Web domain hacking.

Techniques

Vulnerability scanner
A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Firewalls defend computers from intruders by limiting access to ports and machines, but they can still be circumvented.)
Finding vulnerabilities
Hackers may also attempt to find vulnerabilities manually. A common approach is to search for possible vulnerabilities in the code of the computer system then test them, sometimes reverse engineering the software if the code is not provided. Experienced hackers can easily find patterns in code to find common vulnerabilities.
Brute-force attack
Password guessing. Brute-force attacks are used to quickly check all short password variations. For longer passwords, other methods such as the dictionary attack are used, because of the amount of time a brute-force search takes.[36]
Password cracking
Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. Common approaches include repeatedly trying guesses for the password, trying the most common passwords by hand, and repeatedly trying passwords from a "dictionary", or a text file with many passwords.[37]
Packet analyzer
A packet analyzer ("packet sniffer") is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.
Spoofing attack (phishing)
A spoofing attack involves one program, system or website that successfully masquerades as another by falsifying data and is thereby treated as a trusted system by a user or another program – usually to fool programs, systems or users into revealing confidential information, such as user names and passwords.
Rootkit
A rootkit is a program that uses low-level, hard-to-detect methods to subvert control of an operating system from its legitimate operators. Rootkits usually obscure their installation and attempt to prevent their removal through a subversion of standard system security. They may include replacements for system binaries, making it virtually impossible for them to be detected by checking process tables.
Social engineering
In the second stage of the targeting process, hackers often use social engineering tactics to get enough information to access the network. They may contact the system administrator and pose as a user who cannot get access to his or her system. This technique is portrayed in the 1995 film Hackers, when protagonist Dade "Zero Cool" Murphy calls a somewhat clueless employee in charge of security at a television network. Posing as an accountant working for the same company, Dade tricks the employee into giving him the phone number of a modem so he can gain access to the company's computer system.
Hackers who use this technique must be familiar with their target's security practices in order to trick the system administrator into giving them information. In some cases, a help-desk employee with limited security experience will answer the phone and be relatively easy to trick. Another approach is for the hacker to pose as an angry supervisor, and when his/her authority is questioned, threaten to fire the help-desk worker. Social engineering is very effective, because users are the most vulnerable part of an organization. No security devices or programs can keep an organization safe if an employee reveals a password to an unauthorized person.
Social engineering can be broken down into four sub-groups:
  • Intimidation As in the "angry supervisor" technique above, the hacker convinces the person who answers the phone that their job is in danger unless they help them. At this point, many people accept that the hacker is a supervisor and give them the information they seek.
  • Helpfulness The opposite of intimidation, helpfulness exploits many people's natural instinct to help others solve problems. Rather than acting angry, the hacker acts distressed and concerned. The help desk is the most vulnerable to this type of social engineering, as (a.) its general purpose is to help people; and (b.) it usually has the authority to change or reset passwords, which is exactly what the hacker wants.[38]
  • Name-dropping The hacker uses names of authorized users to convince the person who answers the phone that the hacker is a legitimate user him or herself. Some of these names, such as those of webpage owners or company officers, can easily be obtained online. Hackers have also been known to obtain names by examining discarded documents ("dumpster diving").
  • Technical Using technology is also a way to get information. A hacker can send a fax or email to a legitimate user, seeking a response that contains vital information. The hacker may claim that he or she is involved in law enforcement and needs certain data for an investigation, or for record-keeping purposes.
Trojan horses
A Trojan horse is a program that seems to be doing one thing but is actually doing another. It can be used to set up a back door in a computer system, enabling the intruder to gain access later. (The name refers to the horse from the Trojan War, with the conceptually similar function of deceiving defenders into bringing an intruder into a protected area.)
Computer virus
A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. By doing this, it behaves similarly to a biological virus, which spreads by inserting itself into living cells. While some viruses are harmless or mere hoaxes, most are considered malicious.
Computer worm
Like a virus, a worm is also a self-replicating program. It differs from a virus in that (a.) it propagates through computer networks without user intervention; and (b.) does not need to attach itself to an existing program. Nonetheless, many people use the terms "virus" and "worm" interchangeably to describe any self-propagating program.
Keystroke logging
A keylogger is a tool designed to record ("log") every keystroke on an affected machine for later retrieval, usually to allow the user of this tool to gain access to confidential information typed on the affected machine. Some keyloggers use virus-, trojan-, and rootkit-like methods to conceal themselves. However, some of them are used for legitimate purposes, even to enhance computer security. For example, a business may maintain a keylogger on a computer used at a point of sale to detect evidence of employee fraud.
Attack patterns
Attack patterns are defined as series of repeatable steps that can be applied to simulate an attack against the security of a system. They can be used for testing purposes or locating potential vulnerabilities. They also provide, either physically or in reference, a common solution pattern for preventing a given attack.

Tools and Procedures

A thorough examination of hacker tools and procedures may be found in Cengage Learning's E|CSA certification workbook.[39]

Notable intruders and criminal hackers

Main article: List of computer criminals

Notable security hackers

Main article: List of hackers

Customs

The computer underground[3] has produced its own specialized slang, such as 1337speak. Writing software and performing other activities to support these views is referred to as hacktivism. Some consider illegal cracking ethically justified for these goals; a common form is website defacement. The computer underground is frequently compared to the Wild West.[49] It is common for hackers to use aliases to conceal their identities.

Hacker groups and conventions

Main articles: Hacker conference and Hacker group

The computer underground is supported by regular real-world gatherings called hacker conventions or "hacker cons". These events include SummerCon (Summer), DEF CON, HoHoCon (Christmas), ShmooCon (February), Black Hat Conference, Chaos Communication Congress, AthCon, Hacker Halted, and H.O.P.E.[citation needed] Local Hackfest groups organize and compete to develop their skills to send a team to a prominent convention to compete in group pentesting, exploit and forensics on a larger scale. Hacker groups became popular in the early 1980s, providing access to hacking information and resources and a place to learn from other members. Computer bulletin board systems (BBSs), such as the Utopias, provided platforms for information-sharing via dial-up modem. Hackers could also gain credibility by being affiliated with elite groups.[50]

Consequences for malicious hacking

India

Section Offence Punishment
65 Tampering with computer source documents – Intentional concealment, destruction or alteration of source code when the computer source code is required to be kept or maintained by law for the time being in force Imprisonment up to three years, or/and with fine up to 20000 rupees
66 Hacking Imprisonment up to three years, or/and with fine up to 50000 rupees

Netherlands

Maximum imprisonment is one year or a fine of the fourth category.[51]

United States

18 U.S.C. § 1030, more commonly known as the Computer Fraud and Abuse Act, prohibits unauthorized access or damage of "protected computers". "Protected computers" are defined in 18 U.S.C. § 1030(e)(2) as:

  • A computer exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government.
  • A computer which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;

The maximum imprisonment or fine for violations of the Computer Fraud and Abuse Act depends on the severity of the violation and the offender's history of violations under the Act.

