HACKERS ATTITUDE

Submitted By: Rakhi Sinha Roshni Wadhwani Surbhi Singh

CONTENTS
What is hacking? Timeline of hacking Types of hacking The Threats Some Hacking Incidents Who is Hackers? Why do Hackers Hack? Hackers Attitudes Indian IT Act 2000 Computer Fraud And Abuse Act Conclusion References

WHAT IS HACKING?

Hacking means finding out weaknesses in an

established system and exploiting them.

In computer networking, hacking is any technical effort to manipulate the normal behavior of network

connections and connected systems.

Hacking vs. Cracking

Malicious attacks on computer networks are officially known as cracking, while hacking truly applies to both activities having good intentions and bad intentions. Most non-technical people fail to

make

this

distinction,

however.

Outside

of

academia, its extremely common to see the term "hack" misused and be applied to cracks as well.

TIMELINE OF HACKING

1969 - Unix hacked together 1971 - Cap and Crunch phone exploit discovered 1988 - Morris Internet worm crashes 6,000 servers 1994 - $10 million transferred from CitiBank accounts

1995 - Kevin Mitnick sentenced to 5 years in jail

2000 - Major websites succumb to DoS 2000 - 15,700 credit and debit card numbers stolen from Western Union (hacked while web database was

undergoing maintenance)

2001 Code Red

exploited bug in MS IIS to penetrate & spread probes random IPs for systems running IIS had trigger time for denial-of-service attack 2nd wave infected 360000 servers in 14 hours

Code Red 2 - had backdoor installed to allow remote control Nimda-used multiple infection mechanisms email,

shares, web client, IIS

2002 Slammer Worm attacking MS SQL Server

brings web to its knees by

TYPES OF HACKING
Normal data transfer

Interruption

Interception

Modification

Fabrication

THE THREATS

Denial of Service (Yahoo, eBay, CNN, MS) Loss of data (destruction, theft) Divulging private information (Air Miles, celebrities)

SOME HACKING INCIDENTS

Internet Worm

Robert T. Morris made an internet worm in Nov.

1988. It spread through the internet and crashed about 6000 systems.

Cuckoos Egg

Clifford Stoll caught the hackers who are the

German hackers.

WHO IS HACKER?
A

computer hacker is a person who finds out

weaknesses in the computer and exploits it.

Hackers

may be motivated by a multitude of

reasons, such as profit, protest or challenges.

Alternatively,

the term hacker is used to refer to a pushes technology beyond

person

that

perceived norms at the time.

WHY DO HACKERS HACK?

Just for fun Show off Notify many people their thought Steal important information Destroy enemys computer network during the war. For personal and financial gains.

HACKERS ATTITUDES
HACKERS ATTITUDE WHITE HAT HACKER DEFINITION A white hat hacker, also rendered as ethical hacker, is, in the realm of information technology, a person who is ethically

opposed to the abuse of computer systems.

BLACK HAT HACKER

A black hat hacker is a person who compromises the security of a computer system without permission from an

authorized party, typically with malicious intent.

HACKERS ATTITUDES
HACKERS ATTITUDE
GREY HAT HACKER

DEFINITION
They are a hybrid between white and black hat hackers who sometimes hacks ethically and sometimes illegally.

BLUE HAT HACKER

A blue hat hacker is someone outside

computer security consulting firms that are

used to bug test a system prior to its launch, looking for exploits so they can be closed.

HACKERS ATTITUDES
HACKERS ATTITUDE SCRIPT KIDDIES DEFINITION A computer intruder with little or no skill; a person who simply follows directions or uses a cook-book approach. HACKTIVIST A hacktivist is a hacker who utilizes technology message. to announce a political

HACKERS ATTITUDES
HACKERS ATTITUDE ELITE HACKER DEFINITION A social status among hackers, elite is

used to describe the most skilled.

NEOPHYTE

A Neophyte or "newbie" is someone who is new to hacking and has almost no knowledge or experience of the workings of hacking technologies.

BLACK HAT HACKERS

Black hat hacker is the alternate name for crackers who use their skills for destructive purposes.

A black hat hacker is a person who uses their knowledge of vulnerabilities and exploits for private gain, rather than revealing them either to the

general public or the manufacturer for correction.

BLACK HAT HACKERS

Many black hats hack networks and web pages

solely for financial gain.

Black hats may seek to expand holes in systems; prevent others from compromising the system on which they have already obtained secure control.

Black hats may work to cause damage maliciously

and make threats.

