Jump to content

Security hacker

Page semi-protected
From Wikipedia, the free encyclopedia
(Redirected fromSecurity hacking)
Not to be confused withHackerorHacker culture.

Part of a series on
Computer hacking
History
Hacker cultureandethic
Conferences
Computer crime
Hacking tools
Practice sites
Malware
Computer security
Groups
Publications

Asecurity hackeris someone who explores methods for breaching defenses andexploitingweaknesses in acomputer systemornetwork.[1]Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering,[2]challenge, recreation,[3]or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.

Longstanding controversy surrounds the meaning of the term "hacker."In this controversy,computer programmersreclaim the termhacker,arguing that it refers simply to someone with an advanced understanding of computers and computer networks,[4]and thatcrackeris the more appropriate term for those who break into computers, whether computer criminals (black hats) or computer security experts (white hats).[5][6]A 2014 article noted that "the black-hat meaning still prevails among the general public".[7]The subculture that has evolved around hackers is often referred to as the "computer underground".

History

Further information:Timeline of computer security hacker history
Bruce Sterling,author ofThe Hacker Crackdown

Birth of subculture and entering mainstream: 1960s–1980s

The subculture around such hackers is termed network hacker subculture, hacker scene, or computer underground. It initially developed in the context ofphreakingduring the 1960s and the microcomputerBBS sceneof the 1980s. It is implicated with2600: The Hacker Quarterlyand thealt.2600newsgroup.

In 1980, an article in the August issue ofPsychology Today(with commentary byPhilip Zimbardo) used the term "hacker" in its title: "The Hacker Papers." It was an excerpt from a Stanford Bulletin Board discussion on the addictive nature of computer use. In the 1982 filmTron,Kevin Flynn (Jeff Bridges) describes his intentions to break into ENCOM's computer system, saying "I've been doing a little hacking here." CLU is thesoftwarehe uses for this. By 1983, hacking in the sense of breaking computer security had already been in use as computer jargon,[8]but there was no public awareness about such activities.[9]However, the release of the filmWarGamesthat year, featuring a computer intrusion intoNORAD,raised the public belief that computer security hackers (especially teenagers) could be a threat to national security. This concern became real when, in the same year, a gang of teenage hackers inMilwaukee, Wisconsin,known asThe 414s,broke into computer systems throughout theUnited StatesandCanada,including those ofLos Alamos National Laboratory,Sloan-Kettering Cancer CenterandSecurity Pacific Bank.[10]The case quickly grew media attention,[10][11]and 17-year-old Neal Patrick emerged as the spokesman for the gang, including a cover story inNewsweekentitled "Beware: Hackers at play", with Patrick's photograph on the cover.[12]TheNewsweekarticle appears to be the first use of the wordhackerby the mainstream media in the pejorative sense.

Pressured by media coverage, congressmanDan Glickmancalled for an investigation and began work on new laws against computer hacking.[13][14] Neal Patrick testified before theU.S. House of Representativeson September 26, 1983, about the dangers of computer hacking, and six bills concerning computer crime were introduced in the House that year.[14]As a result of these laws against computer criminality, white hat,grey hatand black hat hackers try to distinguish themselves from each other, depending on the legality of their activities. These moral conflicts are expressed inThe Mentor's "The Hacker Manifesto",published 1986 inPhrack.

Use of the term hacker meaning computer criminal was also advanced by the title "Stalking the Wily Hacker", an article byClifford Stollin the May 1988 issue of theCommunications of the ACM.Later that year, the release byRobert Tappan Morris, Jr.of the so-calledMorris wormprovoked the popular media to spread this usage. The popularity of Stoll's bookThe Cuckoo's Egg,published one year later, further entrenched the term in the public's consciousness.

Classifications

In computer security, a hacker is someone who focuses on the security mechanisms of computer and network systems. Hackers can include someone who endeavors to strengthen security mechanisms by exploring their weaknesses and also those who seek to access secure, unauthorized information despite security measures. Nevertheless, parts of the subculture see their aim in correcting security problems and use the word in a positive sense. White hat is the name given to ethical computer hackers, who utilize hacking in a helpful way. White hats are becoming a necessary part of the information security field.[15]They operate under a code, which acknowledges that breaking into other people's computers is bad, but that discovering and exploiting security mechanisms and breaking into computers is still an interesting activity that can be done ethically and legally. Accordingly, the term bears strong connotations that are favorable or pejorative, depending on the context.

