All the perceptions of hackers and their portrayal in movies and entertainment have lead to the development of hacker myths.
These myths involve common misconceptions about hackers and can lead to misconceptions about how to defend against them.
Here we have attempted to identify some of these hacker myths and dispel common misconceptions.
List of the hacker myths Iam going to discuss:
- Hackers are a well-organized, malicious group
- If you build it, they will come
- It is safe if you hide in the tall grass.
- Security through obscurity
- All hackers are the same
1. Hackers are a well-organized, malicious group
There is indeed a community within the hacker underground.
There are hacking-related groups such as Alt-2600 and Cult of the Dead Cow, IRC hacking channels, and related newsgroups.
However, these groups are not formed into a well-organized group that targets specific networks for hacking.
They share a common interest in methods for avoiding security defenses and accessing restricted information.
2. If you build it, they will come
and
3. It is safe if you hide in the tall grass
Both of these myths represent opposing views on the probability of being hacked.
Myth 2 is indicative of the view that once an Internet presence is established, malicious hackers will begin to attempt a compromise.
Myth 3 expresses the opinion that there are so many Web sites around that if you just do not make a lot of noise and do not have one of the truly big sites, publicityseeking hackers will not bother to go after you.
The truth lies somewhere in the middle.
You will probably be scanned by users with malicious intent, but it may not happen the moment your systems go online.
Some scans will be by groups trying to get an idea of how many Web sites are using a particular piece of software.
Others are unethical (but legal) system reconnaissance.
A good plan is to develop a security posture that balances the risk of system compromise with the costs of implementing and maintaining security measures.
This will allow you to sleep at night.
While you may not stamp out the chance of compromise entirely, you will have done what you can to prevent and limit the compromise without killing your budget.
4. Security through obscurity
Myth 4 implies that because you are small and unknown or you hide a vulnerability, you are not at risk.
For example, according to this myth, if you create a Web site but give the URL only to your friends, you don't have to worry about it being attacked.
Another example we have seen is the creation of a backdoor around a firewall by putting a second network card in a DMZ system and directly connecting it to the internal network.
People using such a strategy think that because they have hidden the weakness, no one will find it and the organization is safe.
However, security through obscurity does not work.
Someone will find the weakness or stumble upon it and the systems will be compromised.
5. All hackers are the same
This myth is borne out of a lack of knowledge among the general public about the hacker community.
All hackers are not the same. As mentioned above, different hackers focus on different technologies and have
different purposes and skill levels. Some hackers have malicious intent; some don't.
They are not all teenagers who spend far too much time in front of a computer.
Not all hackers are part of a group that defaces Web sites and creates and distributes hacking tools.
The range among hackers is great, and you need to defend against them all.
Hi there! I know this really is somewhat off topic but I was wondering which
ReplyDeleteblog platform are you using just for this website?
I'm getting sick and tired of Wordpress because I've had problems
with hackers and I'm considering options for another platform.
I would be awesome if you could point me in the direction of a good platform.
Iam using wordpress :)
ReplyDelete