Hacking
Hacking refers to the unauthorized entry into the operating system or files of a computer or computer network. Hacking can be a deliberate part of the quality control of a system's security. More often, however, hacking is done for other reasons, such as espionage, terrorism or a prank.
The concept of hacking has changed over the past four decades. First, hacking was mainly the domain of a small cadre of highly computer literate youth who viewed hacking as a malicious prank, a game, or an act of protest. With the advent of the modem and the great increase in the number of computer users, the number of hackers increased. Also, the utility of hacking as a means of espionage and political demonstration were recognized, leading to the emergence of a professional variety of hacker.
Hacking crimes are estimated to cost United States corporations upwards of $63 billion a year. Government agencies are not immune. The U.S. Department of Defense network is attacked by hackers some 250,000 estimated times each year, with only one in 500 of these incidents detected. The incidents include stealing or destroying data, disabling protection systems, and shutting down entire networks.
Hacking can compromise an entire organization, such as the destruction of a Web site, or may involve the corruption of a few files. The hacking process has several components. The first involves what is known as foot printing, the ability to obtain essential information about the target organization. The sort of vital information that a hacker requires includes the technologies used, Web page design, and security policies. Next, a network could be scanned to determine its organization and potential targets in detail. One basic scanning method is known as the automation ping sweep. A ping sweep surveys Internet provider addresses to determine if individual systems in the network are functioning. Essentially, the sweep consists of sending a specific type of message and monitoring for a reply. Finally, a process called enumeration can be used to extract information on user accounts and shared resources. If a valid user name is located, a hacker will attempt to discover the relevant password. If successful, a hacker will have access to the computer system.
Other tools for hacking are readily available, public documents. Examples include USENET and EDGAR, the latter a database run by the United States Security and Exchange Commission. The annual reports and other corporate information on EDGAR can provide important insight into the breadth of an organization.
Billions of dollars are spent annually worldwide in efforts to protect computers and networks from hacking. There are several guards to hacking. The first is the use of firewalls--systems that function analogous to a gatekeeper, checking passwords and other user identifiers of any user from outside the network. The best firewalls isolate incoming messages from the rest of the network. This is an important feature because a popular hacking trick is to imbed a malicious code in e-mail sent to a network address.
A second technique to thwart hacking is known as password protection. Users must identify themselves using a password assigned by a network administrator in order to avail themselves of network services. Frequent changing of a password enhances the protection.
A third anti-hacking technique is encryption—the scrambling of, typically, text to make the text unreadable. Software allows the encryption of data and tools for the restoration of the original message by the recipient. Audit trails can also restrain hacking, as the path of activity on a network and individual work stations can be retrieved.
Computer security is still a low priority at many organizations. However, with the burgeoning of the Internet and the establishment of in-house intranets, which network the computers on which the companies' existence depends, the issue of hacking can only grow in importance.
This is the complete article, containing 620 words
(approx. 2 pages at 300 words per page).