Subgroups of the computer underground with different attitudes and motives use different terms to demarcate themselves from each other. These classifications are also used to exclude specific groups with whom they do not agree.

Cracker

Eric S. Raymond,author ofThe New Hacker's Dictionary,advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as a wider hacker culture, a view that Raymond has harshly rejected. Instead of a hacker/cracker dichotomy, they emphasize a spectrum of different categories, such aswhite hat,grey hat,black hatandscript kiddie.In contrast to Raymond, they usually reserve the termcrackerfor more malicious activity.

According to Ralph D. Clifford, acrackerorcrackingis to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system."[16]These subgroups may also be defined by the legal status of their activities.[17]

White hat

Main article:White hat (computer security)

Awhite hat hackerbreaks security for non-malicious reasons, either to test their own security system, performpenetration testsorvulnerability assessmentsfor a client, or while working for a security company that makes security software. The term is generally synonymous withethical hacker,and certifications, courseware, classes, and online training covering the diverse arena of ethical hacking have been developed.[17]

Black hat

Main article:Black hat (computer security)

Ablack hat hackeris a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" (Moore, 2005).[18]The term was coined byRichard Stallman,to contrast the maliciousness of a criminal hacker versus the spirit of playfulness and exploration inhacker culture,or the ethos of thewhite hat hackerwho performs hacking duties to identify places to repair or as a means of legitimate employment.[19]Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal".[20]

Grey hat

Main article:Grey hat

A grey hat hacker lies between a black hat and a white hat hacker, hacking for ideological reasons.[21]A grey hat hacker may surf the Internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example. They may then offer to correct the defect for a fee.[20]Grey hat hackers sometimes find the defect in a system and publish the facts to the world instead of a group of people. Even though grey hat hackers may not necessarily perform hacking for their personal gain, unauthorized access to a system can be considered illegal and unethical.

Elite hacker

Asocial statusamong hackers,eliteis used to describe the most skilled. Newly discoveredexploitscirculate among these hackers. Elitegroupssuch asMasters of Deceptionconferred a kind of credibility on their members.[22]

Script kiddie

Main article:Script kiddie

Ascript kiddie(also known as askidorskiddie) is an unskilled hacker who breaks into computer systems by using automated tools written by others (usually by other black hat hackers), hence the term script (i.e. a computer script that automates the hacking) kiddie (i.e. kid, child an individual lacking knowledge and experience, immature),[23]usually with little understanding of the underlying concept.

Neophyte

A neophyte ( "newbie",or" noob ") is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology and hacking.[20]

Blue hat

Main article:BlueHat

Ablue hathacker is someone outside computer security consulting firms who is used to bug-test a system prior to its launch, looking for exploits so they can be closed.Microsoftalso uses the termBlueHatto represent a series of security briefing events.[24][25][26]

Hacktivist

Main article:Hacktivist

A hacktivist is a hacker who utilizes technology to publicize a social, ideological, religious or political message.

Hacktivismcan be divided into two main groups:

Nation state

Intelligence agencies andcyberwarfareoperatives of nation states.[27]

Organized criminal gangs

Groups of hackers that carry out organized criminal activities for profit.[27]Modern-daycomputer hackershave been compared to theprivateersof by-gone days.[28]These criminals hold computer systems hostage, demanding large payments from victims to restore access to their own computer systems and data.[29]Furthermore, recentransomwareattacks on industries, including energy, food, and transportation, have been blamed oncriminal organizationsbased in or near astate actor– possibly with the country's knowledge and approval.[30]Cyber theftand ransomware attacks are now the fastest-growing crimes in the United States.[31]Bitcoinand othercryptocurrenciesfacilitate theextortionof huge ransoms from large companies, hospitals and city governments with little or no chance of being caught.[32]

Attacks

Main article:Computer security

Hackers can usually be sorted into two types of attacks: mass attacks and targeted attacks.[33]They are sorted into the groups in terms of how they choose their victims and how they act on the attacks.[33]

