Table of Contents
5. Who hackers are – who are those guys out there?
The next thing to be discussed is planning attacks, overview of this.
The first thing in planning an attack is what you are trying to get out of the hack. You know, now people worry about stealing usernames for bank accounts, online banking. I also was worrying about that a little bit and when I went on to the website and looked at my online banking, looked what I could do with my online banking, I discovered it was not a whole lot – somebody might be able to cause me a little pain in the butt, if they hack into my account, but realistically there is not a whole lot of profit in simply hacking to my online banking system, you can make a mass of things, but it will then take you only about 5 minutes to fix, and so it is not really worthwhile.
What you need to consider is what is profitable to hack. Instead of trying to get people’s usernames and passwords to bank accounts, there are things like PayPal accounts. These can actually get you money. eBay accounts, Amazon.com accounts, all these e-commerce websites where people put in all their commercial information, provide kind of information that you can use, to actually make some money, or make this valuable.
Again, things like contact information: stealing millions and millions of people’s contacts just randomly is not really worth a whole lot to most people; but if you steal all the contact information for the competitor – that is worth a lot.
So if you are going to hack, you need to think of things you are about to actually accomplish. You know, if you are parents trying to make sure your kid is not doing stupid stuff on the computer, you need to be thinking of the data you try to acquire: are you really trying to acquire all of their instant messaging chats, all the emails, everything they do on the computer; or you are trying to get just one little snap. You really have to think what is valuable to you.
For instance, I know a lot of hackers who go out there and steal crap loads of data – but who cares, it is like a person on a flea market, they have a big stall, but it is a kind of garbage, nobody wants it. That is how many hackers do – they steal a lot of stuff, but who cares.
As you are thinking to do hacking, planning to do hacking, attacks, you need to consider the way you attack. Are you going to do mass-attacks, is this something that tries to deploy viruses, spyware, all of that, just willy-nilly all over the Internet, and whatever information you grab is whatever information you get? So, that is where you have heard about things like botnets, so you have all these little pieces of malware out there, they grab information from each individual computer setting it to servers, nodes out there on the Internet, those nodes send the information back to main server.
That is, if you are about to do a mass-attack, or you are trying to do a semi-targeted or targeted attack; so the target attack is like I have said: if you have a competitor, a specific competitor – that guy over there, and go after them, you do a targeted attack. You say “I want some information from those people, to disable that company, take that company down.” That is a targeted attack.
Or you are looking at semi-targeted attack. This, in general, is when you try to attack companies or organizations within a particular industry, so this is again about those hackers in mention that try to attack lawyers who are going after those people with pirated movies.
So you are doing semi-targeted attack, it is not attacking everybody on the web, it is not to try to shut down all the websites, they are simply going after websites specifically for lawyers that are attacking pirates. This is something you really need to think about when you are panning your attacks: whether it is going to be
Then, once you have figured that out, you have to understand what kind of information you are trying to get. Are going to get credit card information, email messages, etc.?
Then you have to think, to plan on how you are going to actually get that data, how you are going to do the attacks. This is just like planning any network, web design, surveillance system or telephone system. You have to sit down and figure out what are the results you want, what software you need, what are the vulnerabilities that you need in order to penetrate, etc.
So, basically you need to set, make a plan, that is, what to be stressed upon again. And this is both for hackers and security people.
Everybody thinks that hacking is an hour thing, a half an hour thing, a day or two thing. A real targeted attack, especially against something like a targeted company, this may be a year or two process. So you may go in and do social engineering at the beginning. Just walk to the receptionist and say “Hey, I am a sales consultant, I was just wondering who is the CEO here,” – and they tell you the name.
– Can I get his email address?
– Who is your CIO? What is his email address?
So now you have those people’s information. A month later you may go and do a history report of these two people, the CEO and CIO, saying “Ok, his mother’s name is Wilma Merry Flintstone, the father’s name is Bob Jake Flintstone”. Now you get middle names for the mother, so as you go forward that may come up with a security question later. Hence the main thing to think about is that this is a project, just like any other project.
For instance, if you build a surveillance system, you do not just grab a bunch of crap and throw it in there. You sit there and make up your plan. That is, you need to make a plan: if you want to do a mass-attack you have to come up with what the malware is, what kind of software you are going to install on these people’s computers, how you are going to get it installed on those people’s computers.