The FBI has demonstrated its ability to recover ransoms paid in cryptocurrency by victims of cybertheft.[52]

Hacking and the media

Hacker magazines

Main category: Hacker magazines

The most notable hacker-oriented print publications are Phrack, Hakin9 and 2600: The Hacker Quarterly. While the information contained in hacker magazines and ezines was often outdated by the time they were published, they enhanced their contributors' reputations by documenting their successes.[50]

Hackers in fiction

See also: List of fictional hackers

Hackers often show an interest in fictional cyberpunk and cyberculture literature and movies. The adoption of fictional pseudonyms,[53] symbols, values and metaphors from these works is very common.[54]

Books

Films

Non-fiction books

See also

References

  1. ^ Gao, Xing (2015). "Information security investment for competitive firms with hacker behavior and security requirements". Annals of Operations Research. 235: 277–300. doi:10.1007/s10479-015-1925-2. S2CID 207085416.
  2. ^ Winkler, Ira. Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day. John Wiley & Sons. 2005. pg. 92. ISBN 9780764589904.
  3. ^ a b Sterling, Bruce (1993). "Part 2(d)". The Hacker Crackdown. McLean, Virginia: IndyPublish.com. p. 61. ISBN 1-4043-0641-2.
  4. ^ "The Hacker's Dictionary". Retrieved May 23, 2013.
  5. ^ Political notes from 2012: September–December. stallman.org.
  6. ^ Raymond, Eric S. "Jargon File: Cracker". Coined ca. 1985 by hackers in defense against journalistic misuse of hacker.
  7. ^ Yagoda, Ben (March 6, 2014). "A Short History of 'Hack'". The New Yorker. Retrieved June 21, 2019. Although Lifehacker and other neutral or positive applications of the word [hack] are increasingly prominent, the black-hat meaning still prevails among the general public.
  8. ^ See the 1981 version of the Jargon File, entry "hacker", last meaning.
  9. ^ "Computer hacking: Where did it begin and how did it grow?". WindowSecurity.com. October 16, 2002. {{cite journal}}: Cite journal requires |journal= (help)
  10. ^ a b Elmer-DeWitt, Philip (August 29, 1983). . Time. p. 75. Archived from the original on December 2, 2007.
  11. ^ Detroit Free Press. September 27, 1983. {{cite news}}: Missing or empty |title= (help)
  12. ^ "Beware: Hackers at play". Newsweek. September 5, 1983. pp. 42–46, 48.
  13. ^ "Timeline: The U.S. Government and Cybersecurity". Washington Post. May 16, 2003. Retrieved April 14, 2006.
  14. ^ a b Bailey, David (April 1984). "Attacks on Computers: Congressional Hearings and Pending Legislation". 1984 IEEE Symposium on Security and Privacy. Oakland, CA, USA: IEEE. pp. 180–186. doi:10.1109/SP.1984.10012. ISBN 978-0-8186-0532-1. S2CID 15187375.
  15. ^ Caldwell, Tracey (July 22, 2011). "Ethical hackers: putting on the white hat". Network Security. 2011 (7): 10–13. doi:10.1016/s1353-4858(11)70075-7.
  16. ^ Clifford, D. (2011). Cybercrime: The Investigation, Prosecution and Defense of a Computer-Related Crime. Durham, North Carolina: Carolina Academic Press. ISBN 978-1594608537.
  17. ^ a b Wilhelm, Douglas (2010). "2". Professional Penetration Testing. Syngress Press. p. 503. ISBN 978-1-59749-425-0.
  18. ^ Moore, Robert (2005). Cybercrime: Investigating High Technology Computer Crime. Matthew Bender & Company. p. 258. ISBN 1-59345-303-5.Robert Moore
  19. ^ O'Brien, Marakas, James, George (2011). Management Information Systems. New York, NY: McGraw-Hill/ Irwin. pp. 536–537. ISBN 978-0-07-752217-9.{{cite book}}: CS1 maint: multiple names: authors list (link)
  20. ^ a b c Moore, Robert (2006). Cybercrime: Investigating High-Technology Computer Crime (1st ed.). Cincinnati, Ohio: Anderson Publishing. ISBN 978-1-59345-303-9.
  21. ^ Okpa, John Thompson; Ugwuoke, Christopher Uchechukwu; Ajah, Benjamin Okorie; Eshioste, Emmanuel; Igbe, Joseph Egidi; Ajor, Ogar James; Okoi, Ofem, Nnana; Eteng, Mary Juachi; Nnamani, Rebecca Ginikanwa (September 5, 2022). "Cyberspace, Black-Hat Hacking and Economic Sustainability of Corporate Organizations in Cross-River State, Nigeria". SAGE Open. 12 (3): 215824402211227. doi:10.1177/21582440221122739. ISSN 2158-2440. S2CID 252096635.{{cite journal}}: CS1 maint: multiple names: authors list (link)
  22. ^ Thomas, Douglas (2002). Hacker Culture. University of Minnesota Press. ISBN 978-0-8166-3346-3.
  23. ^ Andress, Mandy; Cox, Phil; Tittel, Ed – (2001). CIW Security Professional. New York, NY: Wiley. p. 638. ISBN 0-7645-4822-0.
  24. ^ . PC Magazine Encyclopedia. Archived from the original on March 8, 2013. Retrieved May 31, 2010. A security professional invited by Microsoft to find vulnerabilities in Windows.
  25. ^ Fried, Ina (June 15, 2005). "Blue Hat summit meant to reveal ways of the other side". Microsoft meets the hackers. CNET News. Retrieved May 31, 2010.
  26. ^ Markoff, John (October 17, 2005). "At Microsoft, Interlopers Sound Off on Security". The New York Times. Retrieved May 31, 2010.
  27. ^ a b Chabrow, Eric (February 25, 2012). "7 Levels of Hackers: Applying An Ancient Chinese Lesson: Know Your Enemies". GovInfo Security. Retrieved February 27, 2012.
  28. ^ Egloff, Florian. Cybersecurity and the Age of Privateering. In: Understanding CyberConflict: Fourteen Analogies, Chapter 14, George Perkovich and Ariel E. Levite, Eds., Georgetown University Press, 2017.
  29. ^ Tidy, Joe. Ransomware: Should paying hacker ransoms be illegal? BBC 20 May 2021.
  30. ^ Morrison, Sara. What you need to know about ransomware and the future of cyberattacks. Vox, Jun 16, 2021.
  31. ^ Abigail Summerville, Protect against the Fastest-Growing Crime: Cyber Attacks, CNBC (July 25, 2017).
  32. ^ Myre, Greg. How Bitcoin Has Fueled Ransomware Attacks. NPR, June 10, 2021.
  33. ^ a b Dey, Debabrata; Lahiri, Atanu; Zhang, Guoying (2011). "Hacker Behavior, Network Effects, and the Security Software Market". SSRN Electronic Journal. doi:10.2139/ssrn.1838656. ISSN 1556-5068.
  34. ^ Gupta, Ajay; Klavinsky, Thomas and Laliberte, Scott (March 15, 2002) Security Through Penetration Testing: Internet Penetration. informit.com
  35. ^ Rodriguez, Chris; Martinez, Richard. "The Growing Hacking Threat to Websites: An Ongoing Commitment to Web Application Security" (PDF). Frost & Sullivan. Retrieved August 13, 2013.
  36. ^ Kerner, Sean Michael. "Sentry MBA Uses Credential Stuffing To Hack Sites." Eweek (2016): 8. Academic Search Complete. Web. 7 Feb. 2017.
  37. ^ Weir, Matt, Sudhir Aggarwal, Breno de Medeiros, Bill Glodek. 2009. "Password Cracking Using Probabilistic Context-Free Grammars". 2009 30th IEEE Symposium on Security and Privacy: 391-405.
  38. ^ Thompson, Samuel T. C. "Helping The Hacker? Library Information, Security, And Social Engineering." Information Technology & Libraries 25.4 (2006): 222-225. Academic Search Complete. Web. 7 Feb. 2017.
  39. ^ Press, EC-Council (2011). Penetration Testing: Procedures & Methodologies. Clifton, NY: CENGAGE Learning. ISBN 978-1435483675.
  40. ^ "DEF CON III Archives - Susan Thunder Keynote". DEF CON. Retrieved August 12, 2017.
  41. ^ Hafner, Katie (August 1995). "Kevin Mitnick, unplugged". Esquire. 124 (2): 80.
  42. ^ "Gary McKinnon extradition ruling due by 16 October". BBC News. September 6, 2012. Retrieved September 25, 2012.
  43. ^ "Community Memory: Precedents in Social Media and Movements". Computer History Museum. February 23, 2016. Retrieved August 13, 2017.
  44. ^ (Press release). United States Attorney's Office, Central District of California. August 9, 1999. Archived from the original on September 26, 2009. Retrieved April 10, 2010.
  45. ^ Holt, Thomas J.; Schel, Bernadette Hlubik (2010). Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications. IGI Global. p. 146. ISBN 9781616928056.
  46. ^ "British teenager who 'cyber-terrorised' US intelligence officials gets two years detention". The Independent. 21 April 2018.
  47. ^ "British teen Kane Gamble accessed accounts of top US intelligence and security officials". Deutsche Welle. 21 January 2018.
  48. ^ "Kane Gamble: Teenager with autism on Leicestershire housing estate took classified information by fooling people into thinking he was FBI boss". The Independent. 21 January 2018.
  49. ^ Jordan, Tim; Taylor, Paul A. (2004). Hacktivism and Cyberwars. Routledge. pp. 133–134. ISBN 978-0-415-26003-9. Wild West imagery has permeated discussions of cybercultures.
  50. ^ a b Thomas, Douglas (2003). Hacker Culture. University of Minnesota Press. p. 90. ISBN 978-0-8166-3346-3.
  51. ^ Artikel 138ab. Wetboek van Strafrecht, December 27, 2012
  52. ^ Nakashima, Ellen. Feds recover more than $2 million in ransomware payments from Colonial Pipeline hackers. Washington Post, June 7, 2021.
  53. ^ Swabey, Pete (February 27, 2013). "Data leaked by Anonymous appears to reveal Bank of America's hacker profiling operation". Information Age. Retrieved February 21, 2014.
  54. ^ "Hackers and Viruses: Questions and Answers". Scienzagiovane. University of Bologna. November 12, 2012. Retrieved February 21, 2014.
  55. ^ Staples, Brent (May 11, 2003). "A Prince of Cyberpunk Fiction Moves Into the Mainstream". The New York Times. Mr. Gibson's novels and short stories are worshiped by hackers

