- Why are hackers interested in my computer?
- How do hackers get into a computer system?
- What exactly happens when someone hacks into a computer system?
- How do I know whether I as an individual have been affected by a hacking incident?
- How often should I change my password?
- What's a good/bad password?
- What harm can a hacker do to me (and others)?
- Could I be held responsible for anything?
- What are my points of exposure?
- How do I report a security incident?
Why are hackers interested in my computer?So you think that your computer doesn't have anything a hacker would be interested in like credit card numbers, SSN's national defense or Trade secrets, nothing that a hacker could find useful. Does this mean that your computer won't be a target? Unfortunately NO. Even if there is nothing that a hacker might find directly useful, your computer can still be a target for several reasons:
- SHU University has a very high speed network. A hacker who gets access to a computer on our network can use that computer to launch denial of service (DoS) attacks from our network. Sophisticated Bot-net attacks are typically started like this and are growing at a rapid pace.
- Hackers will make use of our systems to hack into other systems. By establishing a long chain of computers which the hacker has access to, the hacker can attack a commercial, government or military site without being caught. For example, if the hacker attacks a military computer, the military will see the attack from computer A, the owners of computer A might look and see that they were hacked by computer B, the owners of computer B were hacked from computer C, and so on. If any computer along the way cannot establish where they were broken in from, the authorities will be unable to track the hacker back to his home computer.
- Another common motivation for hacking into a computer system is to set up services on the system (such as IRC, P2P servers) for the individual's own use. By stealing resources in this way, the hacker does not affect any one particular user, but degrades service in a way that affects the system as a whole and by extension all users.
How do hackers get into a computer system?Hackers can get into a computer system by exploiting a vulnerability or weakness or hole in the computer's operating system. Very often this activity begins by either logging into the target system using the stolen user id and password of a legitimate user, or by using software vulnerabilities to take control of the computer.
What exactly happens when someone hacks into a computer system?The most common thing hackers do is collect user ids and passwords, either those stored on disk, or as they travel across the network. These are valuable to them not only as a means of entering a system, but also to trade with other hackers.
The most common method of operation for a hacker is the following:
- Scan the Network for vulnerable systems.
- Start "sniffing" the network to find user id's/password
- Gain access to the system as a normal user. (sometimes the hackers will jump straight to step 3)
- Use the user access to gain privileged access as the administrator of the computer.
- Grab the password file
- Start "sniffing" the network to find passwords
- Clean up by deleting or changing logs that would show how they got in
- Change system programs to help hide the fact that they are using your computer
- Proceed with their other objectives: hacking new systems or starting a denial of service attack or starting up a new server (like IRC/P2P) on the computer, etc.
How often should I change my password?
The University has a Password Policy which sets the standards for creating a password as well as the expiration rules for all members of the University community. Read the policy »
- Avoid names or words found in the dictionary.
- Use a combination of special characters, numbers and letters.
- Include a non-alphanumeric character (such as #, @, or $) in the middle of the password.
- Use ten characters or more.
Don't forget that Passwords are case sensitive (for example, "ABC" is different from "abc").
What harm can a hacker do to me (and others)?There are three primary ways a hacker with access to your account can cause trouble:
- by tampering with the data in your directory;
- by impersonating you (sending e-mail that appears to have been sent by you, logging into systems to which you have access, etc.);
- by attacking other computer systems from your account or computer.
These activities can range from the nuisance level to something much more serious. You definitely want to do all you can to avoid letting anyone access your account.
Could I be held responsible for anything?Potentially, yes. Don't panic, but do be cautious.
What are my points of exposure?
- Local system weakness
if the Laptop, PC, Departmental Server or local area network you're using to connect is improperly installed secured or administered, you could be exposed.
- Exposed password
When you log into your account insecurely, for example an Application or web site does not use SSL then the user id and password you type may be transmitted over the wires in "clear text," that is, text that is not encrypted. Someone could use sniffing tools to see and collect this information.
- Downloading and executing software from the Internet
one of the ways hackers collect user ids and passwords is by distributing software that collects this information for them. Similar to a computer virus, you could unknowingly install one of these insidious programs if you're not careful.
As a general rule, you should never execute software about which you are uncertain. This includes software that you have received as an e-mail attachment from someone you don't know or that you've downloaded from an Internet site you don't know and trust.