Hacking: Hollywood vs. Reality

One of the cool things that we see in the movies is how hackers can do everything from their computers, they hack bank accounts and transfer funds with few keyboards clicks. hey type very fast and make it seem that hacking is something cool and so easy to do . But of course that we should know that some or most of the things we see in movies are imposable to be in the way it get presented in the movies and sometimes its just impossible.

In fact , real hacker are the with a a lot of connections and  who preform  a lot of social engineering. They get passwords and information  by asking for it not by hacking in secure system. they use the art if coning more than computer skills. That dose not mean  that hacker do not have programming and computer skills but its not as we see in movies.

So do not believe everything you see in TV and know that hackers might simply ask you for the information they need to hack you.

source:

http://www.techdirt.com/articles/20120306/15452818005/hollywood-hackers-vs-reality.shtml

Facebook Hacks It's Own Employees

In a traditional business setting, when executive want to teach their employees a valuable lesson, they will normally throw together a boring Powerpoint and make all their employees attend the presentation. Statistically, such information is not delivered corrected through Powerpoint's as they are not engaging and do not generate any conversation.

The largest social media company in the world, Facebook, took this into consideration when trying to teach a valuable lessons about hacking to their employees. Every October, Facebook celebrates "Hacktober", a month long information session about hacking in today's networked world. During the week, Facebook has information sessions which feature a series of simulated security threats. The interesting part about these simulations is that they are conducted on their employees own computers.

For instance, Facebook would send around an email containing a security threat and would keep track of how many employees opened the email. Afterwards, they would debrief by interviewing the employee and asking them why they chose to open to email.

Such information is incredibly valuable for Facebook to be able to protect against hackers that try to jeopardize their site.

--MD

Sources:

http://mashable.com/2012/11/29/facebook-hacktober/#103801Hacktober-Poster

Hacktivism vs. Hacking

Before I blog any further, I want to differentiate between the two terms hacking and hacktivism.

Hacking is illegally breaking into computers to reek havoc on a target. Hackers are mostly very malicious in the work that they do and know that by hacking onto a person's computer, they are going to inflict considerable harm on that person.

On the contrary, hacktivism is the use of computers as a mans of protest. The main difference between hacktivism and hacking is that hacktivism is legal whereas hacking is not. People that hack utilize illegal means to gain access into another persons computer. Hacktivism is perfectly legal as the information that they have is obtained in a legal matter.

Now that we have a clear understanding of the two similar terms, I will continue to blog :)

Julian Assange - Wikileaks

Julian Assange is the creator os Wikileaks and a very interesting man at that. In a recent interview I watched on YouTube, Assange talked about why he started Wikileaks and where he sees it going in the future. Assange says he created Wikileaks because "the public needs to know". As I wrote about today on my exam, hacktivist groups, like Wikileaks see their actions as helping the general public. They believe that the information they are leaking onto the web is what the public needs and wants to see. In future years, Assange sees Wikileaks growing and continuing to leak valuable information to the public. Law enforcement absolutely hates Wikileaks and would do essentially anything to try and bring it done. In order to continue operations, Assange needs to protect his website so that the authorities don't seize his URL and end Wikileaks forever.

Types of Hacking

Hacking is the act of breaking in systems via the network and the internet.

Hacking has many types:

• Emails hacking : it involve breaking into unauthorized emails by cracking passwords then stealing information.
• website hacking :it involve exploiting security holes and changing information on the hacked website.
• PC hacking: that involve breaking into personal computers and access the files .
• Ethical hacking : this type of hacking is done by experts to find and fix.

Hackers

Hackers are the people who use the digital media to break in (hack) personal computer or servers via the network. Usually hackers do what they do to steal information but that not the only reason hacker exist.

there are many types of hackers :

White Hat: A white hat hacker is someone who has non-malicious intent whenever he breaks into security systems and whatnot. In fact, a large number of white hat hackers are security experts themselves who want to push the boundaries of their own IT security ciphers and shields or even penetration testers specifically hired to test out how vulnerable or impenetrable (at the time) a present protective setup currently is. A white hat that does vulnerability assessments and penetration tests is also known as an ethical hacker.

Read more: http://www.secpoint.com/types-of-hacker.html#ixzz2DTrHwaqC

White Hat:  hackers who hack into security systems , and exploit bugs then report them to the owner without using that for any criminal activates.

Black Hat: hackers who hacks systems and exploit bugs without reporting them, instead they use that to preform cyber criminal activities

Gray Hat: hackers who try to act like white hat hackers, but end up using black hat methods . they are not as bad as the back hat and not as good as the white hat , they are kinda in the middle.

srouce:
http://www.secpoint.com/types-of-hacker.html

White Hat: A white hat hacker is someone who has non-malicious intent whenever he breaks into security systems and whatnot. In fact, a large number of white hat hackers are security experts themselves who want to push the boundaries of their own IT security ciphers and shields or even penetration testers specifically hired to test out how vulnerable or impenetrable (at the time) a present protective setup currently is. A white hat that does vulnerability assessments and penetration tests is also known as an ethical hacker.