Further reading

  • Samuel Chng, Han Yu Lu, Ayush Kumar, David Yau (March 2022). "Hacker types, motivations and strategies: A comprehensive framework". Computers in Human Behavior Reports. 5. ISSN 2451-9588. Retrieved January 27, 2022.{{cite journal}}: CS1 maint: multiple names: authors list (link)
  • Apro, Bill; Hammond, Graeme (2005). Hackers: The Hunt for Australia's Most Infamous Computer Cracker. Rowville, Vic: Five Mile Press. ISBN 1-74124-722-5.
  • Beaver, Kevin (2010). Hacking for Dummies. Hoboken, NJ: Wiley Pub. ISBN 978-0-7645-5784-2.
  • Conway, Richard; Cordingley, Julian (2004). Code Hacking: A Developer's Guide to Network Security. Hingham, Mass: Charles River Media. ISBN 978-1-58450-314-9.
  • Freeman, David H.; Mann, Charles C. (1997). At Large: The Strange Case of the World's Biggest Internet Invasion. New York: Simon & Schuster. ISBN 0-684-82464-7.
  • Granville, Johanna (Winter 2003). "Dot.Con: The Dangers of Cyber Crime and a Call for Proactive Solutions". Australian Journal of Politics and History. 49 (1): 102–109. doi:10.1111/1467-8497.00284. Retrieved February 20, 2014.
  • Gregg, Michael (2006). Certified Ethical Hacker. Indianapolis, Ind: Que Certification. ISBN 978-0-7897-3531-7.
  • Hafner, Katie; Markoff, John (1991). Cyberpunk: Outlaws and Hackers on the Computer Frontier. New York: Simon & Schuster. ISBN 0-671-68322-5.
  • Harper, Allen; Harris, Shon; Ness, Jonathan (2011). Gray Hat Hacking: The Ethical Hacker's Handbook (3rd ed.). New York: McGraw-Hill. ISBN 978-0-07-174255-9.
  • McClure, Stuart; Scambray, Joel; Kurtz, George (1999). Hacking Exposed: Network Security Secrets and Solutions. Berkeley, Calif: Mcgraw-Hill. ISBN 0-07-212127-0.
  • Russell, Ryan (2004). Stealing the Network: How to Own a Continent. Rockland, Mass: Syngress Media. ISBN 978-1-931836-05-0.
  • Taylor, Paul A. (1999). Hackers: Crime in the Digital Sublime. London: Routledge. ISBN 978-0-415-18072-6.