A typical approach in an attack on Internet-connected system is:

  1. Network enumeration:Discovering information about the intended target.
  2. Vulnerability analysis:Identifying potential ways of attack.
  3. Exploitation:Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.[34]

In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

Security exploits

Main article:Exploit (computer security)

A security exploit is a prepared application that takes advantage of a known weakness.[35]Common examples of security exploits areSQL injection,cross-site scriptingandcross-site request forgerywhich abuse security holes that may result from substandard programming practice. Other exploits would be able to be used throughFile Transfer Protocol(FTP),Hypertext Transfer Protocol(HTTP),PHP,SSH,Telnetand some Web pages. These are very common in Web site and Web domain hacking.

Techniques

Vulnerability scanner
Avulnerability scanneris a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly useport scanners.These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Firewallsdefend computers from intruders by limiting access to ports and machines, but they can still be circumvented.)
Finding vulnerabilities
Hackers may also attempt to find vulnerabilities manually. A common approach is to search for possible vulnerabilities in the code of the computer system then test them, sometimesreverse engineeringthe software if the code is not provided. Experienced hackers can easily find patterns in code to find common vulnerabilities.
Brute-force attack
Password guessing.Brute-force attacksare used to quickly check all short password variations. For longer passwords, other methods such as the dictionary attack are used, because of the amount of time a brute-force search takes.[36]
Password cracking
Password crackingis the process of recovering passwords from data that has been stored in or transmitted by a computer system. Common approaches include repeatedly trying guesses for the password, trying the most common passwords by hand, and repeatedly trying passwords from a "dictionary", or a text file with many passwords.[37]
Packet analyzer
Apacket analyzer( "packet sniffer" ) is an application that captures data packets, which can be used to capture passwords and otherdata in transitover the network.
Spoofing attack (phishing)
Aspoofing attackinvolves one program, system or website that successfully masquerades as another by falsifying data and is thereby treated as a trusted system by a user or another program – usually to fool programs, systems or users into revealing confidential information, such as user names and passwords.
Rootkit
Arootkitis a program that uses low-level, hard-to-detect methods to subvert control of an operating system from its legitimate operators. Rootkits usually obscure their installation and attempt to prevent their removal through a subversion of standard system security. They may include replacements for system binaries, making it virtually impossible for them to be detected by checkingprocess tables.
Social engineering
In the second stage of the targeting process, hackers often usesocial engineeringtactics to get enough information to access the network. They may contact the system administrator and pose as a user who cannot get access to his or her system. This technique is portrayed in the 1995 filmHackers,when protagonist Dade "Zero Cool" Murphy calls a somewhat clueless employee in charge of security at a television network. Posing as an accountant working for the same company, Dade tricks the employee into giving him the phone number of a modem so he can gain access to the company's computer system.
Hackers who use this technique must be familiar with their target's security practices in order to trick the system administrator into giving them information. In some cases, a help-desk employee with limited security experience will answer the phone and be relatively easy to trick. Another approach is for the hacker to pose as an angry supervisor, and when his/her authority is questioned, threaten to fire the help-desk worker. Social engineering is very effective, because users are the most vulnerable part of an organization. No security devices or programs can keep an organization safe if an employee reveals a password to an unauthorized person.
Social engineering can be broken down into four sub-groups:
  • IntimidationAs in the "angry supervisor" technique above, the hacker convinces the person who answers the phone that their job is in danger unless they help them. At this point, many people accept that the hacker is a supervisor and give them the information they seek.
  • HelpfulnessThe opposite of intimidation, helpfulness exploits many people's natural instinct to help others solve problems. Rather than acting angry, the hacker acts distressed and concerned. The help desk is the most vulnerable to this type of social engineering, as (a.) its general purpose is to help people; and (b.) it usually has the authority to change or reset passwords, which is exactly what the hacker wants.[38]
  • Name-droppingThe hacker uses names of authorized users to convince the person who answers the phone that the hacker is a legitimate user him or herself. Some of these names, such as those of webpage owners or company officers, can easily be obtained online. Hackers have also been known to obtain names by examining discarded documents ("dumpster diving").
  • TechnicalUsing technology is also a way to get information. A hacker can send a fax or email to a legitimate user, seeking a response that contains vital information. The hacker may claim that he or she is involved in law enforcement and needs certain data for an investigation, or for record-keeping purposes.
Trojan horses
ATrojan horseis a program that seems to be doing one thing but is actually doing another. It can be used to set up aback doorin a computer system, enabling the intruder to gain access later. (The name refers to thehorsefrom theTrojan War,with the conceptually similar function of deceiving defenders into bringing an intruder into a protected area.)
Computer virus
Avirusis a self-replicating program that spreads by inserting copies of itself into other executable code or documents. By doing this, it behaves similarly to abiological virus,which spreads by inserting itself into living cells. While some viruses are harmless or mere hoaxes, most are considered malicious.
Computer worm
Like a virus, awormis also a self-replicating program. It differs from a virus in that (a.) it propagates through computer networks without user intervention; and (b.) does not need to attach itself to an existing program. Nonetheless, many people use the terms "virus" and "worm" interchangeably to describe any self-propagating program.
Keystroke logging
Akeyloggeris a tool designed to record ( "log" ) every keystroke on an affected machine for later retrieval, usually to allow the user of this tool to gain access to confidential information typed on the affected machine. Some keyloggers use virus-, trojan-, and rootkit-like methods to conceal themselves. However, some of them are used for legitimate purposes, even to enhance computer security. For example, a business may maintain a keylogger on a computer used at apoint of saleto detect evidence of employee fraud.
Attack patterns
Attack patternsare defined as series of repeatable steps that can be applied to simulate an attack against the security of a system. They can be used for testing purposes or locating potential vulnerabilities. They also provide, either physically or in reference, a common solution pattern for preventing a given attack.

