Here's a rundown of some of the most interesting and popular techniques that
hackers use to break into or damage web sites and computers.
Denial of service attacks are designed to lock out legitimate users from web sites or
networks. Hackers run programs that repeatedly request information from the
victim's computer until that computer is unable to answer any other requests.
Hackers can run programs of automated scripts that barrage the victim computer
or network so that it becomes unusable by legitimate users, or even has to be
Distributed denial of service attacks (DDoS) are automated attacks that run
simultaneously from multiple computers. Hackers can plant Trojan horse
programs on the computers of unsuspecting accomplices throughout the network or
internet. At a given hour, all involved computers coordinate requests for
information from the overloaded victim computer. Due to the numbers involved,
such an attack can be very difficult to stop.
[In February 2000, a number of high-profile web sites including Yahoo,
Amazon.com, and eBay were hit with a series of distributed denial of service
attacks which rendered the sites useless for a short time over the course of
When you point your browser to randomsite.com, your computer will look up that
entry in a massive directory called the Domain Name Service (DNS) database, and
then send you to the appropriate site.
However, computers don't understand names, they understand numbers. The DNS
database matches every name to a numerical address. Servers throughout the internet maintain a
constantly updating database of these DNS entries. A DNS spoof occurs when a
hacker alters a DNS entry on a server to redirect the browser to an alternate
site. If a consumer wanting to visit randomsite.com gets sent instead to
evilcompany.com, then business can be stolen. A hacker can also create a fake
site that pretends to be randomsite.com. In this way evilcompany.com might
steal passwords, personal data or even credit cards from the consumer. Such
hacks are not yet very common.
Like many hacker tools, packet sniffers were initially designed as a tool for
system administrators to help debug networking problems. Essentially, they are
devices which allow the user to intercept and interpret "packets" of
information traversing a network. Any information shared among a network of
computers--username/password pairs, email, files being transferred--gets
translated into "packets," which are sent out across the network.
Most of the internet uses the Ethernet transmission protocol. When you send a
packet out on the Ethernet, every machine on the network sees the packet.
Every piece of data you send over the internet contains an Ethernet header, a
sort of numerical address, to make sure that the right machine gets the right
information. Each machine is supposed to pay attention only to packets with its
own Ethernet address in the destination field. However, an Ethernet packet
sniffer is software which allows a hacker, or network administrator, to
"eavesdrop" by recording information on packets not addressed to his or her
Social engineering is a hacker term for deceiving or manipulating unwitting
people into giving out information about a network or how to access it. A
hacker may pose as an employee who forgot his or her password, or a software vendor asking for information about a network in order to determine what the company's software needs are. In testimony before Congress, ex-hacker Kevin
Mitnick discussed some of his most successful social engineering
Trojans horse programs are "back doors" into a computer system. A hacker may
disguise a trojan as another program, video, or game, in order to trick a
user into installing it on their system. Once a trojan is installed, a hacker
could have access to all the files on a hard drive, a system's email, or even
to create messages that pop up on the screen. Trojans are often used to enable
even more serious attacks. By hiding programs to be run later, hackers might
gain access to other networks, or run DDoS attacks. The simplest Trojan
horse replaces the messages shown when a login is requested. Users think they
are logging into the system, so they provide their usernames and
passwords to a program that records the information for use by the
hacker. The most famous Trojan horse to date is probably Back Orifice, which was developed by the hacker group known as Cult of the Dead Cow. Once installed, this program gives the user access and control over any computer running a Windows 95/98 operating system or later.
Web pages are simply computer files stored in directories on a server computer.
If a hacker gains access to these files, he or she can replace or alter them in
any way. The Republican National Committee, the CIA, and The New York
Times are just three of the highly publicized web page defacements over the
past few years.
Worms and viruses are surreptitiously "self-replicating" programs that can
spread exponentially throughout a network. Such programs are not by definition
harmful: The first worm released on the internet, the Morris Worm, was
not meant to do harm, it was merely an experiment by a Cornell University
graduate student. However, it replicated itself so efficiently and took up so
much memory and computing resources on the internet that many computers
crashed, and system administrators across the country were forced to take their
machines off the internet.
Modern-day virus writers often have malicious intent, however, and they
use viruses and worms to spread destructive programs among unwitting hosts. A
virus spreads by infecting another object on the computer system--a program
file, a document, or the boot sector of a floppy disk. A worm can copy itself from computer to computer on a network without needing a file or other
object. The most famous worm was the ILOVEYOU bug, which infected an estimated
45 million computers. It propagated itself by exploiting a weakness in the
Microsoft Outlook email software, and emailing itself to every address stored
in the Outlook address book on an infected computer.
home · who are hackers? · risks of the internet · who's responsible · how to be vigilant · interviews
discussion · video excerpts · synopsis · press · tapes · credits
FRONTLINE · wgbh · pbs online
some photos copyright ©2001 photodisc
web site copyright 1995-2013 WGBH educational foundation