External links

 
Wikibooks has a book on the topic of: Hacking
  •   Media related to Hacking (computer security) at Wikimedia Commons
  • CNN Tech PCWorld Staff (November 2001). Timeline: A 40-year history of hacking from 1960 to 2001
  • Can Hackers Be Heroes? Video produced by Off Book (web series)

January 01, 1970
security, hacker, confused, with, hacker, hacker, culture, security, hacker, someone, explores, methods, breaching, defenses, exploiting, weaknesses, computer, system, network, hackers, motivated, multitude, reasons, such, profit, protest, information, gatheri. Not to be confused with Hacker or Hacker culture A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network 1 Hackers may be motivated by a multitude of reasons such as profit protest information gathering 2 challenge recreation 3 or evaluation of a system weaknesses to assist in formulating defenses against potential hackers Longstanding controversy surrounds the meaning of the term hacker In this controversy computer programmers reclaim the term hacker arguing that it refers simply to someone with an advanced understanding of computers and computer networks 4 and that cracker is the more appropriate term for those who break into computers whether computer criminals black hats or computer security experts white hats 5 6 A 2014 article noted that the black hat meaning still prevails among the general public 7 The subculture that has evolved around hackers is often referred to as the computer underground Contents 1 History 1 1 Birth of subculture and entering mainstream 1960s 1980s 2 Classifications 2 1 Cracker 2 2 White hat 2 3 Black hat 2 4 Grey hat 2 5 Elite hacker 2 6 Script kiddie 2 7 Neophyte 2 8 Blue hat 2 9 Hacktivist 2 10 Nation state 2 11 Organized criminal gangs 3 Attacks 3 1 Security exploits 3 2 Techniques 4 Notable intruders and criminal hackers 5 Notable security hackers 6 Customs 6 1 Hacker groups and conventions 7 Consequences for malicious hacking 7 1 India 7 2 Netherlands 7 3 United States 8 Hacking and the media 8 1 Hacker magazines 8 2 Hackers in fiction 8 2 1 Books 8 2 2 Films 8 3 Non fiction books 9 See also 10 References 11 Further reading 12 External linksHistoryFurther information Timeline of computer security hacker history nbsp Bruce Sterling author of The Hacker Crackdown Birth of subculture and entering mainstream 1960s 1980s The subculture around such hackers is termed network hacker subculture hacker scene or computer underground It initially developed in the context of phreaking during the 1960s and the microcomputer BBS scene of the 1980s It is implicated with 2600 The Hacker Quarterly and the alt 2600 newsgroup In 1980 an article in the August issue of Psychology Today with commentary by Philip Zimbardo used the term hacker in its title The Hacker Papers It was an excerpt from a Stanford Bulletin Board discussion on the addictive nature of computer use In the 1982 film Tron Kevin Flynn Jeff Bridges describes his intentions to break into ENCOM s computer system saying I ve been doing a little hacking here CLU is the software he uses for this By 1983 hacking in the sense of breaking computer security had already been in use as computer jargon 8 but there was no public awareness about such activities 9 However the release of the film WarGames that year featuring a computer intrusion into NORAD raised the public belief that computer security hackers especially teenagers could be a threat to national security This concern became real when in the same year a gang of teenage hackers in Milwaukee Wisconsin known as The 414s broke into computer systems throughout the United States and Canada including those of Los Alamos National Laboratory Sloan Kettering Cancer Center and Security Pacific Bank 10 The case quickly grew media attention 10 11 and 17 year old Neal Patrick emerged as the spokesman for the gang including a cover story in Newsweek entitled Beware Hackers at play with Patrick s photograph on the cover 12 The Newsweek article appears to be the first use of the word hacker by the mainstream media in the pejorative sense Pressured by media coverage congressman Dan Glickman called for an investigation and began work on new laws against computer hacking 13 14 Neal Patrick testified before the U S House of Representatives on September 26 1983 about the dangers of computer hacking and six bills concerning computer crime were introduced in the House that year 14 As a result of these laws against computer criminality white hat grey hat and black hat hackers try to distinguish themselves from each other depending on the legality of their activities These moral conflicts are expressed in The Mentor s The Hacker Manifesto published 1986 in Phrack Use of the term hacker meaning computer criminal was also advanced by the title Stalking the Wily Hacker an article by Clifford Stoll in the May 1988 issue of the Communications of the ACM Later that year the release by Robert Tappan Morris Jr of the so called Morris worm provoked the popular media to spread this usage The popularity of Stoll s book The Cuckoo s Egg published one year later further entrenched the term in the public s consciousness ClassificationsIn computer security a hacker is someone who focuses on the security mechanisms of computer and network systems Hackers can include someone who endeavors to strengthen security mechanisms by exploring their weaknesses and also those who seek to access secure unauthorized information despite security measures Nevertheless parts of the subculture see their aim in correcting security problems and use the word in a positive sense White hat is the name given to ethical computer hackers who utilize hacking in a helpful way White hats are becoming a necessary part of the information security field 15 They operate under a code which acknowledges that breaking into other people s computers is bad but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally Accordingly the term bears strong connotations that are favorable or pejorative depending on the context Subgroups of the computer underground with different attitudes and motives use different terms to demarcate themselves from each other These classifications are also used to exclude specific groups with whom they do not agree Cracker Eric S Raymond author of The New Hacker s Dictionary advocates that members of the computer underground should be called crackers Yet those people see themselves as hackers and even try to include the views of Raymond in what they see as a wider hacker culture a view that Raymond has harshly rejected Instead of a hacker cracker dichotomy they emphasize a spectrum of different categories such as white hat grey hat black hat and script kiddie In contrast to Raymond they usually reserve the term cracker for more malicious activity According to Ralph D Clifford a cracker or cracking is to gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system 16 These subgroups may also be defined by the legal status of their activities 17 White hat Main article White hat computer security A white hat hacker breaks security for non malicious reasons either to test their own security system perform penetration tests or vulnerability assessments for a client or while working for a security company that makes security software The term is generally synonymous with ethical hacker and certifications courseware classes and online training covering the diverse arena of ethical hacking have been developed 17 Black hat Main article Black hat computer security A black hat hacker is a hacker who violates computer security for little reason beyond maliciousness or for personal gain Moore 2005 18 