Ethical Hacking as a Shield against Cyber crime

Feb 24 • Group Discussion • 4388 Views • 24 Comments on Ethical Hacking as a Shield against Cyber crime

Although in Ethical Hacking, Ethical is an often overused and misunderstood word, the Merriam Webster Dictionary defines ethical perfectly i.e. conforming to accepted professional standards of conduct. Before going to the actual topic i.e Ethical Hacking, I would like to tell you something about hackers. We have all heard of hackers. Many of us even suffered the consequences of hackers’ action. So who are these Hackers? Why it is important to know about them? This question can easily be answered after reading this article.

 Defining Hacker and Ethical Hacking.

Ethical Hacking

Ethical Hacking

Many people think of hackers as computer vandals and ethical hacking as crime. The main question arises from here that why most people think like that? The simple answer is the media which is responsible for this wrong assumption. People do not think twice before believing something that has been printed in the newspaper and magazines. Actually Real Hackers are good guy who are normally very helpful, intelligent and knowledgeable.(called, White Hat hackers.)

 

black hat SEO

ethical hacking is legal or illegal

However after saying all this I must admit that there is a very thin line between hackers and crackers.  Crackers are bad guy and having same knowledge as hackers (called, Black Hat Hackers). Their main aim is to catch a host and tap all important information.

 

 

After understanding the actual meaning of hackers we come to the topic Ethical Hacking. This is also known as penetration testing or white hat hacking involves the same tools, tricks and techniques that crackers use but with one major difference: Ethical hacking is legal.

The overall goals of ethical hackers:-

  1. Hack systems in a non-destructive fashion.
  2. Enumerate exposures and if necessary prove to upper management that exposure exists.
  3. Apply results to remove vulnerability and better secure your systems.

Understanding the threats our system face:

 Attacks Threat Level Ease Level Incident Level
 E-Mail Security 8/10 HIGH 10/10 HIGH 4/10 LOW
 Instant Messenger 8/10 HIGH 10/10 HIGH 6/10 MEDIUM
 Intellectual Property Thefts 9/10 HIGH 9/10 HIGH 9/10 HIGH
 Password cracking Attacks 10/10 HIGH 8/10 HIGH 6/10 MEDIUM
 Identity Attacks 5/10 LOW 5/10 LOW 6/10 MEDIUM
 Input Validation Attacks 10/10 HIGH 7/10 MEDIUM 6/10 MEDIUM
 Denial Of Service Attacks 10/10 HIGH 10/10 HIGH 10/10 HIGH
 Buffer Overflow Attacks 10/10 HIGH 5/10 LOW  6/10 MEDIUM
Social Engineering Attacks 10/10 HIGH 10/10 HIGH 9/10 HIGH

**The Rating given to each attack is based upon feedback received from over 50 different industry sources,clients and government bodies across South-East Asia and Australia.

Below are discussed some common attacks-

(1) Password Cracking Attack

There are following types of Password Cracking Attacks-

(a) Password Guessing

Here Personal information is gathered by an attacker ,then tries to guess the password.The common passwords that attacker tries:

  • Loved one,s name + Birth date/phone number;example, elizabeth0302

(b) Default Password

A high number of application have inbuilt default password that have been configured by the programmers during development.Most people disable the default passwords during the installation period but many people didn’t do that.So it is easier for an attacker to crack it.

(c) Dictionary based attack

This is an example of hit and trial password-cracking technique used by an attacker.

(d) Brute force attack

This is a most effective attack.An automatic tool is used that tries all possible combinations of the available keys as victim’s password.

Popular tools are:

  • Lophtcrack
  • NTFSDOS
  • John the Ripper

(2) Dos Attacks

dos attack

victimising your system

ATTACKER——————>Sends malicious/infinite data————————>VICTIM

VICTIM———————Cannot Handle Malicious Data————————->CRASHES.

There are variety of known DOS attacks on the internet,namely:

(a) Ping of Death
(b)Teardrop
(c) UDP flooding
(d) Smurf attacks
(e) SYN flooding

Popular tools are:

  1. Tribal Flood Network
  2. Trin00
  3. Stacheldraht
  4. Shaft

(3) Social Engineering Attacks

 

social engineering attacks

stealing your banking credentials

Types :

(a) Impersonation: In this,social engineer pretends to be someone else like the system administrator,technical helpdesk, ISP and so on.

Example:

Attacker:Our primary FTP server is facing some problems because of which certain user accounts have been blocked.

Victim:Oh my god! Does that mean i will not be able to upload my projects updates for my clients.

Attacker:We are currently in the process of testing validity of all user accounts.i will need your help to test your account.

Victim: ok..

(b) Intimidation: In this the attacker pretends to be either working closely with the bosses or calling from global head quarters.The fear of displeasing the big bosses make the victim speak private information to an attacker.

(c) Fake Prompts: In this the victim is sent a fake login prompt that ask him/her to re-enter the login and password at the time of any network failure.

Conclusion :

Example:The biggest problem that NASA have been facing in all its space missions is that of disposing human wastes and providing and storing pure drinking water for the crew aboard. Young biologists suggested, ‘Human wastes be converted into pure drinking water by passing it through advanced chemical processes.’ At first his colleagues had been uninterested of this rather strange idea. However later after some discussions, they conclude that negative non-useful elements can be used to get something good and useful.

