Introduction to Computer & IT Insecurity

Introduction to Computer & IT Insecurity

Computer security and IT security are terms associated with the protection of computer software, hardware, and the network systems from the hazards of external attacks from virus, cracking, hacking, etc. In fact, the security measures and policies aim at safeguarding or protecting the information systems and information from anyone other than the administrator including consultants, customers, employees, suppliers, and the malevolent hackers.

But unfortunately, the security precautions that majority of the present-day computer-systems have are very limited. Most of the present day efforts for maintaining IT security are designed to consider the system on which they work as the ‘trusted system’ and focus primarily on the external hazards posed by crackers, virus, hackers, etc. However, some of the domain experts believe this kind of a distinction between the external perils and the trusted system is the major cause of majority of the security concerns that arise in current systems.

For instance, if an attacker (external) manages to undermine a single portion of the system that had no security provisions, he/she will easily have access to almost all the other system features. Moreover, this kind of a security standpoint is more likely to result in insecure systems as most computer systems are highly complex and 100 percent defect-free system cannot be guaranteed.

Security breaches in computer systems can lead to an enormous financial damage. The cost of revamping the systems after the damage caused by identity thefts, phishing, and computer worms, etc., might be quoted in millions of dollars. Inpiduals and organizations will have to probably undergo a time-consuming, costly process of getting their computer systems, infected with malware or spyware, cleaned. Physical and computer security are similar in many ways. Similar to the real-world physical security, the primary motivations behind computer security breaches vary greatly between the attackers, also sometimes referred to as crackers or hackers.  In order to block these attacks and protect one’s computer system, one needs to follow a number of techniques.

However, before understanding and using these techniques, it is important to first understand the details of all the different kinds of ‘threats’ or ‘attacks’ that may be made against your system. Most of the threats or computer security vulnerabilities are categories into 7 classes – exploits, eavesdropping, social engineering, denial of service exploits, indirect attacks, backdoors, and the direct access attacks. Besides, hacking, cracking, penetration, ethical hacking, and vulnerabilities are some of the things you must be aware of in detail so as to become efficient enough to safeguard your computer systems. This article provides a brief description of these aspects to make your job easier.

Cracking

Breaking into someone else’s computer system, especially into a network, is referred to as ‘Cracking’. Cracker, the inpidual who does the cracking, may get involved in the act maliciously, to earn profits, to enjoy the challenge involved, or for other altruistic causes. Besides, some cracking is also apparently done to identify the weaknesses in the security system of a website. In contrast to the common belief, there is no baffling ‘hackerly’ brilliance involved in cracking. Instead, cracking has more to do with dogged repetition and persistent use of a few popular tricks to exploit the weaknesses of the target system’s security. The concept of cracking can be best explained through two of its common forms – Software Cracking and Password Cracking. Password Cracking is mainly used as a means for hacking.

Software Cracking

Introduction: Software cracking refers to the act of modifying software in order to disable or remove features that are considered as ‘objectionable’ by the cracker. It is typically associated with protection methods such as copy protection, trial versions, hardware key, date checks, serial number, software annoyances, and CD checks. The use or distribution of such cracked copies of software in considered to as illegal in nearly all the developed countries across the globe. Numerous lawsuits have been filed over the issue of software cracking till date. The first copy-protection, in fact, was on the early Commodore 64, Apple II, and Atari 800 software. The publishers of various software, especially those involved in gaming software, have resorted to highly sophisticated measures over time in an attempt to put a check on the unauthorized software copying.

Evolution: Initially, majority of the crackers were computer aficionados or geeks, who often competed in their own groups in the spreading and cracking of various software. Interestingly, being able to break into a new scheme for copy protection in the shortest possible time was enough to prove one’s technical superiority over others in the group. In fact, several low-skilled computer hobbyists used to edit the unencrypted strings of text of the already cracked software to alter the messages provided to a game player in the gaming software, and passed such modified copies into pirate networks just to create some fun. As the technical know-how of cracking evolved with time, the crackers began to advertise their skills through ‘crack intros’ or ‘Demoscenes’, which they attached with the cracked software release for pirated distribution. After 1980's, most of the software crackers, especially those with an in-depth knowledge of the assembly needed for cracking protected systems, emerged as reverse engineering experts capable of reverse-engineering a Windows binary-only driver into a driver with Linux source code. Today, the small, ‘elite’ cracking groups function as ‘The Scene’ to compete with the fellow crackers and reverse engineers to develop new cracking techniques, but not for profit.

Methods:

1. The commonest among all the software cracks includes making a change in the binary of an application to prevent or cause a particular key branch in execution of the program. This kind of a modification is brought about by using debuggers, like OllyDbg, SoftICE, Macs Bugs, or GDB, to reverse engineer a compiled program until the particular subroutine containing the key method of software protection is identified. A hex editor or a debugger is then used to modify the binary in a way that it replaces the original branching ‘opcode’ with the complementary NOP opcode. This makes the key branch always skip over the specific subroutine or execute it completely. Majority of the software cracks follow this method, with or without a little variation. This kind of modification is made difficult to accomplish by use of developing techniques, like encryption, self-modifying code, and code obfuscation.