Read more: http://www.secpoint.com/types-of-hacker.html#ixzz2DTrHwaqC

Is there a Definition to Hacktivism?

     Hacktivism on it's own is a very hard term to define. The written definition according to Wikipedia is "Hacktivism is the use of computers and computer networks as a means of protest to promote political ends." 

    However, the FBI say that they do not have a concrete definition for Hacktivism. As we take a look into the future of Hacktivism, we have no clue where it is heading. All we know is that the concept is endless, there are no borders, and with information expanding and networks getting bigger there is only more motivation for Hacktivist's to do what they do. 

    The FBI maybe doesn't have a definition on the term Hacktivism because they don't want Hacktivist's to know what is legal or illegal. With a term as broad as Hacktivism maybe the FBI finds it important to disclose as much information and Hacktivist's groups do (which is not much). In order to catch a Hacktivist's, maybe its important to think like one and act like them. 
     

Hacktivism in Pop Culture: Occupy Unmasked

Occupy Unmasked - The Occupy Movement and Hacktivism 

In relation to the previous blog post about the movie We Are Legion, here is another movie that deals with some significant events relating Hacktivism and specific movements like the "Occupy Movement". This movie is quite intense, and does a great job of showing the impacts of Hacktivism and Activism. 

In this movie there is a strong relation to Anonymous as they have become essentially the symbol of any activist or protest movement. This mainly must be because of the mask that they wear and its history and significance. 

This movie did not get as good of a review as We are Legion did, and this movie exaggerates some of the key points a lot more than We are Legion did. What makes this movie quite significant is that is displays and explains information that would have never made available to the general public. There is lots of information in the movie that would never have surfaced without the making of this movie. Between this movie and We are Legion, there is a lot to learn about the subject of Hacktivism. Below is a quick synopsis of the movie to go along with the trailer; 

"While the Liberal establishment and mainstream media portray the Occupy Wall Street movement as organic and nonviolent, Occupy Unmasked reveals the sinister, organized, and highly orchestrated nature of its leaders and their number one goal: Not just to change government, but to destroy it. Led by hugely influential conservative visionary, the late Andrew Breitbart, Occupy Unmasked delves deep beneath the surface of the Occupy movement to show its dark anarchist roots. Behind the largely naïve students and legitimately concerned citizens looking for answers stand those who advocate the use of violence, black bloc operations, and intimidation as protest tactics - the same tactics they used during the anti-war protests of the 1960's, anti-nuclear weapons protests of the 80's, WTO protests of the 90's, and the IMF protests of recent years. -- (C) Official Site"

Sources:

http://www.rottentomatoes.com/m/771314092/

- DR

How do the General Public feel about Hacktivism?

     There are many different views on Hacktivism, whether it is good or bad. There are many different standpoints one can take. Unless you are a Hacktivist, odds are you have not put much thought into what you believe, or even know what Hacktivism entails. 

     Hacktivist's can expose information from Governments or Businesses that would never be exposed without their work. This can be both a positive and a negative aspect of Hacktivism. 

     If there was information exposed to you which contained valuable and confidential information which can benefit you or anybody close to you, would you take the information? Would you ignore this information in order to not partake in illegal activities?

     How do you feel about Hacktivism? Does it effect your life in a positive or a negative way? Have you ever been effected? 

     It is easy to say that Governments and Businesses are against Hacktivism, but how does the general public feel about this topic. In the networked world we live in, is Hacktivism such a bad thing?

- Daniel Rankin

Hacktivisim Tools

As its known to everyone that one of the hacktivst main objective is fighting corruption by exposing personal information about the exposed people but how can they do that without even meeting their targets in person .

Hacking personal emails is one of the tools that hackvist use get personal information special unofficial emails or the emails under alias names where people feel comfortable putting a lot of their personal information because they think that know one knows about it. this what happened with Syrian presented when alias email account was hacked by Anonymous. they posting his personal emails online reviling personal  and political information.

another tool that hacktivist use to expose corrupt companies and personal is facebook. where most people think that it is safe to share every aspect of there life on facebook without knowing nothing is safe once it get posted on the network.

source :

http://blogs.villagevoice.com/runninscared/2012/02/bashar_assad_syrian_president_email_hacked.php
http://www.v3.co.uk/v3-uk/news/2166822/facebook-tool-hacktivist-shaming
 

Anonymous Hacks a School

Recently, I have been writing a lot of content about the hacktivism group Anonymous. I find them incredibly fascinating and find myself always having this internal battle asking myself if what they are doing is right. I recently located an article talking about how the group recently targeted a school to hack its official website.