Tools and Procedures

A thorough examination of hacker tools and procedures may be found in Cengage Learning's E|CSA certification workbook.[39]

Notable intruders and criminal hackers

Main article:List of computer criminals

Notable security hackers

Main article:List of hackers

Customs

The computer underground[3]has produced its own specialized slang, such as1337speak.Writing software and performing other activities to support these views is referred to ashacktivism.Some consider illegal cracking ethically justified for these goals; a common form iswebsite defacement.The computer underground is frequently compared to the Wild West.[49]It is common for hackers to use aliases to conceal their identities.

Hacker groups and conventions

Main articles:Hacker conferenceandHacker group

The computer underground is supported by regular real-world gatherings calledhacker conventionsor "hacker cons". These events includeSummerCon(Summer),DEF CON,HoHoCon(Christmas),ShmooCon(February),Black Hat Conference,Chaos Communication Congress,AthCon, Hacker Halted, andH.O.P.E.[citation needed]Local Hackfest groups organize and compete to develop their skills to send a team to a prominent convention to compete in group pentesting, exploit and forensics on a larger scale. Hacker groups became popular in the early 1980s, providing access to hacking information and resources and a place to learn from other members. Computerbulletin board systems(BBSs), such as the Utopias, provided platforms for information-sharing via dial-up modem. Hackers could also gain credibility by being affiliated with elite groups.[50]

Consequences for malicious hacking

India

Section Offence Punishment
65 Tampering with computer source documents– Intentional concealment, destruction or alteration of source code when the computer source code is required to be kept or maintained by law for the time being in force Imprisonment up to three years, or/and with fine up to 20000 rupees
66 Hacking Imprisonment up to three years, or/and with fine up to 50000 rupees

Netherlands

Maximum imprisonment is one year or a fine of the fourth category.[51]

United States

18 U.S.C.§ 1030,more commonly known as theComputer Fraud and Abuse Act,prohibits unauthorized access or damage of "protected computers". "Protected computers" are defined in18 U.S.C.§ 1030(e)(2)as:

  • A computer exclusively for the use of a financial institution or the United States Government, or, in the case of a computer not exclusively for such use, used by or for a financial institution or the United States Government and the conduct constituting the offense affects that use by or for the financial institution or the Government.
  • A computer which is used in or affecting interstate or foreign commerce or communication, including a computer located outside the United States that is used in a manner that affects interstate or foreign commerce or communication of the United States;

The maximum imprisonment or fine for violations of theComputer Fraud and Abuse Actdepends on the severity of the violation and the offender's history of violations under theAct.