WHITE HAT HACKERS

The term white hat hacker or ethical hacker is also often used to describe those who attempt to break into systems or networks in order to help the owners of the system by making them aware of

security flaws.

Many such people are employed by computer security companies; these professionals are

sometimes called sneakers. Groups of these people are called tiger teams.

WHITE HAT HACKERS

The primary difference between white and black hat

hackers is that a white hat hacker claims to observe

ethical principles.

Like black hats, white hats are often intimately familiar with the internal details of security systems, and can find a solution to a tricky problem.

GREY HAT HACKERS

A Grey Hat in the computer security community, includes a skilled hacker who sometimes acts destructively and other times in good will.

They usually do not hack for personal gain or have

malicious

intentions,

but

may

or

may

not

occasionally commit crimes during the course of their technological exploits.

GREY HAT HACKERS

A grey hat will not necessarily notify the system admin of a penetrated system of their carried out penetration.

A person who breaks into a computer system and

simply puts their name there whilst doing no

damage are also included in this category.

SECTION 66 OF THE INDIAN IT ACT 2000

Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to the

public or any person destroys or deletes or alters

any information residing in a computer resource or diminishes its value or utility or affects it injuriously

by any means, commits hacking.

Whoever commits hacking shall be punished with imprisonment up to three years, or with fine upto two lakh rupees, or with both.

COMPUTER FRAUD & ABUSE ACT(18 USC 1030)

Hacking law 1 as stated in the section 11 of the Atomic Energy Act of 1954
Knowingly accesses a computer without

authorization or exceeds authorized access, and by means of such conduct obtains information that has been determined by the United States Government

pursuant to an Executive order or

statute to require protection against unauthorized disclosure for reasons of national defense or foreign

relations, or any restricted data, as defined in

paragraph y of section 11 of the Atomic Energy Act of 1954.

Hacking law 2 as stated in section 1602 of title 15 of Fair Credit Reporting Act (15 U.S.C. 1681)

Intentionally

accesses

computer

without

authorization or exceeds authorized access, and thereby obtains information contained in a financial record of a financial institution, or of a card issuer as defined in section 1602(n) of title 15, as such

terms are defined in the Fair Credit Reporting Act

.(15 U.S.C. 1681)

Hacking law 3
Intentionally, without authorization to access any computer of a department or agency of the United

States,

accesses

such

computer

of

that

department or agency that is exclusively for the use of the Government of the United States or, in the case of a computer not exclusively for such use, is used by or for the Government of the United States.

Hacking law 4
Knowingly and with intent to defraud, accesses a Federal interest computer without authorization, or exceeds authorized access, and by means of such conduct furthers the intended fraud and obtains anything of value, unless the object of the fraud and the thing obtained consists only of the use of the computer. Shall be punished as provided in

subsection (c) of the section.

SUBSECTION C
(A)A fine under this title or imprisonment for not

more than ten years, or both, in the case of an offense

under subsection (a)(1) of this section which does not occur after a conviction for another offense under such subsection. (B)A fine under this title or imprisonment for not more

than twenty years, or both, incase of an offense under

subsection (a)(1) of this section which occurs after a conviction for another offense under such subsection.

Hacking law 5 Intentionally accesses a Federal interest computer without authorization, and by means of one or more

instances of such conduct alters, damages, or

destroys information in any such Federal interest computer, or prevents authorized use of any such computer or information, and thereby-

(A) Causes loss to one or more others of a value

aggregating $1,000 or more during any one year period, or

(B) Modifies or impairs, or potentially modifies or

impairs, the medical examination, medical

diagnosis, medical treatment, or medical care of one or more individuals.

Hacking law 6 as stated in section 1029

Knowingly and with intent to defraud traffics (as

defined in section 1029) in any password or similar information through which a computer may be accessed without authorization, if (A) Such trafficking affects interstate or foreign

commerce; or
(B) Such computer is used by or for the Government of the United States.

CONCLUSION

There is no separate detailed law in India for Computer Fraud, Abuse, Tempering and Hacking.

There is only a slight provision in section 66 in IT

Act 2000.

Provision should be made in Indian IT Act 2000 to encourage Ethical Hacking because Ethical

Hacking is a measure to reduce illegal hacking.

REFRENCES
1. 2.

www.cyberlawsindia.net www.protectivehacks.com/hackinglaws.html

3.
4. 5.

www.cybercrime.gov/reporting.htm
www.asianlaws.org/abuse/hacking www.kyrion.in/security/hacking