Professional Documents
Culture Documents
GROUP ASSIGNMENT # 1
Title: Hacking
Submitted By:
Section: D
Subject: BBA
Submission Date
27-January-2014
Submitted To:
Miss. Saba Mustafa
1 | Page
Hacking/ Table of contents
TABLE OF CONTENTS
Acknowledgement...................................................................................................4
Hacking:............................................................................................................................5
History of Hacking:................................................................................................5
Phase1: 1960s to 1970s:...............................5
Phase2: 1970s to 1990s:...............................6
Phase3: 1990s to Present...............................6
Types of Hacking:....................................................................................................8
Website Hacking.............................................8
Network Hacking.............................................8
Ethical Hacking...............................................9
Email Hacking...............................................10
Password Hacking.........................................11
Online Banking Hacking................................11
Computer Hacking........................................12
Most renowned hacking attacks..............................................................14
2 | Page
Hacking/ Table of Figures
TABLE OF FIGURE
Figure 1..............................................................................5
Figure 2..............................................................................8
Figure 3..............................................................................9
Figure 4..............................................................................9
Figure 5............................................................................10
Figure 6............................................................................11
Figure 7............................................................................12
Figure 8............................................................................13
Figure 9............................................................................14
Figure 10..........................................................................14
Figure 11..........................................................................14
Figure 12..........................................................................15
Figure 13..........................................................................15
Figure 14..........................................................................15
Figure 15..........................................................................16
Figure 16..........................................................................16
Figure 17..........................................................................17
Figure 18..........................................................................17
3 | Page
Hacking/ Acknowledgment
Acknowledgement
We think if any of us honestly reflects on who we are, how we got here, what we think we
might do well, and so forth, we discover a debt to others that spans written history. We believe
it's appropriate to acknowledge all of the persons, who helped us during our project and
provide us useful information accordingly.
First of all, we are thankful to Almighty Allah, who has given us the strength, knowledge and
perseverance to complete this project successfully. We also want to thanks to our parents, who
really work hard for us. Their dedication to our lives makes us capable to perform our work
better.
We would like expressing our sincere gratitude to Miss. Saba Mustafa, for his valuable
guidance, constructive comments and continuous encouragement throughout our project.
4 | Page
Hacking/ History
Hacking:
The process of attempting to gain or successfully gaining, unauthorized access to computer resources
is called hacking.
Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of
the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted
hacking as a lifestyle and philosophy of their choice, is called a hacker.
History of Hacking:
Figure 1
History of hacking is in three phases. Description is under below.
In early 1960s university facilities with huge mainframe computers like MIT's artificial intelligence
lab, become staging grounds for hackers. At first "hacker" was a positive term for a person with a mastery of
computers who could push programs beyond what they were designed to do.
John Draper makes a long-distance call for free by blowing a precise tone into a telephone that tells
the phone system to open a line. Draper discovered the whistle as a give-away in a box of children's cereal.
Draper, who later earns the handle "Captain Crunch," is arrested repeatedly for phone tampering throughout
the 1970s.
5 | Page
Hacking/ History
Two members of Californias Homebrew Computer Club begin making "blue boxes" devices used to
hack into the phone system. The members, who adopt handles "Berkeley Blue" (Steve Jobs) and Steve
Wozniak later go on to found Apple Computer.
In early 1980s one of the first arrests of hackers the FBI busts the Milwaukee-based 414s (named after
the local area code) after members are accused of 60 computer break-ins ranging from Memorial Sloan-
Kettering Cancer Center to Los Alamos National Laboratory.
In late 1980s veteran hacker Kevin Mitnick secretly monitors the e-mail of MCI and Digital
Equipment security officials. He is convicted of damaging computers and stealing software and is sentenced
to one year in prison. First National Bank of Chicago is the victim of a $70-millioncomputer heist.
In early 1990s Lee Poulsen ("Dark Dante"), hack the military documents. Hackers break into Griffith
Air Force Base, and then hack computers at NASA and the Korean Atomic Research Institute. In late 1990s
hackers break into and deface federal Web sites, including the U.S. Department of Justice, U.S. Air Force,
CIA, NASA and others. A Canadian hacker group called the Brotherhood, angry at hackers being falsely
accused of electronically stalking a Canadian family, breaks into the Canadian Broadcasting Corp. Web site
and leave message: "The media are liars."