TheFBIhas demonstrated its ability to recover ransoms paid incryptocurrencyby victims of cybertheft.[52]

Hacking and the media

Hacker magazines

Main category:Hacker magazines

The most notable hacker-oriented print publications arePhrack,Hakin9and2600: The Hacker Quarterly.While the information contained in hacker magazines andezineswas often outdated by the time they were published, they enhanced their contributors' reputations by documenting their successes.[50]

Hackers in fiction

See also:List of fictional hackers

Hackers often show an interest in fictionalcyberpunkandcybercultureliterature and movies. The adoption offictionalpseudonyms,[53]symbols, values andmetaphorsfrom these works is very common.[54]

Books

Films

TV series

Non-fiction books

See also

References

  1. ^Gao, Xing (2015). "Information security investment for competitive firms with hacker behavior and security requirements".Annals of Operations Research.235:277–300.doi:10.1007/s10479-015-1925-2.S2CID207085416.
  2. ^Winkler, Ira.Spies Among Us: How to Stop the Spies, Terrorists, Hackers, and Criminals You Don't Even Know You Encounter Every Day.John Wiley & Sons. 2005. pg. 92.ISBN9780764589904.
  3. ^abSterling, Bruce(1993). "Part 2(d)".The Hacker Crackdown.McLean, Virginia: IndyPublish. p. 61.ISBN1-4043-0641-2.
  4. ^"The Hacker's Dictionary".Archivedfrom the original on November 8, 2020.RetrievedMay 23,2013.
  5. ^Political notes from 2012: September–DecemberArchivedDecember 9, 2012, at theWayback Machine.stallman.org.
  6. ^Raymond, Eric S."Jargon File: Cracker".Archivedfrom the original on June 29, 2011.RetrievedMay 8,2010.Coined ca. 1985 by hackers in defense against journalistic misuse of hacker.
  7. ^Yagoda, Ben (March 6, 2014)."A Short History of 'Hack'".The New Yorker.Archivedfrom the original on November 10, 2015.RetrievedJune 21,2019.Although Lifehacker and other neutral or positive applications of the word [hack] are increasingly prominent, the black-hat meaning still prevails among the general public.
  8. ^See the1981 version of theJargon FileArchivedApril 2, 2018, at theWayback Machine,entry "hacker", last meaning.
  9. ^"Computer hacking: Where did it begin and how did it grow?".WindowSecurity. October 16, 2002.Archivedfrom the original on January 16, 2013.RetrievedSeptember 6,2015.
  10. ^abElmer-DeWitt, Philip (August 29, 1983)."The 414 Gang Strikes Again".Time.p. 75. Archived fromthe originalon December 2, 2007.
  11. ^Detroit Free Press.September 27, 1983.{{cite news}}:Missing or empty|title=(help)
  12. ^"Beware: Hackers at play".Newsweek.September 5, 1983. pp. 42–46, 48.
  13. ^"Timeline: The U.S. Government and Cybersecurity".Washington Post.May 16, 2003.Archivedfrom the original on November 16, 2018.RetrievedApril 14,2006.
  14. ^abBailey, David (April 1984)."Attacks on Computers: Congressional Hearings and Pending Legislation".1984 IEEE Symposium on Security and Privacy.Oakland, CA, USA: IEEE. pp. 180–186.doi:10.1109/SP.1984.10012.ISBN978-0-8186-0532-1.S2CID15187375.Archivedfrom the original on June 24, 2024.RetrievedJuly 21,2023.
  15. ^Caldwell, Tracey (July 22, 2011). "Ethical hackers: putting on the white hat".Network Security.2011(7): 10–13.doi:10.1016/s1353-4858(11)70075-7.
  16. ^Clifford, D. (2011).Cybercrime: The Investigation, Prosecution and Defense of a Computer-Related Crime.Durham, North Carolina: Carolina Academic Press.ISBN978-1594608537.
  17. ^abWilhelm, Douglas (2010). "2".Professional Penetration Testing.Syngress Press. p. 503.ISBN978-1-59749-425-0.
