Some of you may have noticed that we have turned the comments portion on our blog off. This will remain off temporarily because someone has been inundating us with spam comments. We have also had our fair share of someone trying to disrupt our site for their own use. I don’t know about you, but every time I turn around, another large company has been breached by hackers– 6 months back Target stores were breached, JP Morgan and more recently Home Depot. It is so completely frustrating and alarming, because as consumers we are constantly having to cancel credit cards and change our passwords in hopes that no one steals our personal information. This leads me to ask, why? There are four reasons I can tell you why people hack. I will also share how we can prevent this from happening .
Hacking to Steal:
One of the main reasons that people hack a system is to steal information or money. A large portion of hacking attempts fall into this category. Banks and large companies are common targets for hacking jobs, but sometimes smaller companies or even a specific person’s computer are targeted, as well.
Hacking for Fun:
Some hackers make attempts on computers, servers or network systems just for their personal gratification. Others may feel that they need to prove something to their peers or friends, and hack something only for the challenge.
Hacking to Use:
They want to use your computer. They will use your computer like an internet relay chat so they can discuss openly things they do not want to discuss on their own servers. They store illicit material (pornography, pirated music, pirated software etc.) on your computer so this illegal activity does not lead to their own computer.
Hacking to Disrupt:
There are also some hackers, including hacking groups; that target a company for in order to disrupt business, create chaos and just be a nuisance. These groups often be trying to make a statement with their hacking, demonstrate security inadequacies, or to show general disapproval for the business itself. Examples of hacking groups that made headlines are Anonymous and LulzSec.
So now that you know why people hack, here is some additional information to consider.
What are hackers?
Hackers are people who try to gain unauthorised access to your computer. This is normally done through the use of a ‘backdoor’ program installed on your machine. You can protect yourself from these by using a firewall and a good up-to-date anti-virus program. You would normally get such a backdoor program by opening an E-mail attachment containing the backdoor program. It is normal for such a backdoor program to send out more copies of itself to everyone in your address book, so it is possible for someone you know to unintentionally send you a malicious program. A few backdoor programs can work with any e-mail program by sitting in memory and watching for a connection to a mail server, rather than actually running from within a specific mail program. These programs automatically attach themselves to any e-mail you send, causing you to unintentionally send out malicious programs to your friends and associates.
What damage can a hacker do?
This depends upon what backdoor program(s) are hiding on your PC. Different programs can do different amounts of damage. However, most allow a hacker to smuggle another program onto your PC. This means that if a hacker can’t do something using the backdoor program, he can easily put something else onto your computer that can. Hackers can see everything you are doing, and can access any file on your disk. Hackers can write new files, delete files, edit files, and do practically anything to a file that could be done to a file. A hacker could install several programs on to your system without your knowledge. Such programs could also be used to steal personal information such as passwords and credit card information. Some backdoor programs even allow a hacker to listen in on your conversations using your computer’s microphone if one is attached!
The first step that your criminal hackers undertake is to find known or common weakness in the various website platforms. Popular platforms that are regularly under attack are WordPress, Joomla, Magento, osCommerce, and Zen Cart. These platforms are popular with hackers because they are popular with masses who are attracted to their open-source nature and the fact that they are free. Hackers will obviously be able to attack and reach more computer systems the more popular the platform.
Advice on Protecting your PC:
A skilled hacker will do whatever it takes to break into your computer. Just ask Microsoft. Even a giant software company is not completely safe. The company was hacked by a Trojan-horse program hidden inside an innocent-looking email attachment. The Trojan horse replicated itself throughout Microsoft’s internal network and eventually emailed proprietary secrets back to the originator of the Trojan horse. Follow these six steps to protect your computer from being hacked:
* Don’t let other people onto your computer unless you really trust them. A great way to do this is to password-protect your computer.
* Don’t ever open attachments. Avoid Trojan horses and viruses by following this rule. For more information, go here.
* Turn off file sharing if you don’t need it. If a port scan is done on your computer, a hacker may find a back door to your machine and access your files.
* Use an antivirus program and keep it up to date. For more information, go here.
* If you have a constant Internet connection, use a firewall. For more information, go here.
* Routinely update Windows software. This is extremely important. Updates fix many bugs and known security holes within the Windows operating system.
How do I know if a site is secure?
Internet security is a matter of great concern for internet users. It is important to know if a website is secure or not while surfing the internet. A secure website creates a safe connection between the website and the web browser so that entered data, such as personal information, credit card details, banking information, etc, is not accessible to unauthorized entities. When the browser opens a secured connection, “https” can be seen in the URL instead of just http. To know if a website is secure or not, look for the locked yellow colored padlock symbol on the lower right corner of the browser window.
There are two general indications of a secured web page:
1) Check the web page URL
Normally, when browsing the web, the URLs (web page addresses) begin with the letters “http”. However, over a secure connection the address displayed should begin with “https” – note the “s” at the end.
Try it! – Visit our home page (http://www.ssl.com). Note the URL begins with the “http” meaning this page is not secure. Click the link in the upper-right hand corner to “Log in”. Notice the change in the URL? It now begins with “https”, meaning the user name and password typed in will be encrypted before sent to our server.
2) Check for the “Lock” icon
There is a de facto standard among web browsers to display a “lock” icon somewhere in the window of the browser (NOT in the web page display area!) For example, Microsoft Internet Explorer displays the lock icon in the lower-right of the browser window:
MS Internet Explorer Lock
As another example, Mozilla’s FireFox Web Browser displays the lock icon in the lower-left corner:
Mozilla FireFox Lock Icon
THE LOCK ICON IS NOT JUST A PICTURE! Click (or double-click) on it to see details of the site’s security. This is important to know because some fraudulent web sites are built with a bar at the bottom of the web page to imitate the lock icon of your browser! Therefore it is necessary to test the functionality built into this lock icon. Furthermore, it is very important to KNOW YOUR BROWSER! Check your browser’s help file or contact the makers of your browser software if you are unsure how to use this functionality.
Try it! – Visit our home page (http://www.ssl.com). Click the link to “Log in” to initiate a secure session. Note the lock icon display in YOUR browser. Click the icon, or double-click (varies by browser), and examine the security information displayed about the web site. If there is no display at the bottom of your browser try clicking “View” in the main menu and make sure “Status Bar” is checked.
Other Indicators of a Secured Web Page
Many SSL Certificate vendors (Verisign, GeoTrust, SSL.com, etc.) also provide a “site seal” to the owners of these web sites. Common characteristics of these site seals include:
High Visibility – Online merchants want you to see these site seals. They want you to know they have made every effort to make their site a safe shopping experience. Therefore, the site seal is usually located where you, the customer, can easily see it.
Difficult to Duplicate – The site seals are designed to be difficult for thieves and scammers to duplicate. Many times the site seal will have a date and time stamp on it.
Verification Functionality – The site seal should have some functionality whether by clicking on the seal or by hovering your mouse over the seal. The functionality should display detailed information about the web site you are visiting.
These site seals should not necessarily be trusted on their own, but should serve as a reminder to “investigate further”…
1) Check for that “https” in the prefix of the web page address.
2) Click on that “lock icon” in the status bar of your browser.
If everything looks good, the company or individual(s) running that web site have provided you with a safe means of communicating your sensitive information. The web page is “secure”.