The term was coined by Richard Stallman to contrast the maliciousness of a criminal hacker versus the spirit of playfulness and exploration in hacker culture or the ethos of the white hat hacker who performs hacking duties to identify places to repair or as a means of legitimate employment 19 Black hat hackers form the stereotypical illegal hacking groups often portrayed in popular culture and are the epitome of all that the public fears in a computer criminal 20 Grey hat Main article Grey hat A grey hat hacker lies between a black hat and a white hat hacker hacking for ideological reasons 21 A grey hat hacker may surf the Internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect for example They may then offer to correct the defect for a fee 20 Grey hat hackers sometimes find the defect in a system and publish the facts to the world instead of a group of people Even though grey hat hackers may not necessarily perform hacking for their personal gain unauthorized access to a system can be considered illegal and unethical Elite hacker A social status among hackers elite is used to describe the most skilled Newly discovered exploits circulate among these hackers Elite groups such as Masters of Deception conferred a kind of credibility on their members 22 Script kiddie Main article Script kiddie A script kiddie also known as a skid or skiddie is an unskilled hacker who breaks into computer systems by using automated tools written by others usually by other black hat hackers hence the term script i e a computer script that automates the hacking kiddie i e kid child an individual lacking knowledge and experience immature 23 usually with little understanding of the underlying concept Neophyte A neophyte newbie or noob is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking 20 Blue hat Main article BlueHat A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch looking for exploits so they can be closed Microsoft also uses the term BlueHat to represent a series of security briefing events 24 25 26 Hacktivist Main article Hacktivist A hacktivist is a hacker who utilizes technology to publicize a social ideological religious or political message Hacktivism can be divided into two main groups Cyberterrorism Activities involving website defacement or denial of service attacks and Freedom of information Making information that is not public or is public in non machine readable formats accessible to the public Nation state Intelligence agencies and cyberwarfare operatives of nation states 27 Organized criminal gangs Groups of hackers that carry out organized criminal activities for profit 27 Modern day computer hackers have been compared to the privateers of by gone days 28 These criminals hold computer systems hostage demanding large payments from victims to restore access to their own computer systems and data 29 Furthermore recent ransomware attacks on industries including energy food and transportation have been blamed on criminal organizations based in or near a state actor possibly with the country s knowledge and approval 30 Cyber theft and ransomware attacks are now the fastest growing crimes in the United States 31 Bitcoin and other cryptocurrencies facilitate the extortion of huge ransoms from large companies hospitals and city governments with little or no chance of being caught 32 AttacksMain article Computer securityHackers can usually be sorted into two types of attacks mass attacks and targeted attacks 33 They are sorted into the groups in terms of how they choose their victims and how they act on the attacks 33 A typical approach in an attack on Internet connected system is Network enumeration Discovering information about the intended target Vulnerability analysis Identifying potential ways of attack Exploitation Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis 34 In order to do so there are several recurring tools of the trade and techniques used by computer criminals and security experts Security exploits Main article Exploit computer security A security exploit is a prepared application that takes advantage of a known weakness 35 Common examples of security exploits are SQL injection cross site scripting and cross site request forgery which abuse security holes that may result from substandard programming practice Other exploits would be able to be used through File Transfer Protocol FTP Hypertext Transfer Protocol HTTP PHP SSH Telnet and some Web pages These are very common in Web site and Web domain hacking Techniques This section does not cite any sources Please help improve this section by adding citations to reliable sources Unsourced material may be challenged and removed August 2011 Learn how and when to remove this template message Vulnerability scanner A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses Hackers also commonly use port scanners These check to see which ports on a specified computer are open or available to access the computer and sometimes will detect what program or service is listening on that port and its version number Firewalls defend computers from intruders by limiting access to ports and machines but they can still be circumvented Finding vulnerabilities Hackers may also attempt to find vulnerabilities manually A common approach is to search for possible vulnerabilities in the code of the computer system then test them sometimes reverse engineering the software if the code is not provided Experienced hackers can easily find patterns in code to find common vulnerabilities Brute force attack Password guessing Brute force attacks are used to quickly check all short password variations For longer passwords other methods such as the dictionary attack are used because of the amount of time a brute force search takes 36 Password cracking Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system Common approaches include repeatedly trying guesses for the password trying the most common passwords by hand and repeatedly trying passwords from a dictionary or a text file with many passwords 37 Packet analyzer A packet analyzer packet sniffer is an application that captures data packets which can be used to capture passwords and other data in transit over the network Spoofing attack phishing A spoofing attack involves one program system or website that successfully masquerades as another by falsifying data and is thereby treated as a trusted system by a user or another program usually to fool programs systems or users into revealing confidential information such as user names and passwords Rootkit A rootkit is a program that uses low level hard to detect methods to subvert control of an operating system from its legitimate operators Rootkits usually obscure their installation and attempt to prevent their removal through a subversion of standard system security They may include replacements for system binaries making it virtually impossible for them to be detected by checking process tables Social engineering In the second stage of the targeting process hackers often use social engineering tactics to get enough information to access the network They may contact the system administrator and pose as a user who cannot get access to his or her system This technique is portrayed in the 1995 film Hackers when protagonist Dade Zero Cool Murphy calls a somewhat clueless employee in charge of security at a television network Posing as an accountant working for the same company Dade tricks the employee into giving him the phone number of a modem so he can gain access to the company s computer system Hackers who use this technique must be familiar with their target s security practices in order to trick the