  18. ^Moore, Robert (2005).Cybercrime: Investigating High Technology Computer Crime.Matthew Bender & Company. p. 258.ISBN1-59345-303-5.Robert Moore
  19. ^O'Brien, Marakas, James, George (2011).Management Information Systems.New York, NY: McGraw-Hill/ Irwin. pp. 536–537.ISBN978-0-07-752217-9.{{cite book}}:CS1 maint: multiple names: authors list (link)
  20. ^abcMoore, Robert (2006).Cybercrime: Investigating High-Technology Computer Crime(1st ed.). Cincinnati, Ohio: Anderson Publishing.ISBN978-1-59345-303-9.
  21. ^Okpa, John Thompson; Ugwuoke, Christopher Uchechukwu; Ajah, Benjamin Okorie; Eshioste, Emmanuel; Igbe, Joseph Egidi; Ajor, Ogar James; Okoi, Ofem, Nnana; Eteng, Mary Juachi; Nnamani, Rebecca Ginikanwa (September 5, 2022)."Cyberspace, Black-Hat Hacking and Economic Sustainability of Corporate Organizations in Cross-River State, Nigeria".SAGE Open.12(3): 215824402211227.doi:10.1177/21582440221122739.ISSN2158-2440.S2CID252096635.{{cite journal}}:CS1 maint: multiple names: authors list (link)
  22. ^Thomas, Douglas (2002).Hacker Culture.University of Minnesota Press.ISBN978-0-8166-3346-3.
  23. ^Andress, Mandy; Cox, Phil; Tittel, Ed – (2001).CIW Security Professional.New York, NY: Wiley. p. 638.ISBN0-7645-4822-0.
  24. ^"Blue hat hacker Definition".PC Magazine Encyclopedia.Archived fromthe originalon March 8, 2013.RetrievedMay 31,2010.A security professional invited by Microsoft to find vulnerabilities in Windows.
  25. ^Fried, Ina(June 15, 2005)."Blue Hat summit meant to reveal ways of the other side".Microsoft meets the hackers.CNET News.Archivedfrom the original on December 3, 2013.RetrievedMay 31,2010.
  26. ^Markoff, John(October 17, 2005)."At Microsoft, Interlopers Sound Off on Security".The New York Times.Archivedfrom the original on December 19, 2014.RetrievedMay 31,2010.
  27. ^abChabrow, Eric (February 25, 2012)."7 Levels of Hackers: Applying An Ancient Chinese Lesson: Know Your Enemies".GovInfo Security.Archivedfrom the original on December 31, 2018.RetrievedFebruary 27,2012.
  28. ^Egloff, Florian.Cybersecurity and the Age of Privateering.In:Understanding Cyber Conflict: Fourteen Analogies,Chapter 14, George Perkovich and Ariel E. Levite, Eds., Georgetown University Press, 2017.
  29. ^Tidy, Joe.Ransomware: Should paying hacker ransoms be illegal?ArchivedMay 21, 2021, at theWayback MachineBBC 20 May 2021.
  30. ^Morrison, Sara.What you need to know about ransomware and the future of cyberattacksArchivedJune 19, 2021, at theWayback Machine.Vox, Jun 16, 2021.
  31. ^Abigail Summerville,Protect against the Fastest-Growing Crime: Cyber AttacksArchivedJune 23, 2021, at theWayback Machine,CNBC (July 25, 2017).
  32. ^Myre, Greg.How Bitcoin Has Fueled Ransomware Attacks.ArchivedJune 19, 2021, at theWayback MachineNPR, June 10, 2021.
  33. ^abDey, Debabrata; Lahiri, Atanu; Zhang, Guoying (2011)."Hacker Behavior, Network Effects, and the Security Software Market".SSRN Electronic Journal.doi:10.2139/ssrn.1838656.ISSN1556-5068.
  34. ^Gupta, Ajay; Klavinsky, Thomas and Laliberte, Scott (March 15, 2002)Security Through Penetration Testing: Internet PenetrationArchivedJuly 3, 2019, at theWayback Machine.informit
  35. ^Rodriguez, Chris; Martinez, Richard."The Growing Hacking Threat to Websites: An Ongoing Commitment to Web Application Security"(PDF).Frost & Sullivan.RetrievedAugust 13,2013.
  36. ^Kerner, Sean Michael. "Sentry MBA Uses Credential Stuffing To Hack Sites."Eweek(2016): 8.Academic Search Complete.Web. 7 Feb. 2017.
