The world of hacking is not what we see it in the cinema or on television. It is very difficult, if not impossible, that, as in one of the best thrillers or detective stories, the good guys find themselves fighting with a keystroke with the cybercriminal on duty who tries to hack a computer system. Yet, this is the collective imagination of the hacker: a hooded person dressed in black who tries to "pierce" the systems of large companies and governments, in real time, from behind a screen, and then steals computer data and disappears into the Dark. Web. In reality, hacker attacks are much less interesting than the cinema leads us to believe.
Before landing the actual attack, the malefactor will launch penetration tests to verify the type of network, software and devices in use, looking for security holes that can be exploited to sneak into a PC or server without be discovered.
Even the counter-hacking seen in the movies is completely unrealistic: online security teams work to ensure that systems are constantly monitored so that they are properly configured and updated with the latest security patches. And if a hacker attack is detected, they first look for its access point, in order to close the flaw so that it cannot be reused. Then, the team checks the damage caused, any data loss and related troubles in reference to the privacy legislation and solves the problems found. To defend yourself, therefore, you need to know how hackers work and operate and what are the main types of attacks they carry out.
Hacking: what it is and how it works
In order to understand how hackers operate, we must first of all understand what hacking is, that is, all those activities that aim to compromise online security and the use of devices such as computers, smartphones, tablets, servers and networks. Hackers are therefore computer and network security experts, who are divided into "black hat", those who use their computer skills for illicit purposes, and "white hat", which instead help to identify security holes and develop patches that can solve them.
Over the years, however, the term hacking has been associated above all with illicit computer activities, referring to cybercriminals who carry out attacks to obtain an economic return, steal information and sensitive data, often to carry out a sort of protest or perhaps, something typical especially of the most young people, to have fun hacking into a server or a database or even for the simple thrill of challenging the authorities.
Hacker attacks are increasingly complex and nowadays they are often also based on social engineering, i.e. when a phishing attack tricks a user into clicking on a link or opening an attachment with a virus, or on malvertising, that is those online advertisements that spread malware on users' devices. Or even on ransomware attacks, following which the victim's PC or smartphone is held "hostage" by the hacker and the data contained in them is encrypted, and therefore made unavailable, being able to be recovered only by paying a ransom, often in currency. virtual like Bitcoins. The world of hacking generates a billion dollar market today.
Offers FASTWEBFastwebNeXXt Mobile7.95 € per month until 09/01 90 GB 4 GB in EU and Switzerland Unlimited MIN 500 min in EU and Switzerland Discover our MOBILE offer without restrictions and without hidden costsmoreWhen a user downloads a malware after opening a file from a suspicious e-mail, or loses his credit card details after entering them in a form on a web page he has reached by following a malicious link, what he must to know is that on the other side of his screen there isn't a hooded hacker ready to trick him in real time. The person who launched the hacker attack is like a fisherman casting his net, letting the water run and coming back later to see what (or, in the case of cybercriminals, who) got entangled.
Hackers: why they attack
If attacks by cyber experts (ie those of the "white hat" type) help to increase the online security of systems and devices, the reasons for carrying out an attack with illicit purposes are different. They range from the possibility of obtaining an illicit gain, stealing credit card data or violating banking systems, up to corporate espionage, where confidential information and industrial secrets of companies are stolen to gain an advantage on the market.
There are also young hackers who leave their signature and hack complex systems for the sake of business, while hacktivists violate computer systems to promote a cause, be it political or social, such as the Anonymous collective or WikiLeaks. Finally, there is the hacking of states, which hunt for government secrets (especially military information) and other sensitive data to gain an advantage in the international geopolitical balance.
How Hackers Work: CTF Challenges and Contests
To understand how cybercriminals operate, there are some very legal ways to see a hacker at work. Every year real events are organized, such as hackatons, where cyber security experts come together to challenge each other, testing their programming skills, exploitation of vulnerabilities and reverse engineering. These are real challenges, where hackers, alone or in teams, have to win challenges, perhaps accumulating points, in an attempt to violate systems or look for holes in the security of devices.
CTF competitions generally include two types of tests. The first is to successfully penetrate certain computer systems whose defenses are disabled, thus searching for holes and bugs from which to find an entry point. The second type, much more fun, sees two teams engaged in a clash: one team launches penetration tests on a target, while the other tries to deflect attacks in real time. Challenges of this second type are certainly reminiscent of scenes from a movie, but there is one thing to remember: contests are games. Hacking in real life has much longer times and much more complex dynamics than those that the cinema shows us.