Table of Contents
One of the most well-known terms in the world of cybersecurity, “hacking”, refers to the intrusive activities linked to exploiting a computer system or a private network without authorised access. The concept of hacking is commonly characterised by a “hacker”, an individual skilled in computer systems and information technology. They apply their technical knowledge to overcome security barriers within a system by non-standard and often malicious techniques.
Hacking, or the behaviours inherent by most hackers, is generally identified as being synonymous with cyber-attacks and other harmful or threatening acts. However, the terms “hackers” and “attackers” are not necessarily interchangeable, as some forms of hacking can have ethical and research-based intentions. Still, the threat of hacking is a serious matter that should not go overlooked in any context, especially as it pertains to cyber crime prevention and data breach protection.
Cybersecurity Education and Training Begins Here
Here’s how your free trial works:
- Meet with our cybersecurity experts to assess your environment and identify your threat risk exposure
- Within 24 hours and minimal configuration, we'll deploy our solutions for 30 days
- Experience our technology in action!
- Receive report outlining your security vulnerabilities to help you take immediate action against cybersecurity attacks
Fill out this form to request a meeting with our cybersecurity experts.
Thank you for your submission.
Hacking is broadly defined as exploiting vulnerabilities in an organisation's computer systems and networks to gain unauthorised access or control of digital assets. These activities involve identifying weaknesses in a computer system or network and further exploring and manipulating information with malicious or self-motivated intent.
In many cases, hacking involves a combination of technical knowledge, problem-solving skills, creativity, and persistence – all to bypass security measures and access private information or protected databases. While some forms of “white hat” hacking can be done ethically to improve security, it's most commonly conducted as a means to steal sensitive data, compromise systems, or spread viruses and malware.
The Difference Between “Hackers” and “Cyber Attackers”
A “hacker” traditionally refers to someone motivated by personal financial gain, information extraction, protesting, making a statement, or just because they can. However, it is now often mistakenly used to refer to cyber attackers who exploit these vulnerabilities solely for malicious purposes.
Attackers aim to gain unauthorised access to networks and computers, often for monetary gain or espionage purposes. But to defend against attackers and subsequent cyber threats, organisations can work with ethical hackers to identify and address vulnerabilities and make themselves a tougher target.
A Brief History of Hacking
For centuries, the term “hacking” originally referred to a process of rough cutting or chopping in an imperfect manner. But it wasn't until 1955 that “hacking” was first used about technology at a meeting of the Technical Model Railroad Club to describe how club members modified the functions of their train sets.
Into the 1960s and 1970s, the term's use evolved into a more computational and tech-related context. And by 1975, a more formalised definition of hacking was adopted by The Jargon File (a dictionary of terms used by computer programmers) as “A malicious meddler who tries to discover sensitive information by poking around. Hence password hacker, network hacker”.
By this time, the word “hacker” was associated with cyber crime, often described as “security hacker”. It wasn't before the late 1980s when the first Internet hacker, Robert Morris, deployed the first ever “denial of service” attack due to a fault in the code. Otherwise known as the Morris Worm of 1986, the incident was intended to highlight security vulnerabilities but inadvertently caused extensive damage that lasted for several days.
During this era of technological advancement, a series of devastating hacking cases drew attention to the severity of these threats. In turn, this led to the creation of the first-ever cyber crime laws. As computer systems and technology rapidly progressed, hacking became increasingly sophisticated, and cyber attackers refined their techniques to steal data, commit fraud, and engage in other illegal activities.
Hacking Types and Techniques
Today, computer and network hacks come in many forms, ranging from elaborate SQL injection attacks to more traditional denial-of-service attacks. While many of these hacking techniques overlap into general forms of cyber-attacks, some of the most prevalent types of cyber hacking include:
Malicious software, also known as malware, that infects a system and spreads without the user's knowledge or consent, damaging files, stealing data, or gaining unauthorised access.
Ransomware is an advanced form of malware that encrypts the victim's data and demands a ransom payment to effectively release and restore access to the files or system.
Phishing is the fraudulent attempt to capture sensitive information (such as passwords, login credentials, or financial data) by pretending to be a legitimate or trustworthy entity via email, phone, or website.