  37. ^Weir, Matt, Sudhir Aggarwal, Breno de Medeiros, Bill Glodek. 2009. "Password Cracking Using Probabilistic Context-Free Grammars".2009 30th IEEE Symposium on Security and Privacy:391-405.
  38. ^Thompson, Samuel T. C. "Helping The Hacker? Library Information, Security, And Social Engineering."Information Technology & Libraries25.4 (2006): 222-225.Academic Search Complete.Web. 7 Feb. 2017.
  39. ^Press, EC-Council (2011).Penetration Testing: Procedures & Methodologies.Clifton, NY: CENGAGE Learning.ISBN978-1435483675.
  40. ^"DEF CON III Archives - Susan Thunder Keynote".DEF CON.Archivedfrom the original on April 20, 2019.RetrievedAugust 12,2017.
  41. ^Hafner, Katie (August 1995)."Kevin Mitnick, unplugged".Esquire.124(2): 80.Archivedfrom the original on May 15, 2019.RetrievedAugust 13,2017.
  42. ^"Gary McKinnon extradition ruling due by 16 October".BBC News.September 6, 2012.Archivedfrom the original on August 7, 2019.RetrievedSeptember 25,2012.
  43. ^"Community Memory: Precedents in Social Media and Movements".Computer History Museum.February 23, 2016.Archivedfrom the original on July 3, 2019.RetrievedAugust 13,2017.
  44. ^"Kevin Mitnick sentenced to nearly four years in prison; computer hacker ordered to pay restitution..."(Press release).United States Attorney's Office,Central District of California. August 9, 1999. Archived fromthe originalon September 26, 2009.RetrievedApril 10,2010.
  45. ^Holt, Thomas J.; Schel, Bernadette Hlubik (2010).Corporate Hacking and Technology-Driven Crime: Social Dynamics and Implications.IGI Global. p. 146.ISBN9781616928056.
  46. ^"British teenager who 'cyber-terrorised' US intelligence officials gets two years detentionArchivedJune 14, 2018, at theWayback Machine".The Independent.21 April 2018.
  47. ^"British teen Kane Gamble accessed accounts of top US intelligence and security officialsArchivedJune 21, 2018, at theWayback Machine".Deutsche Welle.21 January 2018.
  48. ^"Kane Gamble: Teenager with autism on Leicestershire housing estate took classified information by fooling people into thinking he was FBI BossArchivedJuly 19, 2019, at theWayback Machine".The Independent.21 January 2018.
  49. ^Jordan, Tim; Taylor, Paul A. (2004).Hacktivism and Cyberwars.Routledge. pp.133–134.ISBN978-0-415-26003-9.Wild West imagery has permeated discussions of cybercultures.
  50. ^abThomas, Douglas (2003).Hacker Culture.University of Minnesota Press. p. 90.ISBN978-0-8166-3346-3.
  51. ^Artikel 138abArchivedFebruary 2, 2015, at theWayback Machine.Wetboek van Strafrecht, December 27, 2012
  52. ^Nakashima, Ellen.Feds recover more than $2 million in ransomware payments from Colonial Pipeline hackers.ArchivedJune 19, 2021, at theWayback MachineWashington Post, June 7, 2021.
  53. ^Swabey, Pete (February 27, 2013)."Data leaked by Anonymous appears to reveal Bank of America's hacker profiling operation".Information Age.Archivedfrom the original on April 19, 2016.RetrievedFebruary 21,2014.
  54. ^"Hackers and Viruses: Questions and Answers".Scienzagiovane.University of Bologna.November 12, 2012.Archivedfrom the original on June 10, 2016.RetrievedFebruary 21,2014.
  55. ^Staples, Brent (May 11, 2003)."A Prince of Cyberpunk Fiction Moves Into the Mainstream".The New York Times.Archivedfrom the original on October 13, 2016.RetrievedFebruary 20,2017.Mr. Gibson's novels and short stories are worshiped by hackers

Further reading

Wikibooks has a book on the topic of:Hacking
Retrieved from "https://en.wikipedia.org/w/index.php?title=Security_hacker&oldid=1231867587"