Information Technology Reference
In-Depth Information
systems, supporting criminal enterprises and politically motivated attacks on corpora-
tions and governments around the world.
This chapter focuses on threats to computer and network security. We begin our
survey with examples of individuals using cunning or skill to gain unauthorized access
into computer systems.
Today people associate the word “hacking” with computers, but it didn't start out that
way.
In its original meaning, a
hacker
was an explorer, a risk taker, someone who was try-
ing to make a system do something it had never done before. Hackers in this sense of
the word abounded at MIT's Tech Model Railroad Club in the 1950s and 1960s. The
club constructed and continuously improved an enormous HO-scale model train layout.
Members of the Signals and Power Subcommittee built an elaborate electronic switch-
ing system to control the movement of the trains. Wearing chino pants, short-sleeved
shirts, and pocket protectors, the most dedicated members would drink vast quantities
of Coca-Cola and stay up all night to improve the system. To them, a “hack” was a newly
constructed piece of equipment that not only served a useful purpose but also demon-
strated its creator's technical virtuosity. Calling someone a hacker was a sign of respect;
hackers wore the label with pride.
In 1959, after taking a newly created course in computer programming, some of the
hackers shifted their attention from model trains to electronic computers [1]. The term
“hacker” came to mean a “person who delights in having an intimate understanding of
the internal workings of a system, computers and networks in particular” [2].
In the 1983 movie
WarGames
, a teenager breaks into a military computer and nearly
causes a nuclear Armageddon. After seeing the movie, a lot of teenagers were excited at
the thought that they could prowl cyberspace with a home computer and a modem.
A few of them became highly proficient at breaking into government and corporate
computer networks. These actions helped change the everyday meaning of the word
“hacker.”
Today hackers are people who gain unauthorized access to computers and computer
networks. An example of this use of the word is a story in
Computerworld
describing how
hackers broke into the Web site of
USA Today
on July 11, 2002, and inserted fabricated
news stories [3].
Typically, you need a login name and password to access a computer system. Some-
times a hacker can guess a valid login name/password combination, particularly when
system administrators allow users to choose short passwords or passwords that appear
in a dictionary.
Three other low-tech techniques for obtaining login names and passwords are
eavesdropping, dumpster diving, and social engineering. Eavesdropping, such as simply