Brute Force Attacks
A brute force attack is a trial-and-error method threat actors use to crack passwords or encryption keys by systematically trying every possible combination until the correct one is found. It can be time-consuming but is often effective against weak or simple passwords.
Otherwise known as data eavesdropping, MitM is the interception and alteration of communications between two parties to steal sensitive data or confidential information or carry out damaging actions.
SQL Injection Attacks
Exploiting vulnerabilities in web applications that use SQL databases to steal or manipulate data by inserting malicious code into a SQL statement.
Distributed Denial-of-Service Attacks
Otherwise known as DDoS attacks, this activity involves overwhelming a target system or network with traffic or requests to cause service disruption or outage.
Exploiting software applications or computer systems vulnerabilities that are unknown to the vendor or users to gain unauthorised access or cause damage.
Cross-Site Scripting (XSS) Attacks
Exploiting weaknesses in web apps to inject malicious scripts into the webpage viewed by users to steal data or perform unauthorised actions.
Similar to MitM attacks, session hijacking involves stealing an active session token or cookie to gain unauthorised access to a user's account or computer system.
Credential Reuse Attacks
Using stolen or leaked login credentials (usually obtained through phishing, password attacks, or physical means) to gain unauthorised access to other accounts or systems.
Using Domain Network System (DNS) protocols to bypass security measures and exfiltrate data from a target network of interest.
Additional devices vulnerable to cyber hackers that are often overlooked are things like internet-connected security cameras and IP cameras, smart TVs and smart appliances, and even baby monitors. It's critical to acknowledge that any device connected to the Internet is potentially susceptible to hacking, so it's important to take necessary precautions to ensure your technology is protected with whatever means possible.
The impact of hackers can range from minor inconveniences to major disruptions. That's why individuals and organisations must take steps to prevent and mitigate the effects of hacking.
All-Time Historic Hacks
Although the sheer volume of hacking cases reaches the tens of thousands annually, a few monumental hacks stand out in history as the most damaging and impactful.
PlayStation Network Hack
Sony PlayStation's gaming network was hacked in 2011, resulting in an epic case that impacted 77 million consoles and almost a month-long shutdown on the gaming system's network. Although they never identified the hacker responsible for the data breach, Sony estimated $171 million in financial losses from the incident.
DoD and NASA Hacks
In 1999, a teenager hacked into NASA's computer networks and the Department of Defense (DoD). The hacker downloaded software from NASA that was valued at $1.7 million. While this historic hack against two of the most prominent U.S. governmental organisations had little damaging impact overall, the teenager's actions resulted in NASA's networks shutting down for three weeks.
Yahoo Data Breach
In 2013, Yahoo encountered two hacking incidents that resulted in one of the largest data breaches in history, impacting over 3 billion user accounts. The breach was executed by four Russian agents that were recruited through a hacker-for-hire scheme. While the breach affected billions of accounts, the biggest concern involved targeted attacks on high-profile U.S. Intelligence officials, opening the door to potential cyber espionage.
- Maintain strong, complex passwords – According to UC Santa Barbara Information Technology, the longer a password is, the better. Whenever possible, use at least 16 characters.
- Set up multifactor authentication – In addition to a strong password, include a layer of security protection using two-factor or multifactor authentication.
- Install antivirus and anti-malware software – Software programs that detect and remove viruses and malware are essential in protecting your computer system and ensuring your data is safe.
- Stay alert about suspicious emails – Avoid clicking questionable links or opening attachments to emails you don't recognise.
- Minimise your online footprint – While not always applicable to certain individuals, reducing the amount of information available about you online can make you less of a target to hackers.
- Avoid public Wi-Fi networks for personal or financial data – Never use public Wi-Fi to access sensitive personal accounts, like bank accounts, online wallets, or trade accounts where financial exchanges occur.
- Backup your computer – Backing up your data is critical to quickly recovering in the instance hackers do succeed in hacking your computer.
- Properly dispose of electronic devices – Make sure to properly erase and dispose of old computers and devices that may have contained personal information and login credentials.
How Proofpoint Can Help
Proofpoint offers the tools and expertise to help organisations better protect their computers and networks from hackers. Because the threat of hacking and cyber-attacks involves both technological solutions and personnel training, Proofpoint helps organisations from beginning to end by implementing the proper cybersecurity measures while deploying the training programs to educate teams on best practices of threat avoidance and mitigation.