From the above, history has shown that to eliminate harmful elements one needs to get some of these harmful elements onto his side and then only declare war. All the cyber laws in the world cannot discourage computer criminals. Crackers are getting really smart today and it is becoming increasingly easier for them to break into a system. Laws are absolutely useless when system administrators themselves are becoming ignorant of computer security. It has become necessary to teach people how crackers work and how to protect computers system from crackers. If this is not done soon, then the crackers will get way ahead in the security race.Due to this many ethical hacking program has been started like:

  • AFCEH(Ankit Fadia certified ethical hacker program )
  • CEH(Certified ethical hacker)

Finally my opinion is instead of being afraid of fire, it would be much better to live with fire and fight fire with fire itself. Computer security is a very dynamic field, with new loopholes, attacks and techniques being discovered every day. This makes it very important for us to keep up to date with the latest developments in the world.

Feel free to comment below…

Oureducation.in is the best source of your learning

Tell us Your Queries, Suggestions and Feedback

Your email address will not be published.

24 Responses to Ethical Hacking as a Shield against Cyber crime

  1. Palakpuja Panda says:

    Internet is a very viable part of our daily life. But is also a threat posed to us by the hackers, or the unethical hacker and to combat these unethical measures science has found out an effective method-ethical hacking. So should read this article to know what hacking is and when is it legal and illegal.

  2. Aritra Roy says:

    Its very informative article about hacking on whole. But, it would have been better if the writer paid a little bit more attention in giving more detailed explanations of the various technical terms used. Anyways cheers!!!

  3. Aritra Roy says:

    Its a very informative article about hacking. But, it would have been better if the writer went more into details of the terms used. Anyways cheers!!!

  4. vishwajeet kr. karna says:

    Before reading this article i think hacker as bad guy but this article clears my doubt.
    after reading this article i understood the actual meaning of hacker and many more..

  5. Prasanta pramanik says:

    Cyber crime is a big issue in today’s world.India has to incur huge loss due to this crime.The only way to prevent this loss is to teach people regarding this.This is what ethical hacking does.
    This article is good to aware people of this crime and motivate people to learn ethical hacking to prevent their system from the attacks which this article include.

  6. Sanjeet Singh says:

    This article clears my doubt regarding hacking & Cracking.It also shows that what is the importance of ethical hacking which generally normal people afraid of.
    It is correct that “To Catch a thief ,think like a thief”.

  7. Saheli Dasgupta says:

    Internet is a very indispensable part of our daily life today. But the greatest threat posed to us while working on this platform is by the hackers, or specifically the unethical hackers. But now a days to combat these unethical measures the organizations have found out an effective method-ethical hacking. As stated in the article above it is way by which we can think in a way the unethical hackers do and hence take the necessary methods to prevent it. Network security is a very grave issue for companies or organizations who wish to preserve their privacy. But many times the ethical hackers are hired and they are assigned with unethical work such as cracking the password of other rival companies etc. So, now a days there are many things done in the name of ethical hacking, so in a way ethical hacking does provide a shield against cyber crimes. Must read this article to know about what hacking is and when is it legal and when not.

  8. shreya sarkar says:

    Hacking is a term that no one needs to be introduced to. When we hear the term hacking we only think about the bad guys. Ethical hacking can be used as a shield from cyber crime. Many organisations, military etc use ethical hacking to gather information about their enemies. They hack into their enemies database and hack information that can be used against them and hence protect their nation. I only had a brief idea about ethical hacking but by reading this article I cam to know more. A must read!

  9. SHRUTI PRIYA says:

    An ETHICAL HACKER is a computer and network expert who attacks a security system for any organisation, seeking vulnerabilities that a malicious hacker could exploit. An ethical hacker is sometimes called a white hat, a term that comes from old Western movies, where the “good guy” wore a white hat and the “bad guy” wore a black hat. Do go through this article to know about them as it is legalized…. you can idea regarding threat level,ease level,incident level,types and tools.

  10. Urvashi Khanduja says:

    Ethical hacking is legalized. Some people have a misunderstanding that hackers are bad guys. Ethical hackers are not bad guys, they work for a organization. They use our their data for good and not for theft. As we now cyber crime is increased to a greater extent. For this, there is a cyber crime cell in police station. These ethical hackers work their and helps police in investigation.

  11. RAHUL KUMAR says:

    Very great article,,I have found Ever….an useful and and give excellent knowledge about the HACKING….which is more benificial nowadays.When cyber crime is increasing very fastly..I hope more&more knowledge about HACKING ,I will get from here further..THNKS a lot……

  12. rahul raj says:

    Cyber crime is a very big and dangerous issue in present scenario of cyber world. Talking about India we can say that we are not very well aware of the cyber crime and its varied consequences. To protect and guard ourselves with the cyber crime we should have a knowledge about this.
    This article really helped me to know about hacking, the difference between hackers and crackers which we generally are confused of and attacks which are most likely to occur.