In January 1998, the federal Bureau of Labor Statistics is inundated for days with hundreds of
thousands of fake information requests, a hacker attack called "spamming." Hackers break into United
Nation's Children Fund Web site, threatening a "holocaust" if Kevin Mitnick is not freed. Hackers claim to
have broken into a Pentagon network and stolen software for a military satellite system. They threaten to sell
the software to terrorists. The U.S. Justice Department unveils National Infrastructure Protection
Center, which is given a mission to protect the nation's telecommunications, technology and transportation
systems from hackers. Hacker group L0pht, in testimony before Congress, warns it could shut down
nationwide access to the Internet in less than 30 minutes. The group urges stronger security measures.
In 15 January 2000, old Raphael Gray steals over 23,000 credit card numbers from 8 small companies.
In February 2000, the first major distributed-denial of service attack (D.DoS) responsible for crippling some
6 | Page
Hacking/ History
of the internet's most popular websites was executed by the hands of a Canadian citizen not old enough to
drive.
In 1 February 2001, Hackers invade World Economic Forum. The compromised data included credit
card numbers, personal cell phone numbers and information concerning passports and travel arrangements for
a number of government and business leaders. Among the notable victims whose personal information was
pilfered were Microsoft chairman Bill Gates, Palestinian Authority chairman Yasser Arafat, U.N. Secretary-
General Kofi Annan, former U.S. Secretary of State Madeline Albright and former Israeli Prime Minister
Shimon Peres.
In February 2002, Adrian Lamo is making headlines these days for being the hacker Pfc. Bradley
Manning confessed to after leaking 400,000 stolen diplomatic cables to Wiki leaks. "The Homeless Hacker
was better known for hacking into the servers of companies like the New York Times from Kinko's shops and
Starbucks cafes.
On February 8, 2013, the media reported another incident of a compromised email, this time from
former United States president George H W Bush. It is reported that the hacker stole photographs and
personal emails which included addresses and personal details of several members of the Bush family. Email
archives from the Climatic Research Unit were leaked to create the scandal popularly known as Climate gate.
Journalists employed by News International hacked email accounts of celebrities in search of gossip and
scandal for their stories. Individuals such as Rowenna Davis have had their accounts taken over and held to
ransom by criminals who try to extort payment for their return. The email accounts of politicians such as
Sarah Palin have been hacked to try to find embarrassing or incriminating correspondence.
7 | Page
Hacking/ Types of Hacking
Types of Hacking:
There are seven types of hacking. There name and description are under below.
Website Hacking
Network Hacking
Ethical Hacking
Email Hacking
Password Hacking
Online Banking Hacking
Computer Hacking
Website Hacking
Network Hacking
Network hacking is generally means gathering information about domain by using tools
like Telnet, Ns look up, Pring, Tracert, Netstat etc over the network. Hacking on computer networks is often
8 | Page
Hacking/ Types of Hacking
done through scripts or other network programming. These programs generally manipulate data passing
through a network connection in ways designed to obtain more information about how the target system
works. Many such pre-packaged scripts are posted on the Internet for anyone, typically entry-level hackers, to
use. More advanced hackers may study and modify these scripts to develop new methods. A few highly
skilled hackers work for commercial firms with the job to protect that company's software and data from
outside hacking. The IP address gives the attackers Internet address. The numerical address like
212.214.172.81 does not reveal much. You can use PING to convert the address into a domain name in
WINDOWS: The Domain Name Service (DNS) protocol reveals the matching domain name. PING stands for
Packet Internet Groper.
Ethical Hacking
Figure 3
9 | Page
Hacking/ Types of Hacking
Ethical hacking is where a person hacks to find weaknesses and in a system and then usually patches
them. An ethical hacker is a computer and network expert who attacks a security system on behalf of its
owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers
use the same methods as their less principled
counterparts, but report problems instead of
taking advantage of them. Ethical hacking is also
known as penetration testing, intrusion testing and red
teaming. An ethical hacker is sometimes called a
white hat, a term that comes from old Western
movies, where the "good guy" wore a white hat
and the "bad guy" wore a black hat. Ethical
hacking and ethical hacker are terms that describe
hacking performed to help a company or
Figure 4
individual identify potential threats on the computer or network. An ethical hacker attempts to hack their way
past the system security, finding any weak points in the security that could be exploited by other hackers. The
organization uses what the ethical hacker finds to improve the system security, in an effort to minimize, if not
eliminate any potential hacker attacks.