system administrator into giving them information In some cases a help desk employee with limited security experience will answer the phone and be relatively easy to trick Another approach is for the hacker to pose as an angry supervisor and when his her authority is questioned threaten to fire the help desk worker Social engineering is very effective because users are the most vulnerable part of an organization No security devices or programs can keep an organization safe if an employee reveals a password to an unauthorized person Social engineering can be broken down into four sub groups Intimidation As in the angry supervisor technique above the hacker convinces the person who answers the phone that their job is in danger unless they help them At this point many people accept that the hacker is a supervisor and give them the information they seek Helpfulness The opposite of intimidation helpfulness exploits many people s natural instinct to help others solve problems Rather than acting angry the hacker acts distressed and concerned The help desk is the most vulnerable to this type of social engineering as a its general purpose is to help people and b it usually has the authority to change or reset passwords which is exactly what the hacker wants 38 Name dropping The hacker uses names of authorized users to convince the person who answers the phone that the hacker is a legitimate user him or herself Some of these names such as those of webpage owners or company officers can easily be obtained online Hackers have also been known to obtain names by examining discarded documents dumpster diving Technical Using technology is also a way to get information A hacker can send a fax or email to a legitimate user seeking a response that contains vital information The hacker may claim that he or she is involved in law enforcement and needs certain data for an investigation or for record keeping purposes Trojan horses A Trojan horse is a program that seems to be doing one thing but is actually doing another It can be used to set up a back door in a computer system enabling the intruder to gain access later The name refers to the horse from the Trojan War with the conceptually similar function of deceiving defenders into bringing an intruder into a protected area Computer virus A virus is a self replicating program that spreads by inserting copies of itself into other executable code or documents By doing this it behaves similarly to a biological virus which spreads by inserting itself into living cells While some viruses are harmless or mere hoaxes most are considered malicious Computer worm Like a virus a worm is also a self replicating program It differs from a virus in that a it propagates through computer networks without user intervention and b does not need to attach itself to an existing program Nonetheless many people use the terms virus and worm interchangeably to describe any self propagating program Keystroke logging A keylogger is a tool designed to record log every keystroke on an affected machine for later retrieval usually to allow the user of this tool to gain access to confidential information typed on the affected machine Some keyloggers use virus trojan and rootkit like methods to conceal themselves However some of them are used for legitimate purposes even to enhance computer security For example a business may maintain a keylogger on a computer used at a point of sale to detect evidence of employee fraud Attack patterns Attack patterns are defined as series of repeatable steps that can be applied to simulate an attack against the security of a system They can be used for testing purposes or locating potential vulnerabilities They also provide either physically or in reference a common solution pattern for preventing a given attack Tools and Procedures A thorough examination of hacker tools and procedures may be found in Cengage Learning s E CSA certification workbook 39 Notable intruders and criminal hackersMain article List of computer criminalsNotable security hackersMain article List of hackers Andrew Auernheimer sentenced to three years in prison is a grey hat hacker whose security group Goatse Security exposed a flaw in AT amp T s iPad security Dan Kaminsky was a DNS expert who exposed multiple flaws in the protocol and investigated Sony s rootkit security issues in 2005 He spoke in front of the United States Senate on technology issues Ed Cummings also known as Bernie S is a longstanding writer for 2600 The Hacker Quarterly In 1995 he was arrested and charged with possession of technology that could be used for fraudulent purposes and set legal precedents after being denied both a bail hearing and a speedy trial Eric Corley also known as Emmanuel Goldstein is the longstanding publisher of 2600 The Hacker Quarterly He is also the founder of the Hackers on Planet Earth HOPE conferences He has been part of the hacker community since the late 1970s Susan Headley also known as Susan Thunder was an American hacker active during the late 1970s and early 1980s widely respected for her expertise in social engineering pretexting and psychological subversion 40 She became heavily involved in phreaking with Kevin Mitnick and Lewis de Payne in Los Angeles but later framed them for erasing the system files at US Leasing after a falling out leading to Mitnick s first conviction 41 Gary McKinnon is a Scottish hacker who was facing extradition to the United States to face criminal charges Many people in the UK called on the authorities to be lenient with McKinnon who has Asperger syndrome The extradition has now been dropped 42 Gordon Lyon known by the handle Fyodor authored the Nmap Security Scanner as well as many network security books and web sites He is a founding member of the Honeynet Project and Vice President of Computer Professionals for Social Responsibility Guccifer 2 0 who claimed that he hacked into the Democratic National Committee DNC computer network Jacob Appelbaum is an advocate security researcher and developer for the Tor project He speaks internationally for usage of Tor by human rights groups and others concerned about Internet anonymity and censorship Joanna Rutkowska is a Polish computer security researcher who developed the Blue Pill rootkit and Qubes OS Jude Milhon known as St Jude was an American hacker and activist founding member of the cypherpunk movement and one of the creators of Community Memory the first public computerized bulletin board system 43 Kevin Mitnick was a computer security consultant and author formerly the most wanted computer criminal in United States history 44 Len Sassaman was a Belgian computer programmer and technologist who was also a privacy advocate Meredith L Patterson is a well known technologist and biohacker who has presented research with Dan Kaminsky and Len Sassaman at many international security and hacker conferences Kimberley Vanvaeck known as Gigabyte is a Belgian hacker recognized for writing the first virus in C 45 Michal Zalewski lcamtuf is a prominent security researcher Solar Designer is the pseudonym of the founder of the Openwall Project Kane Gamble sentenced to 2 years in youth detention who is autistic gained access to highly sensitive information and cyber terrorised high profile U S intelligence officials such as then CIA chief John Brennan or Director of National Intelligence James Clapper 46 47 48 CustomsThe computer underground 3 has produced its own specialized slang such as 1337speak Writing software and performing other activities to support these views is referred to as hacktivism Some consider illegal cracking ethically justified for these goals a common form