Again, everyone thinks it is easy. Viruses spread like – well, like viruses. You know, getting that to happen actually requires some creativity. That is, when the malware gets the information, how is it going to transmit it back to the nodes on the Internet, how often is it going to transmit it, is it going to be encrypted, etc. Once it goes back to the nodes, how often are the nodes to send the information back to the home servers?
If the home servers are taken offline for some reason, can your little botnet automatically be modified to point to other home servers? These are the things you ought to think about when planning your attack.
6. Protecting yourself
The final thing we are to discuss is how you protect yourself when you are making these attacks, when you have decided to start hacking. The first thing that you have to understand, keep in mind, is that at all times all your activities on the Internet can be, and usually are, tracked through routers, firewalls, computer systems etc.; as all these systems require login information, you may be tracked using this information. What you have to understand is that there are a billion people on the Internet right now all doing a billion things a day, so although at any point of time you can be tracked, it is usually not worth anybody’s effort to track you down.
As an IT man I see hack attacks every day coming in, I look at my log file and see that my firewall stopped the attack and do not go any further. Why? Could I track down these jackasses, find a jet and go to China and beat somebody’s face? Yes, I could do that! Is that worth my time? Umph… No.
So, what you have to understand is that you can be tracked.
And when you hit a certain point or threshold for your target, they may as well very well get on the jet or call the FBI and you may get your face beaten, unless you make sure you protect yourself.
So, when you do hacking, do not take your standard home PC, plug it into your little Internet connection at home, and hack. Why? Because if you actually do something impressive, people will track you down and that will just get very-very bad.
The first thing you need to stick to is to hack from Internet connections that are not related to you. That is, if you are going to do a sort of hack attack, go to a cafe with an open Internet connection, at the other side of town. Do not go in any case to your favorite cafe and launch an attack. Go to a cafe that you have never been to in your entire life and sit down and use their Internet connection to launch the attack.
Or do wardriving – it is, again, when you go through a neighborhood looking for open wireless connections. Again, do not do this on your neighborhood, because like I said all those login attempts will have time codes associated with them, so they will know when things happen: if people know you, they may be able to track you down that way.
So go to your neighborhood five miles away, do a little wardriving, sit there with your computer in the middle of the night and do your attack that way. Basically you want to be using Internet connection that has nothing to do with you. Get a map of your town, get a dart and blindfolded throw it into the map, and that is where you should be doing your wardriving; this should not be anything that will come back to you.
The next thing is that you need to make sure to leave no trace of your activities on your computer. That is a big mistake for hackers. Again, as I said, as you boot up a computer, all computers – almost all of the computers create temporary files, log files etc., so after they have done the attack most people do not delete those log files, so all those temporary files are sitting on the computer, all those log files are on the PC. So if somebody is able to track back to you and work at your computer, they get your computer, open it up – and hey, look, they find all these log files with times that correspond to when these attacks took place.
Thus you need to make sure there is no tracing of the activities on your PC. The easiest way to make sure there is no tracing of the activities on your PC is to use somebody else’s computer.
So you go to a public library that has computers, or to some cafes that have computers sitting there. The next way is you can buy like a little netbook computer and then throw it away when you are done to make sure there are no traces left.
You can, if you are feeling lucky a bit, use Linux Live CDs, Windows BartPE CDs, these are operating systems on a CD; so you put that onto your PC (I would suggest to remove a hard drive to make sure no criminal evidence is put on the hard drive). You put that into your computer, everything gets booted out of that CD and then you are able to hack using that CD: no temporary files are installed on your system; no log files are created, etc.
The only thing you need to be careful about with this is that more and more companies are actually trying to put hardware tracking information into computers, so you should be careful so that the computer you are using does not have some hardware tacking information.
Once you do that, that is, do not go to your high school to use the computer – go to somebody else’s high school, where your friends go; do not go to the library in the neighborhood – go to an entirely different library. The next thing is that if you need to make transactions make sure not to use your credit card or debit card.
There are a lot of prepaid credit cards out there now. So if you think you are going to buy something for this hack attack etc., make sure to go out and get one of those prepaid cards and make sure when you buy that prepaid card you pay for it in cash, because cash is basically non-traceable form of currency.