Example: The cracks, which remove the expiration time limits from an application’s trial version, are a good example of this cracking method. They are nothing but brilliantly coded programs made for patching a program executable and quite often are ‘.so or .dll’ files linked to applications. Similar cracking methods are employed in case of software that need hardware dongles.

2. Another popular method of software cracking is to identify the software used in protection application using special software, like CloneCD. Once the copy-protection applications are scanned, special tools are used to delete the software’s copy-protection and then copy the software on the hard disk of the user using programs, such as Game Jackal, Daemon Tools, Clone DVD, and Alcohol120%.

Example: The commercially available copy-protection applications scanned using this method include StarForce and SafeDisc.

3. Some software crackers also manage to access software’s original source-code by decompiling a program, like the scripting languages using JIT Compilation.

Example: Debugging or cracking into the .NET platform by modifying CIL is a good example of this method.

4. Advanced techniques of reverse engineering are used to crack into protection applications, like StarForce, SafeDisc, and Securom.

Effects of Software Cracking & Current Industry Scenario: The most controversial consequence of cracking is the release and distribution of fully functional proprietary software without copy-protection applications. Such kind of software piracy leads to substantial financial damages for business organizations. To ensure protection of its software, Apple Computers have incorporated the ‘Trusted Platform Modules’ into the Macintosh product line and other applications, such as Rosetta. Protection against cracking of Windows software was reduced to a great extent by Microsoft by incorporating the Next-Gen Secured Computing Base into all the future versions of its OS.

Password Cracking

It refers to the act of retrieving passwords from the data transmitted by or stored within the targeted computer system. The main motivations behind password cracking include retrieving a forgotten password, gaining unauthorized system access, preventing use of crackable passwords. The most popular attack methods or ways for password cracking include weak encryption attacks, guessing, brute force, and dictionary attacks, precomputation, and salting methods. The main software that are used for password cracking include Hydra, LastBit, ElcomSoft, and Cain & Abel. Password cracking  can be prevented by using various means to block access to encrypted passwords by the crackers, For instance, the encrypted passwords of the UNIX OS, which were initially stored on easily accessible file/etc/password, are now stored on file /etc/shadow, accessible to only those programs that run with system privileges. In modern UNIX systems, the old password hashing methods based on DES have also been replaced by better techniques based on Blowfish and MD5.

Hacking

Hacking is a term that is associated with the act of re-programming or re-configuring a system to make it work in ways that have not been facilitated by system administrator, designer or the owner. While the term “hack” refers to a quick or clever fix to problems of computer programming, such as ‘Kludge’, the term ‘hacking’ has many related meanings. The two terms are also often utilized to signify the act of modifying a device or a program to enable the user to access the otherwise inaccessible features by using techniques like ‘circuit bending’. Hacking is, thus, more commonly used to denote the more despicable criminal cyber acts, like credit card frauds, identity thefts, and other such cyber crimes.

Methods: Besides Password Cracking, other common methods used by the hackers to breach a computer system’s security include introduction of Trojan horses, exploiting defaults, MITM Attacks, Wireless Attacks, and a thorough vulnerability research.

Famous Examples of Hacking

1. The first PC, the Apple Computer, was hacked by Steve Wozniak and Steve Jobs.
2. 7/11 hacking from Russia resulted in a looting of nearly $180,000 from ATM's in New York in year 2008. In this case, the ATM Company’s main server was hacked.
3. In year 2003, Brandon William and William Grace, hacked into the computer systems of California Court and dismissed several pending cases from the database.
4. In year 2002, members of the two major ‘elite’ hacking groups, named Reservoir Dogs and Mentors, were arrested in Italy for hacking into the systems of NASA, US Navy, and US Army.
5. In 2003, the traffic from the Al-Jazeera, an Arabic news channel, was directed to a site that featured an American Flag with a provoking message.

Cracking vs. Hacking – How are they Different?

Although many people use the two terms, “cracking” and “hacking”, synonymously, they are technically quite different from each other. The confusion arises mainly because of 2 reason – (i) Most low-skilled crackers refers themselves as hackers, and (ii) The media also sometimes refers the crackers as ‘hackers’. To put it in simple words, if hackers are meant to ‘build things’, crackers are meant to ‘crack them’! There is no baffling ‘hackerly’ brilliance involved in cracking. Instead, cracking has more to do with dogged repetition and persistent use of a few popular tricks to exploit the weaknesses of the target system’s security. In other words, cracking is nothing, but just a mediocre form of ‘hacking’. Hacking, on the other hand, is something that usually deplores cracking.

Hackers are usually computer aficionados or information seekers, keen at exploring various computer networks and systems. Hacking into an unauthorized system in no doubt illegitimate, it is considered ethical if done with a good intention of identifying vulnerabilities in the system. Thus, white hat hackers follow certain code of ethics. However, the same does not apply to the black hat hackers, who do hacking for theft, breach, or vandalism. These black hat hackers who engage in malicious practices are called ‘attackers’ or sometimes, ‘crackers’. According to Jeff Schiller of MIT, crackers are usually not sophisticated domain experts and lack the technical skills of a hacker.