The New Ways of Hacking

The New Ways of Hacking

From the beginning of History, the messages were the most protected data’s due to the importance they could have. As far as the Egyptians who used to write on the head of a slave and waited that the hair grew again, the ways to protect any sensitive data’s were always limited in time because any new protections would be eventually cracked, especially in war time. The enigma machine used by the Germans during the Second World War to encrypt their tactical messages was broken by the English Alan Turing in 1942. Following the evolution of the communication mediums, the hackers changed their methods, including reading victims’ emails or listening the phone. Far away from any War communication or any Top Secret level/ Highly-Sensitive message, our privacy is now the target of thieves. In our modern multimedia society our private secrets and identities became now more valuable than any other commodities. Thanks to Facebook, we pushed the limited of our privacy far away from our control because we disclose our privacy on purpose. So the hackers are always searching new ways to access our data’s.

The Hackers are the point from where everything starts. Among all the Hackers, the purchased aims are sometimes diametrically opposed: some want to destroy the wall of patents and argue that anything is free while the others just want to make money out of their achievements. We can see that as Robin Hood and a common thief, while one has a worthy goal, the other just want to participate at his own profit. Among these two different categories of hackers the goals are different therefore their tools are different too. The first tool hackers created is the so-called botnet. A botnet (Beaver) is a network of infected computers which are under a hacker’s control and with this network, the hacker disposes of hundred thousand computers’ computing power and connection in order to attack private network or any online website. A botnet could be seen as zombie army in which each zombie doesn’t control what he is doing but is still doing it. On their daily life, users whose computers are infected usually don’t know it and/or barely notice that the computer runs slowly. We can see here that the infected computer is just a mean used by the hackers to attack another target and the users’ data are usually not compromised by this kind of threat. But hackers usually sell or rent their botnet to people who don’t have the ability to create their own and by that transaction the control of the numerous computers is transferred to someone who might not just use the botnet to attack a third target but also target the computers themselves. By doing so, the hackers turn into thieves because they just steal the data. The use of botnet is in a grey area. According to the law ("Penal code") it comes under the use of someone else’s property without acceptance, but a botnet usually stays out of the user’s sight and by then isn’t usually spotted by any average user. This last point brings the argument that a user shouldn’t be hold responsible for actions involving his computer and the hackers entered in the gate opened on that grey area. The companies or even the different governments attacked by botnet can’t identify who is the attacker and any answer is useless. This kind of attack is usually used against website because hackers use every single computer connected to their to try to connect on the targeted website. This kind of attack could be compared to a massive flood of unarmed people rushing into a castle, forcing this castle to shut down and then restraining the defensive use of the castle. Such an attack is called a Denial of Service Attack (DoS) and can be damageable for any touched website and by extension to their owners. The use of a botnet can be more profitable because the hackers can rent their botnet for a specific task and reuse it again for another task. Hackers can also use the calculation power of every computer connected for many purpose: the worst one is using that fantastic power to break into official institutions network, such as FMI or as any stock markets in order to destabilize the target; another possible purpose would be to ordain the computers to start automatic tasks, such as sending spam-emails and starting phishing. The purpose of phishing is to collect users’ personal information, but it requires the participation of the being hacked person because they need to introduce themselves any information on fake website and/or by responding to an email apparently coming from an official organization. But this technique is based on an unpredictable actor: the user. In 2009, Nitesh Dhanjani, Billy Rios and Brett Hardin wrote in their

...