Tuesday, April 01, 2014

Global Knowledge offers white paper on "Hackers, Hacking and CEHv8" (certified ethical hacking)

Tech Republic has offered a download to a 16-page whitepaper by “Global Knowledge” (link), titled “Hackers, Hacking and CEHv8”,  by Bob Withers, in the “Expert Reference Series of White Papers”.
The “CEH” acronym means “certified ethical hacker”.  Maybe that will be a question on Millionaire. Obviously, that’s an important concept in the paper.  There is actually an exam for “certified ethical hackers”, and we are now up to version 8. Courses are offered by the Virtual Training Company (link).  

Some of the main categories of hackers include “The Script Kiddie, the cyber-criminal, the cyber-spy, the cyber-terrorist, and the hacktivist”. 

Many attacks targeted at high-profiles websites are distributed denial of service attacks, using botnets and zombie computers.  Some attempt to deface the sites, but this is less common.  I had such a defacement in April 2002 of an essay describing the 9/11 terror threat, in a section dealing specifically with suitcase nukes, taken from my second “Do Ask, Do Tell” book, later published at the end of 2002. The hack spilled over onto one other essay on the workplace, probably by accident.  Since I had my own backups, it was easy to restore, and the incident has not recurred.  But one wonders what the motive of such an attack could have been, 

Withers characterizes a lot of hacking as happening “because we can” or “just for the fun of it”, like compulsive or impulsive behavior known to forensic psychiatrists.  The attitude is that we live in a competitive, brutal world and that bullying is the only way to go, so get used to it.

One of the most dangerous ideas could be framing someone, by placing illegal content on their site, or by wardriving a router (the latter is getting better known now by law enforcement, finally).  Likewise, there are a few particularly malicious ransomware attacks that actually have been known to place child pornography on a home computer (Sept. 23, 2013).  Webmasters should always remain in touch with what is on their sites with random security and content checks, and home and small business users should to the same with their installations.    

No comments: