Security Lesson 6: Think Like a Hacker

Security Lesson 6: Think Like a Hacker

Know the con to avoid being the mark

In many ways, hacking someone is knowing their human psychology. It's knowing that people are lazy and use the same password for multiple accounts, it's knowing they won't backup their data, it's knowing how to leverage fear to get them to hand over the keys. You can have the best encryption, use a password manager perfectly, and keep multiple separate backups, but if someone phones you and pretends to be the government and you fall for it, all bets are off.

This lesson is more about understanding what it is to be a hacker and make yourself less of a target.

White Hat vs. Black Hat

Not all hackers are bad. On one end, white hat hackers are trying to break into systems to find vulnerabilities, inform the system owners and help make the systems stronger. They can be hired to do penetration tests and security audits, and often work for respectable firms. They contribute to open source projects to remove bugs and add security. On the other end, black hat hackers are in it for financial and personal gain, or just to watch the world burn. In the ethical middle sit gray hat, who may be hacking governments or corporations to leak fraudulent behavior, or stealing from the rich to give to the poor.

Spy vs. Spy

Black and white are in a constant battle. Systems can never remain safe because it's far easier to find flaws than to fix them. Some vulnerabilities found years ago remain open and easy ways for black hat hackers to attack people.

Finding a Mark

Most hackers want easy targets, and refer to them as targets of opportunity. The less secure and diligent you are, the more likely you are to become one of these targets. There are many ways hackers can find a target:

  • actively looking for a starting place by searching social media, comments and reviews, or other public information
  • hacking into other systems that have your information stored in them
  • relying on previous hacks that have released private information online, including common passwords
  • scanning public Wi-Fi networks
  • following you and watching you until you enter your password in their sight
  • sending emails or making phone calls with private information to seem real

Social Engineering

Psychological manipulation of people into performing actions or divulging confidential information. Social engineering is a cornerstone of successful attacks, and almost all hacking contains an element of understanding what humans do. The video below shows a hacker successfully social engineering full root access to a company, which is the holy grail of an attacker and basically lets them do anything they want. This hacker is white hat because they had permission and performed the attack for educational purposes at DEF-CON, a hacking and security conference.

Social engineering attack at DEF-CON

Script Kiddies

Not all hacking is hard! The term for someone who isn't particularly skilled at programming but uses software to execute an attack is called a script kiddie, or skiddie or skid. And skids aside, even the most sophisticated hackers tend to use some tools created by others before them. The point is that just like there's sophisticated free software to do your taxes or edit your photos, there sophisticated free software to steal your identity and crack your bank account open. So don't assume the person on the other side is necessarily smart, or that they even have to be.

One of the most famous recent leaks of tools usable by script kiddies was when the hacker group the Shadow Brokers leaked a bunch of hacking tools believed to have been developed by the National Security Agency (NSA) of the United States. These tools are now available to script kiddies wishing to leverage the power of the NSA.

Methods of Hacking

There are many crafty and nefarious ways a hacker can attack. It is good to be aware of these methods.

  • malware (including viruses) is software that infects your device to take information or modify the system.
  • phishing is one of the most common attacks and is when a hacker impersonates a trusted entity (like your bank or email provider) and asks you to do something (like click a link or enter information) that will give them information or access to your systems.
  • zero day vulnerabilities are security flaws unknown to the software creator, but known to a hacker that uses a zero-day exploit to take advantage of it. open vulnerabilities can be known by the software creator, but may have not been fixed yet or can be present in un-updated older versions of the software.
  • wifi spoofing is setting up fake networks, usually in public places, and harvesting information and access when people connect to them.
  • keyloggers are a form of malware that monitor every key you type and therefore can collect your passwords.
  • brute force attacks are where a hacker simply tries every combination of password to access an account. They also frequently use a list of the most commonly used passwords. Brute force attacks are not effectively against long generated passwords from a password manager
  • denial of service (DoS) and distributed denial-of-service (DDoS ) attacks use one (DoS) or many (DDoS) machines to overwhelm a website or other system with requests and therefore making it unavailable for normal usage.

Real-Life Attacks

To make this real, here is a list of real life stories about some of the largest and scariest successful attacks.

Scary Attacks

  • Stuxnet was an extremely sophisticated attack that was found spread through many of the programmable systems controlling global infrastructure from dams to telephone networks to nuclear power plants back in 2010. It was determined in the end that the specific target was Iran, where Stuxnet spun the nuclear centrifuges too quickly, damaging them. It is speculated that Israel and the United States were involved in developing and executing this attack.
  • Baby monitor attacks hit their peak back in 2015 as an especially nefarious attack of opportunity. As cheap and remote accessible baby monitors became popular many had less-than-ideal security. Parents who didn't change the default settings of their baby monitors unwittingly streamed live imagery of their baby online for anyone to access. Changing the default password is important on any network connected device.
  • Heartbleed was a zero-day vulnerability in OpenSSL which is used for secure communication, and allowed an attacker to read through the encryption. It led to hundreds of social insurance numbers being stolen from Canadians among other breaches.
  • Spectre and Meltdown both attack vulnerabilities right at the processor level, and in the worst case can allow full takeover of machines.
  • KRACK stands for Key Reinstallation Attack and is targetted at WiFi security. If successful, it can break through the encryption on WiFi and allow an attacker to read all traffic on the network.

Famous Leaks

  • Edward Snowden is the most famous recent leaker. He stole information from the National Security Agency of the US. Among many other things, it exposed the PRISM surveillance program where the US government was taking private information from US internet companies. Edward Snowden is extremely controversial, and whether you think he is a traitor or a hero, he is a respected speaker on security and privacy techniques.
  • WikiLeaks is a controversial organization that leaks confidential information stolen by hackers with an outward stated goal of exposing corruption. There is much speculation that it is actually an arm of Russian intelligence. Regardless, their leaks have exposed unprecedented information to the public. These leaks include Vault 7, 2016 Democratic National Committee emails claimed to have been hacked by Guccifer 2.0, and documents behind the Trans-Pacific Partnership Agreement during its negotiation.
  • The Panama Papers were the result of an email hack on a law firm Mossack Fonseca in Panama. These papers exposed the depth and breadth of shady off-shore banking of many world leaders.
  • Sony Pictures was attacked in 2014. Confidential emails and other corporate information was leaked. It is suspected that North Korea was behind the attack, and the attack took over two months to execute. When they finished the hackers executed scripts to erase Sony's computer infrastructure.

Phew! Although there was a lot of scary stuff in this lesson, you should nevertheless feel more prepared to not be taken by hackers.

"To know your enemy, you must become your enemy."
- Sun Tzu, Art of War

Proceed to Bonus Lesson: Snowden-Level Security

Back to the Lesson Plan

Header image credit: Clint Patterson
Show Comments