  13. sibanjan says:

    an ethical hacker is usually employed by an organization who trusts him or her to attempt to penetrate networks and/or computer systems, using the same methods as a hacker, for the purpose of finding and fixing computer security vulnerabilities. ……..
    this article will help all of us….. in present days we all are actively or passively dependable upon internet… for banking to socialization.. every thing is going to be on air…. this part will help us to know about the internet security…

  14. barun kumar singh says:

    “ETHICAL HACKING”. Today a lot of people listen to this term but they the only word that they pay attention to is “HACKING”. The only reason behind this is they are not familiar with the situation that hacking can be ethical. I would just say if Hacking wouldn’t have been ethical, today, terrorists would have ruled the world the way they would have liked as Ethical hacking is the only way by which we are able to get to catch the wrong ideas of the terrorists so as to prevent them from doing any harm to us (NOTE: as hacking is the method used by them to communicate for popularizing Terrorism)

  15. ARPIT TARAN says:

    As the name hacker arises people think it in a wrong way. But some are hackers and others are ethical hacker which is illegal, it is against crime. People often misunderstood hacker word as many of them suffered from hackers actions or we can say they break into accounts & uses information of the user. We are significantly almost dependent on the internet and these ethical hackers are against crimes. Ethical hackers never commit crime & they never damage any system. They are professionals who break into system not for stealing purpose rather just for checking security level. They have good networking skills & also good at programming.

  16. Atif Pall says:

    “Hacking” is one word that needs no definition. everyone of us is aware of this term for sure. Hacking is a procedure that takes control of the activities in a computer . Hackers are specially trained computer experts who are employed by individual companies or any government sector for their security . The current state of online security is poor, and there is slow progress towards increasing its protection. This has resulted in action being taken, termed as Ethical Hacking. The work of ethical hackers is to find bugs and fix them.Bugs are not viruses but is a smart way of doing a business.

  17. sayantan ghosh says:

    I LIKE UR HARDWORK..IT WILL B VERY USEFUL FOR UNDERSTANDING D DIFFERENCE BETWEEN HACKERS AND CRACKERS..
    AT D SAME TIME… IT WILL OPEN A WIDE SCOPE IN D FIELD OF ETHICAL HACKING…

  18. preeti nisha says:

    The above mentioned information is very useful for all the internet users. This post discusses all the distinguished facts and myths about hackers and the most important note that it bring into consideration is difference between ethical “hackers” and non ethical “crackers”. One must understand the plethora of ways that the illegal crackers are today adopting to enter into anyone’s account illegally. We have to learn the ways to protect ourselves from internet attacks which can only be incurred from learning about malware, phishing. I myself have faced this sometime back when was my facebook account was being hacked or better say “cracked”. Thus this post is a “MUST READ” for everyone.

  19. Kriti Das says:

    Internet has become an integral part of our lives.Increase in use of internet has also led to an increase in number of crimes being done via internet.Ethical hacking is just a way to protect or prevent against cyber crime.
    Hacking cannot be taken always in negative sense.At times,it becomes essential to hack a system to increase its security,to protect it against intruders.Just to undo the negativity involved,we call it ethical hacking.I find it to be field of enormous possibilities.Our dependence on internet will only increase in coming time.Internet crimes will increase in same proportion.Ethical hacking is something each one of us will be looking forward to in time to come.

  20. BIKASH KUMAR MANDAL says:

    CISE (Certified Information Security Expert) certification is one of the most recognized International certification in Information Security and Ethical Hacking. The Program covers all aspects of Information Security and Ethical Hacking, enabling one to become an Information Security Expert. Online Security Breaches are happening at a very fast rate and experts are needed to check and cure these. ITS (IT Security) Experts are in demand. According to NASSCOM, the demand for ITS Experts is going to rise substantially worldwide…………..Indeed a very utile and efficacious article, got to cognize valuable sort of blue-chip.

  21. ashish ranjan says:

    good..it’s really very nice article. I gain a lots of information about hacking (& also cracking).

  22. Gourav Kumar says:

    In today’s world, internet is an integral part of any person life, almost everything depends on it and hacking is such a word that can frightened anyone but ethical hacking is not hacking for destructive purpose and many people doesn’t understand it.
    So this article helps a person to understand all the aspect of hacking and how ethical hacking is different for people and its benefits.

  23. Tuhin Banerjee says:

    Indeed a great compilation of facts and knowledge . Great post especially for world where internet and cyber regime is on its height .Well ,Cybercrime is criminal activity done using computers and the Internet.
    It goes from Stealing bank account details to hasty nasty CPU cycles .

    Perhaps the most prominent form of cybercrime is identity theft, in which criminals use the Internet to steal personal information from other users. Two of the most common ways this is done is through phishing and pharming.
    Anyways Awesome blog post , it will surely run lines of knowledge among users.

  24. K Rohit says:

    Really a nice read, very helpful in stating all the aspects regarding hacking .Infringement of private and public property is a very big issue in a place like India where there are lesser cyber laws than any other country, with a huge amount of attacks in the cyber world. Only because of the competence of these white hat hackers are like heroes to us who live in anonymity in this world of internet.

    #respect

« »