Who wants to harm computer systems and computer users’? As you’ll see, a surprising variety of people can cause security problems, ranging from people with too much time on their hands to hardened criminals, such as the Russian intruders who recently made off with $ 10 million from Citibank. Motives vary, too. Some attackers are out for ego gratification and don’t intend any harm. Others ate out for money; others are on a misguided crusade, and still others are just plain malicious.
Tile variety of attackers is a problem in itself. When intruders try to break into a system, administrators can’t be sure initially where the problems coming from. In 1998, U.S. Defense Department computers were besieged during a Gulf military action, and newspapers jumped to the conclusion that the attacks originated in Iraq and were intended to stymie tile military’ s activities. The culprits turned out to be two California boys under the direction of a teenage computer intruder in Israel!
The most celebrated intruders are computer hobbyists and computer experts, for whom unauthorized access is something of an irresistible intellectual game. The press tends to call all these hobbyists hackers, but this term is actually too broad. In this passage, you’ll learn better-focused terms to refer to computer users who try to break into computer systems.
Hackers are computer hobbyists who enjoy pushing computer systems (and themselves) to their limits. They experiment with programs to by to discover undocumented features, capabilities that aren’t mentioned in the systems’ manuals. They modify systems to obtain the maximum possible performance. And sometimes, they try to track down all the weaknesses and loopholes in a system’s security. When hackers attempt unauthorized access, they rarely damage data or steal assets. Hackers generally subscribe to an unwritten code of conduct, called the hacker ethic, which forbids the destruction of data. For hackers, unauthorized access is an intellectual diversion or game. (The people who have to secure systems against hacker attacks don’t think it’s a game.) Hacker motives include ego gratification:hackers form communities, with a pecking order defined in terms of an individual’s reputation for hacking prowess.
Crackers (also called black hats) are hackers who, like Darth Vader in George Lucas’s Star Wars trilogy, have turned to the “dark side.” They become obsessed (often uncontrollably) with gaining entry to highly secure computer systems. Like hackers, they generally do not intend to harm or steal data, but the frequency and sophistication of their attacks cause major headaches for system administrators. A Pentagon official has recently disclosed that the U.S. Department of Defense computer systems experience more than 1 000 detected unauthorized access attempts per day, and that as many as 96 percent of such attempts evade detection. Cracking appears to be one form of computer addiction: many crackers confess that they feel compelled to return to cracking even if they have made an effort to stop.
Like hackers, crackers are obsessed with their reputation in the hacking and cracking communities. To document their feats, they’ often leave calling cards, such as a prank message, on the systems they penetrate. Sometimes these traces enable law enforcement personnel to track down crackers.
Cyber gangs bring crackers together by means of the Internet and physical meetings. The group dynamics reinforce their immature and often destructive aims. Hackers and crackers can cause major headaches, but both should be distinguished from criminals who seek to steal money or valuable data by gaining unauthorized access to computer systems. However, anyone who tries to gain unauthorized access to a computer system is probably breaking one or more laws.
Computer virus authors, typically, are teenage males whose programming ability is much more developed than their ethical conscience. They want to see how far they can push the boundaries of virus software. Often, they see no harm in
what they are doing. They claim flint all technological progress is inevitable, and that somebody else would eventually create the programs they write. Most eventually stop writing viruses after they’re matured a bit and found something more worthwhile to do with their time.
Some virus authors appear to be motivated by a twisted moral crusade, specifically, a campaign to rid the world of Microsoft Corporation, which has long been detested by the hacker community. In the twisted logic of some virus authors, Microsoft deserves to be attacked because, they believe, its products fail to protect users adequately from computer security risks. However, their attacks have yet to harm Microsoft Corporation. Instead, they have penalized millions of innocent computer users, many of whom have suffered devastating losses of data.
More than a few hackers and crackers have turned pro, offering their services to companies hoping to use hacker expertise to shore up their computer systems’ defenses. (This practice is called ethical hacking, and those who undertake this type of hacking are called white hats.) And without doubt, some of them have crossed the line from hacking and cracking to intentional computer crime. This prospect sounds scary, but a far greater threat exists inside the organizations that house computer systems.
【New Words】
ego
自我,利己主义
malicious
怀恶意的,恶毒的
crusade
宗教战争,宗教改革
penetrate
穿透,渗透,洞察
twist
扭弯,扭曲,缠绕
pentagon
五角形,五边形
9.4 Security Breaches Types