is website defacement The computer underground is frequently compared to the Wild West 49 It is common for hackers to use aliases to conceal their identities Hacker groups and conventions Main articles Hacker conference and Hacker group The computer underground is supported by regular real world gatherings called hacker conventions or hacker cons These events include SummerCon Summer DEF CON HoHoCon Christmas ShmooCon February Black Hat Conference Chaos Communication Congress AthCon Hacker Halted and H O P E citation needed Local Hackfest groups organize and compete to develop their skills to send a team to a prominent convention to compete in group pentesting exploit and forensics on a larger scale Hacker groups became popular in the early 1980s providing access to hacking information and resources and a place to learn from other members Computer bulletin board systems BBSs such as the Utopias provided platforms for information sharing via dial up modem Hackers could also gain credibility by being affiliated with elite groups 50 Consequences for malicious hackingIndia Section Offence Punishment 65 Tampering with computer source documents Intentional concealment destruction or alteration of source code when the computer source code is required to be kept or maintained by law for the time being in force Imprisonment up to three years or and with fine up to 20000 rupees 66 Hacking Imprisonment up to three years or and with fine up to 50000 rupees Netherlands Article 138ab of Wetboek van Strafrecht prohibits computervredebreuk which is defined as intruding an automated work or a part thereof with intention and against the law Intrusion is defined as access by means of Defeating security measures By technical means By false signals or a false cryptographic key By the use of stolen usernames and passwords Maximum imprisonment is one year or a fine of the fourth category 51 United States 18 U S C 1030 more commonly known as the Computer Fraud and Abuse Act prohibits unauthorized access or damage of protected computers Protected computers are defined in 18 U S C 1030 e 2 as A computer exclusively for the use of a financial institution or the United States Government or in the case of a computer not exclusively for such use used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government A computer which is used in or affecting interstate or foreign commerce or communication including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States The maximum imprisonment or fine for violations of the Computer Fraud and Abuse Act depends on the severity of the violation and the offender s history of violations under the Act The FBI has demonstrated its ability to recover ransoms paid in cryptocurrency by victims of cybertheft 52 Hacking and the mediaHacker magazines Main category Hacker magazines The most notable hacker oriented print publications are Phrack Hakin9 and 2600 The Hacker Quarterly While the information contained in hacker magazines and ezines was often outdated by the time they were published they enhanced their contributors reputations by documenting their successes 50 Hackers in fiction See also List of fictional hackers Hackers often show an interest in fictional cyberpunk and cyberculture literature and movies The adoption of fictional pseudonyms 53 symbols values and metaphors from these works is very common 54 Books The cyberpunk novels of William Gibson especially the Sprawl trilogy are very popular with hackers 55 Helba from the hack manga and anime series Merlin of Amber the protagonist of the second series in The Chronicles of Amber by Roger Zelazny is a young immortal hacker mage prince who has the ability to traverse shadow dimensions Lisbeth Salander in The Girl with the Dragon Tattoo by Stieg Larsson Alice from Heaven s Memo Pad Ender s Game by Orson Scott Card Evil Genius by Catherine Jinks Hackers anthology by Jack Dann and Gardner Dozois Little Brother by Cory Doctorow Neuromancer by William Gibson Snow Crash by Neal Stephenson Films Antitrust Blackhat Cypher Eagle Eye Enemy of the State Firewall Girl With The Dragon Tattoo Hackers Live Free or Die Hard The Matrix series The Net The Net 2 0 Pirates of Silicon Valley Skyfall Sneakers Swordfish Terminator 2 Judgment Day Terminator Salvation Take Down Tron Tron Legacy Untraceable WarGames Weird Science The Fifth Estate Who Am I No System Is Safe film Non fiction books The Art of Deception by Kevin Mitnick The Art of Intrusion by Kevin Mitnick The Cuckoo s Egg by Clifford Stoll Ghost in the Wires My Adventures as the World s Most Wanted Hacker by Kevin Mitnick Hackers Heroes of the Computer Revolution by Steven Levy The Hacker Crackdown by Bruce Sterling The Hacker s Handbook by Hugo Cornwall Peter Sommer Hacking The Art of Exploitation Second Edition by Jon Erickson Out of the Inner Circle by Bill Landreth and Howard Rheingold Underground by Suelette DreyfusSee alsoCracking of wireless networks Cyber spying Cyber Storm Exercise Cybercrime Government hacking Hacker culture Hacker expert Hacker Manifesto IT risk Mathematical beauty Metasploit Project Penetration test Technology assessment Vulnerability computing References Gao Xing 2015 Information security investment for competitive firms with hacker behavior and security requirements Annals of Operations Research 235 277 300 doi 10 1007 s10479 015 1925 2 S2CID 207085416 Winkler Ira Spies Among Us How to Stop the Spies Terrorists Hackers and Criminals You Don t Even Know You Encounter Every Day John Wiley amp Sons 2005 pg 92 ISBN 9780764589904 a b Sterling Bruce 1993 Part 2 d The Hacker Crackdown McLean Virginia IndyPublish com p 61 ISBN 1 4043 0641 2 The Hacker s Dictionary Retrieved May 23 2013 Political notes from 2012 September December stallman org Raymond Eric S Jargon File Cracker Coined ca 1985 by hackers in defense against journalistic misuse of hacker Yagoda Ben March 6 2014 A Short History of Hack The New Yorker Retrieved June 21 2019 Although Lifehacker and other neutral or positive applications of the word hack are increasingly prominent the black hat meaning still prevails among the general public See the 1981 version of the Jargon File entry hacker last meaning Computer hacking Where did it begin and how did it grow WindowSecurity com October 16 2002 a href Template Cite journal html title Template Cite journal cite journal a Cite journal requires journal help a b Elmer DeWitt Philip August 29 1983 The 414 Gang Strikes Again Time p 75 Archived from the original on December 2 2007 Detroit Free Press September 27 1983 a href Template Cite news html title Template Cite news cite news a Missing or empty title help Beware Hackers at play Newsweek September 5 1983 pp 42 46 48 Timeline The U S Government and Cybersecurity Washington Post May 16 2003 Retrieved April 14 2006 a b Bailey David April 1984 Attacks on Computers Congressional Hearings and Pending Legislation 1984 IEEE Symposium on Security and Privacy Oakland CA USA IEEE pp 180 186 doi 10 1109 SP 1984 10012 ISBN 978 0 8186 0532 1 S2CID 15187375 Caldwell Tracey July 22 2011 Ethical hackers putting on the white hat Network Security 2011 7 10 13 doi 10 1016 s1353 4858 11 70075 7 Clifford D 2011 Cybercrime The Investigation Prosecution and Defense of a Computer Related Crime Durham North Carolina Carolina Academic Press ISBN 978 1594608537 a b Wilhelm Douglas 2010 2 Professional Penetration Testing Syngress Press p 503 ISBN 978 1 59749 425 0 Moore Robert 2005 Cybercrime Investigating High Technology Computer Crime Matthew Bender amp Company p 258 ISBN 1 59345 303 5 Robert Moore O Brien Marakas James George 2011 Management Information Systems New York NY McGraw Hill