NORMAN — Last week, we looked at the origin of the word “hacker” and how most people have come to equate it with “computer criminal.”
Even with that knowledge, though, they still don’t know what these bad-guy hackers actually do. How do hackers “hack” something? Do they use hatchets, swords or what?
When you hear about a computer, or some company’s network, or a website being “hacked,” that generally refers to the behavior of a computer or computers being changed from what the owners originally intended.
For example, what was originally an online email sign-in page is “hacked” into being a sign-in page that also steals user IDs and passwords and sends them off to bad-guy headquarters.
Similarly, if you heard anything about the great Target hack of 2013, which occurred between Thanksgiving and Christmas, you heard that millions of credit card accounts had been stolen by hackers. What was originally Target’s credit card processing system was hacked into one that also copied credit card information and sent it to the hackers so they could steal money.
You also may recall that last week, the Microsoft Office blog website and CNN’s Security Clearance websites were hacked by the Syrian Electronic Army, a Middle-east hacker group that has been active for about three years.
In the past, the group also has hacked The Associated Press and the Washington Post, as well as messing with links posted to President Obama’s official Twitter account. In each case, the original messages displayed were hacked into something that suited the Syrian Electronic Army’s agenda.
How do hackers do their dirty deeds? How do they change something from its originally intended purpose into something else?
It’s not done by magic, or by furiously typing endless lines of crazy-looking computer code faster and faster, like you see on TV shows and in the movies; nor is it typically done by people sporting multiple tattoos and piercings with dyed-black hair, wearing all-black Goth garb and army boots.
Usually, malicious hacking is done by trickery — either by tricking a computer into misbehaving, thereby giving the hacker access to previously inaccessible areas, or tricking a computer user into clicking on the wrong thing, thereby allowing the hacker access to password-protected accounts and opening the door to installing viruses designed to secretly control computers from afar.
In the case of the Target hack, evidence indicates that hackers managed to trick a Target-connected computer, or someone using a Target-connected computer, into giving up their user ID and password, which allowed the bad guys to sign in and access Target’s entire US-based private network.
Once inside, they installed software designed to steal credit card information, facilitating the biggest theft of credit card information in world history.
The best way to keep your computer from being tricked is to make sure its operating system and programs are current and updated.
Updates close the door on criminal hackers and are not to be ignored. Top-quality antivirus programs also are essential to computer safety.
To keep yourself from being tricked by the Internet bad guys, you must learn the difference between the counterfeit and the genuine. Learning when to click, and when not to click, is vital to your overall Internet security posture. The idea, “Educate thyself,” has never been more critical.
To learn more about “hackers” and how to avoid being tricked, call the Norman Public Library at 701-2697 and sign up for my free, one-night-only class called “Fight the Internet Bad Guys and Win.”
If you are willing to invest 90 minutes of your time at 6:30 p.m. Feb. 12, you will learn more about computer safety and Internet security than you have in your entire computing life.
Dave Moore has been performing computer consulting, repairs, security and networking in Oklahoma since 1984. He also teaches computer safety workshops for public and private organizations. He can be reached at 919-9901 or davemoorecomputers.com.
Breaking news, severe weather alerts, AMBER alerts, sports scores from The Norman Transcript are available as text messages right to your phone or mobile device. You decide which type of alerts you want to receive. Find out more or to signup, click here.