Email Hacking
Email hacking is illicit access to an email account or email correspondence. Electronic mail (email) is
a widely used communication mechanism that can be categorized into two basic types of web-based service:
an open web-based email service and a closed web-based service. The first category provides web-based
email accounts to anyone for free or at a fee. The second category provides email accounts that are managed
by organizations for employees, students, and members only. Commercial and social websites rely on the
security of email accounts. Large amounts of email exchanges are occurring daily, some of which contain
personal information, company secrets, and sensitive information. This makes email accounts very valuable
and becomes one of the main causes of email hacking. As rules that govern unsolicited emails tighten,
spammers attempt to find new ways around them. Attackers often send massive email broadcasts with a
hidden or misleading incoming IP address and email address. Some users may open the spam, read it, and
possibly be tempted by whatever wares or schemes are offered. If the spammer were to get a hold of a
companys sending email and IP address, the impact on the company's business would be devastating. Some
emails incorporate a virus as a means of transportation. The So big virus is an example of such technology,
10 | P a g e
Hacking/ Types of Hacking
creating a spamming infrastructure by taking over unwilling participants P.C. This was a major threat to email
security as spam will continue to spread and trigger dangerous viruses for malicious internet.
Password Hacking
Password hacking and password cracking is the process of recovering secret passwords from data that
has been stored in or transmitted by a computer system. Password hacking can help a legitimate user retrieve a
forgotten password. System administrators may use password hacking as a preventive tactic, to check for
easily hacked passwords in order to modify them for increased security. Unauthorized users hack passwords
to gain access to a secure system. Guessing and brute force are two methods used to hack passwords.
Individuals with knowledge of the password owner's personal information may guess at the password and
choose possibilities
based on that owner's
date of birth, pet,
relative or other
information.
The brute force method
involves attempting to
input every Figure 5 possible
password combination to retrieve a password. This is most effective if the hacker knows the password hash
function, or algorithm, or mathematical computation, used to encrypt, or code, password data. The time to
crack a password is related to bit strength which is a measure of the password's information entropy. Most
methods of password cracking require the computer to produce many candidate passwords, each of which is
checked. One example is brute-force cracking, in which a computer tries every possible key or password until
it succeeds. More common methods of password cracking such as dictionary attacks, pattern checking, word
list substitution etc attempt to reduce the number of trials required and will usually be attempted before brute
force. Higher password bit strength increases exponentially the number of candidate passwords that must be
11 | P a g e
Hacking/ Types of Hacking
checked, on average, to recover the password and reduces the likelihood that the password will be found in
any cracking dictionary.
Online banking hacking unauthorized accessing banks accounts without knowing the password or
without permission of account holder is known as online banking hacking. E-banking is an interesting target
for attackers. The easiest way of stealing money in e-banking is to attack
its weakest point of the client. In online hacking hacker break the control
of bank on his customer account and can easily stolen the amount. In
online hacking hacker can transfer someone amount to their account. It
also gets the personal detail of the client his phone number, postal
address and his bank statement or many other thinks. In Pakistan Official
website of Habib Bank Limited the largest bank of Pakistan hacked when
a hacker called Xploiter hacked the website and leaked the databases of Figure 6
the website and posted credentials online. Hacker hacked the section of online banking but unfortunately
hackers are not succeeding in getting information of client.
Computer Hacking
Computer hacking is most common among teenagers and young adults, although there are many older
hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work
and consider computer hacking an art form. They often enjoy programming and have expert-level skills in
one particular program. For these individuals, computer hacking is a real life application of their problem-
solving skills. Its a chance to demonstrate their abilities, not an opportunity to harm others.
12 | P a g e
Hacking/ Types of Hacking
Since a large number of hackers are self-taught prodigies, some corporations actually employ
computer hackers as part of their technical support staff. These individuals use their skills to find flaws in the
companys security system so that the y can be repaired quickly. In many cases, this type of computer hacking
helps prevent identity theft and other serious computer-related crimes.
