Hacking: Strategies, Techniques and Capabilities of Hacker Organizations - Essay Sample

Introduction

Gupta (2019) has defined hacking as gaining unauthorized access or compromising systems to get access. While hacking may be characterized as criminal in some countries, there is a need for information security experts with the knowledge of hacking to counter cyber threats in the fields of business, politics, social media, and national security. This paper will attempt to identify strategies, techniques, and capabilities that hacker organizations such as 'The Lizard Squad' utilize to perform technical, social, or political interventions and activities.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Hacking is an essential asset as it enables companies and organizations to find loopholes in their systems and anticipate attacks before they can happen. It allows professionals to thwart an attack before it happens by laying out proper controls. The creation of malicious code to teach students the art of combating threats is, therefore, a good idea (Arce & McGraw, 2004).

There are three main types of hackers, according to Gupta, (2019). The first type of hackers is the white hat hacker who defends systems from other attackers. They are authorized, and they are mainly known for the provision of security. The second type is the black hat hacker who works without authorization. This calibre of hackers are also known as malicious hackers, and they act without the permission of any kind. The third type is the Grey hat hacker, whose sword is double-edged. They can be both offensive and defensive, depending on the benefits. The term grey hackers can also mean hackers whose intention is to warn others of their vulnerability even if they sometimes do it illegally.

The Lizard Squad is a black-hat-type of a hacker group that has been identified for this study for their efficiency and availability of sufficient knowledge on its structure and members. The group's history and activity can be traced back to 2014 when it attacked the gaming platform of Xbox and PlayStation, sharing hosting with them. The group also conducted various detrimental hacks, including taking down the internet in North Korea, attacking of PlayStation network, and an attack on Destiny in which they changed the company's logo on their webpage (Grimes, 2017).

The group's membership comprises of at least eight individuals, but there are only four who are publicly known. All four members have been arrested in the past and charged with computer crime. The group produced a hacking tool known as 'lizard stressor' that they offered for hire among other hackers (Stern, 2015). Key targets of this group include celebrities, schools, airlines, and online gamers. On social media, the group once shared their twitter handles and asked fans to follow them; this was after hacking a Malaysian Airlines website.

Hacking has four main stages, namely reconnaissance, scanning, gaining of access, and maintenance of access (Jordan, 2008). In the first stage, the hacker attempts to find information about his target either actively or passively. The attacker then proceeds to seek much more information about the target by scanning or conducting various assessments to get sensitive information about the target. The third phase is gaining access, whereby the attacker performs the hack. The attacker takes advantage and performs an exploits vulnerability to gain access. In the next phase, the attacker installs backdoors or Trojans to keep up access. Lastly, they delete logs and other details to avoid getting caught.

The Lizard Squad hacker group employs most of the phases, as discussed above. First, the group consists of teenagers. Their first popular hack on Sony's PlayStation reveals the applicability of the above procedure. On a note posted on Pastebin, they disclose that they started planning on the attack two weeks ago motivated by adventure (Krebs, 2017). They reveal that they had sufficient time to gather information about their target. They then used their hacking skills to gain access and exploited vulnerability. They were able to maintain access, and they were offered ransom in the form of vouchers in a bid to save online gaming.

Different hackers use different methods in their execution. According to Boy (2015), attackers avoid using the same techniques, and they are always trying to learn new tricks. Software engineers are also innovative in coming up with better-sophisticated solutions to prevent their systems from being penetrated. Even though their methods may not be technically superior, they could always use new and unthought-of techniques.

Most hackers use buffer overflows to alter the working of programs for their advantage. They use these attacks to run malicious programs whose developers may not be keen. Through stack smashing, attackers can insert pointers through gained credentials of the account. They then add a return address that then prompts the program to divert to the place in memory where the attacker's command is located. However, this method continues to evolve into other highly reformed ways (Young & Aitel, 2003). Hackers may also use the password cracking method in which interaction with the target system is usually advantageous. They may also use manual password guessing or automated guessing techniques

According to Grimes, (2017), a critical part of security design and implementation is subjecting a system to rigorous analysis. This move would include an attack based penetration testing in which designers must understand what makes attackers tick so as not to fall prey to that kind of testing. Methods such as stealth can be used to hide data so that it is not susceptible.

References

Arce, I., & McGraw, G. (2004). Guest Editors' Introduction: Why Attacking Systems Is a Good Idea. IEEE Security and Privacy Magazine, 2(4), 17-19. https://doi.org/10.1109/msp.2004.46

Boy, H. (2015). Hacking: Hacking Essentials, What You Must Know about Hacking. CreateSpace.

Grimes, R. A. (2017). Hacking the Hacker: Learn From the Experts Who Take Down Hackers. John Wiley & Sons.

Gupta, S. (2019). Ethical Hacking Terminologies. Ethical Hacking - Learning the Basics. https://doi.org/10.1007/978-1-4842-4348-0_1

Krebs, B. (2017). Who's in the Lizard Squad? - Krebs on Security. Krebs on Security. https://krebsonsecurity.com/2014/12/whos-in-the-lizard-squad/

Stern, M. (2015, January 27). Inside Lizard Squad, the Hacking Group That Targeted Taylor Swift. The Daily Beast. https://www.thedailybeast.com/inside-lizard-squad-the-hacking-group-that-targeted-taylor-swift

Jordan, T. (2008). Hacking: Digital Media and Technological Determinism. Polity.

Young, S., & Aitel, D. (2003). The Hacker's Handbook: The Strategy Behind Breaking into and Defending Networks. CRC Press.

'The Digital Sword'? And Defining 'E-Jihad.' (n.d.). Islam in the Digital Age, 25-36. https://doi.org/10.2307/j.ctt18fs6ck.5