The word “hack” gets used a lot these days and appears to have a few meanings. Every day in the news another organization announces they were hacked. A friend’s twitter account is hacked. Government systems are breached. What does it mean to be hacked?
When used in terms of computer security, “Hack” means to gain unauthorized access to secure systems. There are a variety of methods used. Emails full of malicious links are sent. Bogus webpages are pushed to the top of search results for you to find and click on. Social engineering is used to gather sensitive data from you or your team, which is then used to break into your systems. Anything facing the Internet is actively probed for a way in, much like a burglar tries your doors and windows to see if they can jimmy something open. Passwords are guessed, or maybe the latest application exploit is used to get inside. These are just a few examples.
“White Hat” is the term applied to someone who hacks into systems in order to increase security, not for nefarious purposes. They report the problem to the website or application owner, letting them know of the vulnerability and possibly how to fix it. Sometimes it is done for pay via “Bug Bounties”. Other times it is simply to build awareness and form a more secure Internet.
“Black Hat” is the opposite, and is what most people associate with “hacker”. The Black Hat hacks into systems for malicious reasons. They do it for money. Turning hacked devices into botnets. Ransoming stolen data back to the hacked company, selling it on the dark web (black market), or Hack-for-Hire. They do it for political purposes. Others do it “just to watch the world burn.“ Black Hats result in victims with a pile of problems.
Hacks have a heavy impact. Sensitive information is stolen, known as a “Data Breach”. Other accounts are compromised. Devices are turned into DDoS nodes, spammers, attack relays, and more. Performance slows to a crawl. Bandwidth is crippled by the vast amount of illegal traffic flooding through the device. Every contact found is spammed with further hack attempts. Webpages are defaced. Your domain winds up being blacklisted for abuse. Everyone involved has to worry about identity theft. Your reputation is directly impacted. Instead of concentrating on sales and growth, staff members are focused on damage control.
Being aware of the dangers is the first step towards protection from both being hacked, and from having to deal with the fallout if it does happen. There are preventative steps that can be taken for better protection. Contact one of our representatives to discuss how we can help protect your resources now and in the future.