Perpetrators
You often hear the nomenclature of computer menaces refer to hackers, intruders, script kiddies, virus writers, bot herders, and phreakers. Just what sorts of people are these, anyway?
Hackers
These days hacker is a broad-brush term implicating almost any person who has computer skills and mouse in hand as a wild-eyed cybervillain. Actually, the real hacker is a rare breed indeed: extremely knowledgeable, patient, creative, resourceful, and well aware that knowledge is power. He or she is determined to find a new way to explore and maybe exploit some particular system, protocol, or program. He or she studies the architecture and design of the target in order to better understand how they work, and perhaps find a weakness and exploit it. The reasons for doing so can be complex.
Hackers are often employees with day jobs who experiment after hours. Most hackers are socially responsible and want to discover weaknesses in computer hardware, software, and firmware and help get them fixed before icky, bad people discover them and cause real damage. Some are hired as consultants to ply their skills to test and improve system security.
Many years ago, being a hacker was a badge of honor, associated with intelligence and ingenuity. But in popular culture, the term now carries near- universal connotations of troublemaking and criminal activity.
Script kiddies
Script kiddies are individuals with nowhere near the technical acumen of real hackers. Instead, they acquire programs and scripts developed by hackers and use those ready-made tools to carry out attacks. Frequently, script kiddies don’t even know how their attack tools work.
Don’t underestimate the power of script kiddies, however. They can cause significant damage to systems and networks if they’re determined to attack them. A fool who has a tool may still be a fool — but with the right tool, even a fool can wield a lot of power and do a lot of damage.
Virus writers
Like hackers, virus writers — or VXers — can span a broad range of expertise. Some virus writers are highly skilled and creative, quite able to engineer an effective virus on their own. But like script kiddies, many virus writers rely on templates and illicit virus cookbooks to create subtle variations of existing viruses.
Bot herders
Bot herders are individuals who establish, grow, and use bot armies to carry out attacks and cause other types of trouble. They may develop their own bot software, but mostly they use bot software developed by others.
Phreakers
The original phreakers were people who cracked telephone networks in order to get free long-distance service. Improvements in telephone networks have rendered the original techniques useless, and some phreakers have resorted to outright criminal acts, such as stealing long-distance calling cards.
The term phreakers is sometimes used to describe hackers who try to break into systems and services in order to get free services.
Black hats and white hats
These are just terms for the bad guys and the good guys, respectively. There is a Black Hat security conference, and we hear it’s interesting. Guess who goes.
Prep Test
1 Masquerading as another person in order to obtain information illicitly is known as
A Hacking
B Social engineering
C Extortion
D Exhumation
2 Viruses, rootkits, and Trojan horses are known as
A Maniacal code
B Fractured code
C Infectious code
D Malicious code
3 Antivirus software that detects viruses by watching for anomalous behavior uses what technique?
A Signature matching
B Fleuristics
C Heroistics
D Heuristics
4 A developer, suspecting that he may be fired soon, modifies an important program that will corrupt payroll files long after he is gone. The developer has created a(n)
A Delayed virus
B Logic bomb
C Applet bomb
D Trojan horse
5 A SYN flood is an example of a
A Dictionary attack
B High Watermark attack
C Buffer Overflow attack
D Denial of Service attack
6 The process of recording changes made to systems is known as
A Change Review Board
B System Maintenance
C Change Management
D Configuration Management
7 A system that accumulates knowledge by observing events’ inputs and outcomes is known as a(n)
A Expert system
B Neural network
C Synaptic network
D Neural array
8 The logic present in an object is known as
A Encapsulation
B Personality
C Behavior
D Method
9 The restricted environment that Java applets occupy is known as a
A Sandbox
B Workbox
C Trusted Zone
D Instantiation
10 An attacker has placed a URL on a website that, if clicked, will cause malicious javascript to execute on victims’ browsers. This is known as a
A Phishing attack
B Script injection attack
C Cross-site scripting attack
D Cross-site request forgery attack
Answers
1 B. Social engineering. Social engineering is the process of obtaining information from people by tricking them into giving up an important piece of information, such as a modem access number. Review “System Attack Methods.”
2 D. Malicious code. Malicious code is the generic term used to describe computer codes used to inflict damage on a computer system. Review “Malicious code.”
3 D. Heuristics. Heuristics is the technique used to detect viruses by recognizing anomalous behavior. Review “Malicious code.”
4 B. Logic bomb. A logic bomb is a type of malicious code that’s designed to cause damage at a predetermined date in the future. Review “Malicious code.”
5 D. Denial of Service attack. These attacks are designed to incapacitate a system by flooding it with traffic. Review “Denial of Service.”
6 D. Configuration Management. This is the process used to record all configuration changes to hardware and software. Review “Configuration Management.”
7 B. Neural network. Neural networks become proficient at predicting outcomes by making large numbers of observations, noting the inputs and results of each. Review “Neural networks.”
8 D. Method. A method is the formal name given to business logic — also known as code — present in an object. Review “Object-Oriented Environments.”
9 A. Sandbox. This is the name given to the restricted environment in which Java applets reside. Review “Adding applets to the mix.”
10 C. Cross-site scripting attack. In a cross-site scripting attack, the attacker places malicious script language in a URL that will be executed on a victim’s browser. Review “System Attack Methods.”