What Is Hacking?

What Is Hacking?

Although hacking generally refers to unauthorized access to a computer network or system, it’s also often the first step in a larger chain of actions. Hackers might break into systems via a data breach or use this access to:

• Steal money or information: A hacker might steal money—or something else of value—from someone’s cryptocurrency wallet, loyalty account or other account. They could also steal personal information or credentials (such as a username and password) from a database and impersonate people to break into other systems and accounts.
• Cause destruction: Hackers could try to destroy information or systems to cause mayhem. There are also examples of hacking as part of a military operation, such as when hackers caused power outages and shut down mobile and internet providers in Ukraine.
• Have fun: Some people try to break into systems because they enjoy the challenge. Hackers may also try to break into their own devices and equipment in order to repair it or add additional capabilities.
• Gain notoriety: Hackers might publish proof of their hacks simply for the recognition and notoriety that can come from breaking into hard-to-hack systems.
• Raise public awareness: Some “hacktivists” might hack for political or social reasons. Individuals and groups could leak information, take down websites or services, dox people or vandalize a website.

Some hackers act alone, but there are also hacker groups that work together. Cybersecurity organizations and governments often give these hacker groups nicknames. For example, nicknames that contain “bear,” such as Fancy Bear or Cozy Bear, often refer to hacker groups that might work for or be aligned with Russian intelligence services.

Learn more >> What Do Hackers Do With Stolen Information?

What Is Ethical Hacking?

Although hacking generally has a negative connotation, it isn’t inherently bad or illegal. Ethical hacking refers to situations when people or companies break into systems without malicious intent. For example, organizations often hire “white hat” hackers to learn about vulnerabilities in their devices or systems. The “black hat” hackers are the “bad” ones.

There are also hackers who break into systems without permission and then disclose the vulnerability to the organization rather than exploiting it. These hackers can sometimes make money from companies’ bug bounty programs. Or, they may be practicing ethical hacking and responsible disclosure as a public good.

Types of Hacking

Hackers can use various physical and digital tools to break into systems and devices, and there are different techniques for tricking people into installing these tools or giving them direct access. Some of the common ones include:

• Malware: Hackers can use different types of malicious software, or malware, depending on their goals. For example, a hacker might use spyware to record everything you’re seeing and typing on your computer, or install a rootkit that hides itself and gives the hacker control over a device. There are also viruses that get spread when users share the malicious files and worms that can spread across networks on their own.
• Ransomware: Hackers might install ransomware, a type of malware that has become very popular over the last decade, to lock legitimate users out of a device or system and threaten to delete or publish the data unless the victim pays a ransom.
• Botnets: Hackers might quietly install malware on a large network of devices, including computers and smart devices, to turn them into bots or zombies. Hackers can use the networks of bots (botnets) for different reasons, such as powering a denial of service (DDoS) attack to overwhelm and temporarily take down a website or service, or to send their online traffic through the bots to hide their location. Hackers can also rent, rather than create and manage, a botnet.
• Social engineering: Social engineering is when someone manipulates a victim into doing something, such as sharing login credentials, installing malware or transferring money. It’s sometimes called human hacking because the perpetrator is “hacking” the victim’s brain.
• Phishing: One common example of social engineering is a phishing attack. The attacker often pretends to be trustworthy or have authority by posing as a friend, well-known brand or government agency. Phishing is sometimes called different names depending on how the attacker contacts the target: phishing (email), vishing (phone call) or smishing (text). No matter the channel, these messages are often part of a scam or the first step in a chain of events that allows a hacker to get into the victim’s device or system.

Learn more >> What to Do if You Are Infected With Malware

How to Protect Yourself From Hacking

Unless you’re great with technology or live off the grid, you might not be able to protect yourself from a skilled and persistent hacker who targets you directly. However, there are some basic steps you can take to minimize the chances that hackers or criminals break into your devices or accounts.

• Install anti-malware on your devices. Antivirus or anti-malware software can detect and either block or remove malware from your device. There are free and paid options available, with paid options generally offering more features.
• Keep your devices updated. Regularly update your computer, mobile devices and smart devices. Updates may contain security patches that can help keep hackers out of your device.
• Don’t click on links or download attachments. If you don’t know the sender, it may be best to avoid clicking on links or downloading attachments in emails, text messages or social media messages. You also have to beware of spoofing, when a scammer or hacker makes it look like an email, text or call is coming from a trusted contact or organization.
• Create strong and unique passwords. Using strong passwords can help protect you from hackers who try to crack your password. Unique passwords can also keep someone who figures out one of your passwords from breaking into other accounts. A password manager can help you create and manage your passwords.
• Enable multifactor authentication. Turning on multifactor authentication (MFA) can help keep your accounts secure because someone will need more than your username or password to log in. For example, even if a hacker gets your login info, they can’t access your account without also having a code that’s sent to your email or generated by an app on your phone.
• Change default logins. If you get a new modem, router, computer or smart device, change the default username and password. Otherwise, hackers might be able to easily guess the login information.
• Only download apps from official app stores: App stores have some security features built in, but you might be inadvertently downloading malware if you download an app somewhere else. Even if the app works, it could still have malware hidden in it.

Unfortunately, even if you put all the best security measures in place on your own devices, hackers regularly attack large corporate networks to steal information. These data breaches can expose your personal information and leave you susceptible to different types of scams and identity fraud.

Learning how to identify a scammer can be helpful, as the social engineering techniques that scammers and hackers use can put you in danger. Be extra cautious if you’re feeling a sense of urgency and are told to install software, share access to your device or send someone money.

Learn more >> Here’s What You Should Do After a Data Breach

The Bottom Line

Hackers and hacking can be harmless or even motivated by good intentions. However, you also need to be on guard against hackers who try to break into your devices and steal your information or money.

Although it won’t stop hackers, you can use free credit monitoring from Experian to quickly learn about potentially fraudulent credit cards or loans that someone opens in your name. Experian’s paid premium memberships come with additional protections and features, including change of address alerts, financial account takeover alerts, fraud resolution support and identity theft insurance.