Computer hacking can also lead to other constructive technological developments, since many of the skills
developed from hacking apply to more mainstream pursuits. For example, former hackers Dennis Ritchie and
Ken Thompson went on to create the UNIX operating system in the 1970s. This system had a huge impact on
the development of Linux, a free UNIX-like operating system. Shawn fanning, the creator of Napster, is
another hacker well known for his accomplishments outside of computer hacking.
Figure 8
13 | P a g e
Hacking/ Most renowned hacking attacks
Jonathan James is one of historys all-time most infamous computer hackers who, in
1999, broke into military computers at the Defense Threat Reduction Agency and
intercepted thousands of confidential messages, log-in information, and $1.7 million
software that controlled the living environment on the International Space Station. Once
detected, his breach led NASA to shutdown their network for three weeks that fall, costing thousands of
14 | P a g e
Hacking/ Most renowned hacking attacks
dollars in security upgrades. In 2007, James committed suicide. In his suicide note, he denied having anything
to do with a recent spate of computer takes that he was being investigated for.
4) February, 2000: Mafiaboy Vs. Yahoo, CNN, eBay, Dell, & Amazon Figure 11
the servers of CNN, eBay, Dell, and Amazon in a wave of highly publicized attacks that were the first to show
the world how easily one kid can knockout major websites. Michael was ultimately picked up by Canadian
police while watching Goodfellas, allegedly and pleads guilty for hacking. He faced 3 years, but was
sentenced to eight months in a juvenile detention center and forced to donate $250 to charity.
Adrian Lamo is making headlines these days for being the hacker Pfc.
Bradley M anning confessed to after leaking 400,000 stolen diplomatic
cables to Wiki leaks. But before this summer Lamo "The Homeless
Hacker" was better known for hacking into the servers of companies
like the New York Times from Kinko's shops and Starbucks cafes. In
Figure 13
February 2002, having snuck inside the Grey Lady's database, Lamo
added his name to a list of Op-Ed contributors, spent endless hours searching himself on Lexis-Nexis 3,000
searches in 3 months a "serious offense" per the Times. The FBI claimed the Lexis-Nexis searches cost the
Times $300,000 and Lamo faced 15 years in jail for the breach. In the end, Lamo was sentenced to two years
probation, 6 months home detention and ordered to pay $65,000.
15 | P a g e
Figure 14
Hacking/ Most renowned hacking attacks
If there's one word that causes shudders in internet security circles, it's
Conficker. Sta rting in late-2008, the Conficker worm exploited vulnerabilities
in a number of Microsoft operating systems. Once it takes over an infected
machine, it links unwilling computers together into a massive boot net that can
be controlled by its authors, whomever, and wherever, they are. Since its first
detection, Conficker has infected millions of computers and business networks
in countries around the world, as authorities struggle to identify its authors some say they may be military and
stamp out the threat.
For three days in July, 2009, the web sites of South Koreans
largest daily newspaper, a large-scale online auction house, a bank,
the countrys president, the White House, the Pentagon and U.S.
Forces Korea to name a few came under D.DoS attack as upwards of Figure 15
166,000 computers in a botnet unleashed wave after wave after wave of a data-powered onslaught. Some
believed operatives at North Koreas telecommunications ministry were to blame, using a backdoor for the
infamous My-doom worm of 2004, but this has never been proven.
24.6 million SOE accounts, as well as some of the data from an outdated database from 2007. This database
includes approximately 12,700 non-U.S. credit or debit card numbers and expiration dates (but not credit card
security codes), and about 10,700 direct debit records of some customers in Austria, Germany, the
Netherlands and Spain
16 | P a g e
Hacking/ Most renowned hacking attacks
9) January, 2012: YamaTough Vs. Symantec
The firm acknowledged that a portion of its source code was obtained
from a third party but said that would not affect Norton antivirus users.
Figure 17
The hack came from a hacker known as YamaTough, who then went on to
release the source code he had accessed.
YamaTough said he had tricked Symantec into offering him a bribe so that he could humiliate them.
17 | P a g e