When it comes to information security, we always hear about "Hacker". In general, a hacker is someone that tries to break or bypass the limitations and security structure of a system to gain access to it. On the other hand, perhaps you have also heard about “Intruders” or “Attackers”. Although these three titles are sometimes used interchangeably, but there are fine differences between them.
Both intruders and attackers are hackers, and by taking advantage of different techniques, break the defense lines of a system or exploit its security flaws. However, an intruder often simply tries to get unauthorized access to a service or eavesdrop information. For example, someone might use your internet connection for free, just by hacking your wireless router's weak security protocols. They often follow their chances and concentrate on the first potential target that there is a chance to infiltrate. Meanwhile, an attacker focuses his/her efforts on a specific target and does it with the purpose of harming the victim's system. Although the intruder's works may also cause damage, the attacker's actions are basically pursuing such a goal and have a higher risk for the victim.
Hackers use different methods and tools to achieve their goals. Although some of these methods or tools can be common among all hackers, some hackers often rely on specific methods some of which are reviewed here.
Malware is any software that is created for malicious purposes and after being infiltrated into the victim's system, replicates itself or activates at a specific time to pave the way for the hacker to reach its goals. The most infamous types of malware include:
- Viruses: A piece of code that attaches itself to a part of your system or a software application, and then uses various methods to reproduce it. Viruses are often used to spread other types of malware.
- Worms: A particular type of malware that does not need any another software or user intervention for replicating itself, and can reproduce and transfer itself to other computers on a computer network. The malware can provide network access to an unauthorized user (hacker) or devour enough resources from the victim's system (like its memory) to compromise it.
- Ransomware: A malware that prevents you from accessing your information and will ask you for a ransom to be able to retrieve this information. These malware work primarily by encrypting the victim's system information. In best scenarios, you will receive the decryption key after paying the requested ransom. In worst situations, you may never gain access to your information again.
- Spyware: Another malware that collects information about your behavioral habits and activities on your system. By sending this information to the hacker, the spyware will provide him with a general insight of you. Keyloggers, which record the keys you have pressed and send them to hackers, are the most used spyware. This way the hacker can obtain the combination of your password or credit card number.
Trojan: It's a kind of malware that pretends to be a useful and legal software, but once being run, it can cause a lot of damage. Trojans are often used to open an infiltration path or a backdoor for attackers and allow them to access the system.
Social engineering covers a series of malicious attempts that target the weakest security link, namely users themselves. In this Method, the hacker tries to persuade the user to disclose valuable information or grant him access to a secure system. These attacks are well designed and fully planned according to the psychological insight of users. Some of the most common social engineering techniques include:
- Phishing: In this technique, the hacker contacts the user in a variety of ways, pretending to be a trusted entity and often encourage the user to disclose confidential personal information such as username, password, bank card number, etc. by creating a sense of urgency and rush.
- Pretexting: It's very similar to phishing, but here, instead of creating a sense of urgency and feeling of being in hurry, the hacker tries to convince the user of his trustworthiness and credibility so that the victim reveals intended information without being suspicious.
- Baiting: As the name implies, the hacker here uses a bait to deceive the user. For example, the hacker might ask the users to provide information such as their username, password or bank account number for downloading a movie or music album. In this case, the user actually believes that providing the information is necessary to prove his credibility.
Although many of the above techniques take advantage of online connections and the Internet, there are some methods that are specifically designed based on online services. These techniques are used for purposes such as advertising, redirecting traffic, fraud, and disabling online services.
- Spam: emails that are sent massively and with the purpose of convincing the user to pay a fee or buy a false item. Also, in some cases, the attackers are sending a large amount of spam from previously infected systems to a web server in order to compromise it and leading it to denial of service. A set of infected systems (zombies) that a hacker uses to spread spam or viruses are known as Botnet.
- Pharming: this one is redirecting the traffic of a valid site to a fake site. This technique is done with the purpose of stealing the credentials (username and password) of the victim because the fake site is very similar to the original one and convinces the user that he is in the right path as always.
As you can see, all these techniques can be applied to a wide variety of systems, can be implemented for different purposes, and ultimately result in different outcomes based on the size and composition of the attack.