If you use your own credit card to buy one of those prepaid cards, they may be able to track back; if you just use cash, they should not be able to track that back. Again, with telephones, do not use your telephone, use one of these prepaid phones out there, like Virgin phones, boost phones – there are a lot of these. You know, for fifty bucks you can buy a phone – again, pay cash for it, because if you use a credit card – that is something that can be tracked.
So, these are the things to consider.
Finally, as you are doing an attack, as I have said, if you are doing a real attack, you probably need to be near the target or at the premises at some point. You see, whether you are walking into the door to sweet talk to secretary, whether you put on a uniform and act like a security guard or a repair technician, you need to understand there is possibility that you are caught, somebody is going to be smart enough to say: “Hey, that is not our real computer guy.” So, when that happens, what you need to do is you need to run. You need to run as fast as you can. Basically, if you get caught doing this attack physically, you run just as fast as you can. The reason why you are going to run is that staying there and trying to talk yourself out of the situation you probably will not be able to talk yourself out of the situation.
People think – you know, we all like to think we are much faster on thinking than we actually are, but the fact is that most of the time when people get stressed, when there are two or three boss type people surrounding, you kind of freak out and you do not talk, you lose control of the situation. If you are going to be losing control over the situation – just run, run, run. Run as fast as you can. “Run, Forest, run!”
The reason is that if you run, most people are not going to run after you. And, you know, if you are a little bit in shape – ‘cause you might be thinking all hackers should be like these computer guys all fat and pimple-face – if you are a hacker, you should be in pretty good shape, able to run a couple of miles, and so if you are running, chances are that that will be that office worker or the CEO that are actually the follower, and they are not going to be able to run after you. You run just as fast as you can to where your car is hidden, and then you try to leave.
If you get caught by anybody, basically deny everything, just any fact. If they have video camera of you in the building, you do not care, you say:
– Wow! That must be my brother!
– What is your brother’s name?
– I didn’t know I had a brother until I saw that video.
The reason is that most people think they are smarter and quicker than they are, and the reality is that they get themselves into trouble, they start admitting the things they did not intentionally mean to admit to. So, if you deny absolutely everything – “No, it is not me,” “Are you Mal – no, I am not,” “Is your hair brown – no, my hair is not brown,” “What is the color of your hair – it is the color my hair is.”
Basically, when you deny everything, you know you are dealing with the American criminal justice system. I am not talking about the Chinese criminal justice system or Russian criminal justice system. You know they will just shoot you. You know they will say: “You have broken into the building, we think we just want to make sure,” – bang, you are dead.
But here in America remember you have to be convicted beyond reasonable doubt in order to have any kind of punishment placed against you. So if all you do is denying everything, it is very hard for anybody to come up with the case, and most likely will not follow this through. Again, if you are going in, beat somebody up, that is something the police can sink their teeth into. You know, if you rape a woman that is something the police can sink their teeth into; you break into the car, do all those types of crimes, do all those things that piss off the public, piss off the police, the lawyers.
If you go in and try launching your hack attack against some company, the police do not even really understand what the hell you are doing. They do not understand what you are doing, why are you doing it, they do not understand the benefit of this; so chances are that you are going to walk, and nothing is going to happen to you as long as you are not walking outside with the server. That point is great.
So, that’s what we need to think about. Again, if you get caught with the hack attack, there is a criminal justice as mentioned above, and there is something called the criminal justice funnel, so that there are all the crimes committed in the world, you know there is only a percentage of these crimes that people are actually caught; and out of 100% of all the people, you know the police grab them, out of them only two percents are the people that actually have punishments against them.
So out of 100%, out of 100 people that the cops catch, only 2% go to jail, get probations, get fines, etc. The criminal justice funnel shows that people who actually get punished are very-very small. So, the more complex you can make your attack, the less people can understand what you are trying to do.
The more you deny everything, muddy the water – even if you do get to Courts, nobody is going to understand what crime it is that you have tried to commit, and even if you get a punishment you might get something like trespassing, but that is about it. Think about it this way: if you are on the premises, and you do not actually steal anything and you run, what are you actually going to be charged with? You have not stolen anything, at least yet, all you have done is impersonating repair person so as to get into premises, thereby this might be trespassing like you are a little community service – that is it.
So, that is it, if you are at the premises, run, run, run and deny everything.