Irwin pp 536 537 ISBN 978 0 07 752217 9 a href Template Cite book html title Template Cite book cite book a CS1 maint multiple names authors list link a b c Moore Robert 2006 Cybercrime Investigating High Technology Computer Crime 1st ed Cincinnati Ohio Anderson Publishing ISBN 978 1 59345 303 9 Okpa John Thompson Ugwuoke Christopher Uchechukwu Ajah Benjamin Okorie Eshioste Emmanuel Igbe Joseph Egidi Ajor Ogar James Okoi Ofem Nnana Eteng Mary Juachi Nnamani Rebecca Ginikanwa September 5 2022 Cyberspace Black Hat Hacking and Economic Sustainability of Corporate Organizations in Cross River State Nigeria SAGE Open 12 3 215824402211227 doi 10 1177 21582440221122739 ISSN 2158 2440 S2CID 252096635 a href Template Cite journal html title Template Cite journal cite journal a CS1 maint multiple names authors list link Thomas Douglas 2002 Hacker Culture University of Minnesota Press ISBN 978 0 8166 3346 3 Andress Mandy Cox Phil Tittel Ed 2001 CIW Security Professional New York NY Wiley p 638 ISBN 0 7645 4822 0 Blue hat hacker Definition PC Magazine Encyclopedia Archived from the original on March 8 2013 Retrieved May 31 2010 A security professional invited by Microsoft to find vulnerabilities in Windows Fried Ina June 15 2005 Blue Hat summit meant to reveal ways of the other side Microsoft meets the hackers CNET News Retrieved May 31 2010 Markoff John October 17 2005 At Microsoft Interlopers Sound Off on Security The New York Times Retrieved May 31 2010 a b Chabrow Eric February 25 2012 7 Levels of Hackers Applying An Ancient Chinese Lesson Know Your Enemies GovInfo Security Retrieved February 27 2012 Egloff Florian Cybersecurity and the Age of Privateering In Understanding CyberConflict Fourteen Analogies Chapter 14 George Perkovich and Ariel E Levite Eds Georgetown University Press 2017 Tidy Joe Ransomware Should paying hacker ransoms be illegal BBC 20 May 2021 Morrison Sara What you need to know about ransomware and the future of cyberattacks Vox Jun 16 2021 Abigail Summerville Protect against the Fastest Growing Crime Cyber Attacks CNBC July 25 2017 Myre Greg How Bitcoin Has Fueled Ransomware Attacks NPR June 10 2021 a b Dey Debabrata Lahiri Atanu Zhang Guoying 2011 Hacker Behavior Network Effects and the Security Software Market SSRN Electronic Journal doi 10 2139 ssrn 1838656 ISSN 1556 5068 Gupta Ajay Klavinsky Thomas and Laliberte Scott March 15 2002 Security Through Penetration Testing Internet Penetration informit com Rodriguez Chris Martinez Richard The Growing Hacking Threat to Websites An Ongoing Commitment to Web Application Security PDF Frost amp Sullivan Retrieved August 13 2013 Kerner Sean Michael Sentry MBA Uses Credential Stuffing To Hack Sites Eweek 2016 8 Academic Search Complete Web 7 Feb 2017 Weir Matt Sudhir Aggarwal Breno de Medeiros Bill Glodek 2009 Password Cracking Using Probabilistic Context Free Grammars 2009 30th IEEE Symposium on Security and Privacy 391 405 Thompson Samuel T C Helping The Hacker Library Information Security And Social Engineering Information Technology amp Libraries 25 4 2006 222 225 Academic Search Complete Web 7 Feb 2017 Press EC Council 2011 Penetration Testing Procedures amp Methodologies Clifton NY CENGAGE Learning ISBN 978 1435483675 DEF CON III Archives Susan Thunder Keynote DEF CON Retrieved August 12 2017 Hafner Katie August 1995 Kevin Mitnick unplugged Esquire 124 2 80 Gary McKinnon extradition ruling due by 16 October BBC News September 6 2012 Retrieved September 25 2012 Community Memory Precedents in Social Media and Movements Computer History Museum February 23 2016 Retrieved August 13 2017 Kevin Mitnick sentenced to nearly four years in prison computer hacker ordered to pay restitution Press release United States Attorney s Office Central District of California August 9 1999 Archived from the original on September 26 2009 Retrieved April 10 2010 Holt Thomas J Schel Bernadette Hlubik 2010 Corporate Hacking and Technology Driven Crime Social Dynamics and Implications IGI Global p 146 ISBN 9781616928056 British teenager who cyber terrorised US intelligence officials gets two years detention The Independent 21 April 2018 British teen Kane Gamble accessed accounts of top US intelligence and security officials Deutsche Welle 21 January 2018 Kane Gamble Teenager with autism on Leicestershire housing estate took classified information by fooling people into thinking he was FBI boss The Independent 21 January 2018 Jordan Tim Taylor Paul A 2004 Hacktivism and Cyberwars Routledge pp 133 134 ISBN 978 0 415 26003 9 Wild West imagery has permeated discussions of cybercultures a b Thomas Douglas 2003 Hacker Culture University of Minnesota Press p 90 ISBN 978 0 8166 3346 3 Artikel 138ab Wetboek van Strafrecht December 27 2012 Nakashima Ellen Feds recover more than 2 million in ransomware payments from Colonial Pipeline hackers Washington Post June 7 2021 Swabey Pete February 27 2013 Data leaked by Anonymous appears to reveal Bank of America s hacker profiling operation Information Age Retrieved February 21 2014 Hackers and Viruses Questions and Answers Scienzagiovane University of Bologna November 12 2012 Retrieved February 21 2014 Staples Brent May 11 2003 A Prince of Cyberpunk Fiction Moves Into the Mainstream The New York Times Mr Gibson s novels and short stories are worshiped by hackersFurther readingSamuel Chng Han Yu Lu Ayush Kumar David Yau March 2022 Hacker types motivations and strategies A comprehensive framework Computers in Human Behavior Reports 5 ISSN 2451 9588 Retrieved January 27 2022 a href Template Cite journal html title Template Cite journal cite journal a CS1 maint multiple names authors list link Apro Bill Hammond Graeme 2005 Hackers The Hunt for Australia s Most Infamous Computer Cracker Rowville Vic Five Mile Press ISBN 1 74124 722 5 Beaver Kevin 2010 Hacking for Dummies Hoboken NJ Wiley Pub ISBN 978 0 7645 5784 2 Conway Richard Cordingley Julian 2004 Code Hacking A Developer s Guide to Network Security Hingham Mass Charles River Media ISBN 978 1 58450 314 9 Freeman David H Mann Charles C 1997 At Large The Strange Case of the World s Biggest Internet Invasion New York Simon amp Schuster ISBN 0 684 82464 7 Granville Johanna Winter 2003 Dot Con The Dangers of Cyber Crime and a Call for Proactive Solutions Australian Journal of Politics and History 49 1 102 109 doi 10 1111 1467 8497 00284 Retrieved February 20 2014 Gregg Michael 2006 Certified Ethical Hacker Indianapolis Ind Que Certification ISBN 978 0 7897 3531 7 Hafner Katie Markoff John 1991 Cyberpunk Outlaws and Hackers on the Computer Frontier New York Simon amp Schuster ISBN 0 671 68322 5 Harper Allen Harris Shon Ness Jonathan 2011 Gray Hat Hacking The Ethical Hacker s Handbook 3rd ed New York McGraw Hill ISBN 978 0 07 174255 9 McClure Stuart Scambray Joel Kurtz George 1999 Hacking Exposed Network Security Secrets and Solutions Berkeley Calif Mcgraw Hill ISBN 0 07 212127 0 Russell Ryan 2004 Stealing the Network How to Own a Continent Rockland Mass Syngress Media ISBN 978 1 931836 05 0 Taylor Paul A 1999 Hackers Crime in the Digital Sublime London Routledge ISBN 978 0 415 18072 6 External links nbsp Wikibooks has a book on the topic of Hacking nbsp Media related to Hacking computer security at Wikimedia Commons CNN Tech PCWorld Staff November 2001 Timeline A 40 year history of hacking from 1960 to 2001 Can Hackers Be Heroes Video produced by Off Book web series Retrieved from https en wikipedia org w index php title Security hacker amp oldid 1220643200, wikipedia, wiki, book, books, library,

article

, read, download, free, free download, mp3, video, mp4, 3gp, jpg, jpeg, gif, png, picture, music, song, movie, book, game, games.