How Do Hackers Get into the Computer?by Erik Arvidson
Hackers use a variety of methods to exploit the vulnerabilities of computers and use them for malicious purposes. Computer owners who do not use a firewall -- a system that monitors traffic to and from their computer or network -- are especially vulnerable to hackers. They run the risk of having their computer compromised and made part of a "robot network," also known as a botnet, where it is used to generate spam or relay viruses.
According to INVISUS, a computer security company, all Internet-connected computers have an unsecured IP address hackers can find anywhere in the world -- unless that computer has a firewall installed and activated. Every PC has more than 65,000 built-in data ports, which open and close and are used by various computer applications to maintain communication with other networked systems. Even amateur hackers as young as 10 or 11 are able to download hacker tools and utilities to gain access to a computer through one of these ports. Once inside, hackers can look at your files, install viruses or spyware on your computer and steal confidential information such as passwords or bank account numbers.
Hackers can also gain access to a computer by stealing a person's user identification and password information. Hackers are able to attack a large number of computers at once using so-called "dictionary scripts," which are a type of software that attempts to log in to a computer using many types of common usernames and passwords. According to the University of Maryland James Clark School of Engineering, dictionary scripts typically try usernames such as "root," "admin," "test," "guest," "info," "adm," and others, none of which should ever be part of any username. To guess passwords, hackers re-enter the username, or enter the username with a combination of numbers, such as "123," or "12345," or basic words such as "passwd."
Hackers are often able to gain access to computers by distributing malicious software such as viruses, Trojan horses or worms. Unsuspecting users often install this type of malware when they open email attachments, download files from a file-sharing network or even save files from public newsgroups. One example is the SDBot, a kind of Trojan horse that installs itself on a computer, opens a "back door," and uses an Internet Relay Chat (IRC) channel to look for passwords on the targeted computer. According to the Federal Trade Commission (FTC), sometimes simply visiting a website can cause a computer to download malicious software that gives hackers access.
A common motivation for hackers to gain access to a computer is to turn it into a robot, or "bot." This is when a computer is covertly taken over, allowing the hacker to conduct malicious activity without being detected. A "botnet" includes a large number of computers that have been compromised and are used to send spam or viruses. They are also use to send denial of service (DOS) attacks, which occur when a network or Web server is overwhelmed with such a large number of requests that it fails.
- PC Magazine Encyclopedia: Definition of botnet
- Invisus: The INVISUS Desktop Firewall
- U.S. Federal Trade Commission: Botnets and Hackers and Spam (Oh, My!); June 2007
- University of Maryland; Clark School Study: Hackers Attack Computers Every 39 Seconds; Rebecca Copeland; February 2007
- Spam Laws: Password Sniffing Worms