Northside Indepedent School District, located in San Antonio. The school recently announced that they were going to force all students within their school district to carry Radio Frequency Identification Chips (RFID) on them at all times so that they  schools can tract students for more accurate attendance figures. At first, the idea seemed like a good one until I learned the underlying issue of why they were doing this. According to their website, the school will receive more funding in future school years if they can demonstrate a superb attendance record among their students. In other words, they are using these chips to track and punish the students who skip school so they can receive more funding in the future.

Anonymous, among others, found the schools actions unethical and took down the school districts website so nobody could benefit from their services. Through their Twitter account the hacktivism group tweeted, “DOWN AND OUT – Boom, track my *ss like you track children you pervs."

On this issue, I agree 100% with what Anonymous did. I believe the school boards actions were unethical and took advantage of their students. 

Network Data Sniffing

Today i will be talking about network sniffing. so how hard do you  think stealing any data that are being transmitted via a wired or wireless network ?

well the answer is not that hard for the people who are already in the same network. we you see there is something called data sniffing, yup sniffing. data sniffing is the process of capturing the unencrypted  that being sent and received in the network and any one with the right tools " which can be easily downloaded and installed" can sniff and capture the data in the network. Cain&Able is a famous program that free and can be insalled and used so easily and being used by  a lot of people for data sniffling.

so if that that easy to do how can protect my data ?

•  never share or access sensitive on a public network unless its encrypted.

• secure your personal wireless network with a password to prevent unwanted user to use it.
• try  using secured VPN whenever  possible.
• enable your internet browser security setting to use SSL connecting to grantee the data encryption.

This was a small blog about data sniffing and some basic tips on how to avoid being sniffed .
  

Anonymous Attacks Israeli Websites and Databases

Last week, Israel declared that they were launching "Operation Pillar of Defense" as retaliation against Palestinian political group Hamas for launching hundreds of missiles into Israeli communities. Israel aimed to destroy the infrastructure in the Gaza strip so that Hamas was unable to launch any further rockets. The region has been in turmoil for quite sometime, battling over area, religion and just about anything else.

In my previous post, I gave a brief overview of one of the most notable hacktivism groups that exists Anonymous. The group decided to get into the action on November 17th, siding with the Palestinian groups and hacking numerous Israeli websites. The group called the conflict, "barbaric, brutal and despicable treatment of the Palestinian people". The group attacked a number of Israeli websites, including Israel's Foreign Ministry and the municipal Website for Tel Aviv, one of Israels largest cities. The group has also deleted the databases of the Israel Ministry of Foreign Affairs and Bank of Jerusalem, in addition to leaking email address and passwords for other sites. 

I find it interesting that Anonymous chose to take such a one-sided stance on such a controversial topic. In the past, we have seen the group hack websites and databases for political groups that have little to no support from the rest of the world, thus it is easy to side with what they have done. However, in this situation there is no "bad guy". Both groups are at fault for the conflict that is occurring and there is no majority leader in terms of popularity. By siding with the Palestinian side, Anonymous has made it very clear who they support in the conflict and surely lost thousands of Israeli supporters in the process. 

Why Should Governments Spend Money on Cyber Security?

As everybody knows, internet security is very important from an individual and organizational prospective. Therefore, a lot if individual user spend money to insure that their devices or networks are secure by buying and installing antivirus software or soft firewall and some times hard firewall just to try and prevent any unwanted hackers from stealing or viewing their personal data. But of course that is nothing comparing to what organizations spend eon their cyber security systems. The Canadian government announced recently that it has spent  around 155 million over the past 5 years to improve the government cyber security , which i am sure some people believe is more than enough or over spending. well , let me tell you that its not even enough .on Oct 2011 the British  government announced that they have interrupted cyber criminal operation that was trading 1 million stolen identity  preventing around 300 million credit and debt fraud, they also reported a significant but unsuccessful cyber attack attempt on the Foreign Office and other government departments , which could have led to a lot of sensitive information being leaks .so guess how much the British government  planing to spend on their cyber security for the next 4 years?  , £650 Million all this is just to try and enhance their cyber security and prevent any information leakage though their network.another cyber attack example is what happened to the Swedish government and Armed Forces website recently by being attack by a DDoS bringing down these websites for couples of  hours. These were just some example of many cyber attacks on governments' departments and websites that can happen  or even happening right now. plus cyber attacks can be used by governments to attack other governments important companies and institutions to effect their economy or delay some operations . A good example is the attack on the Nuclear program system in Iran which is suspected to be a government or collaboration between governments to delay that project at the time. so as you see spending a lot of money on cyber security is very important maybe as important as spending money of physical defenses because cyber security protect the government's information which can easily effect the economy of the country and the safety of its citizens .

Diaa  



sources :

http://www.guardian.co.uk/technology/2011/oct/31/cyber-attacks-uk-disturbing-gchq
http://www.publicsafety.gc.ca/media/nr/2012/nr20121017-eng.aspx
http://www.aljazeera.com/news/europe/2012/09/201293182411421975.html