Hackers use many a myriad of different tools and techniques. The resources for a hacker are so numerous, that it is entirely possible that no two hackers have the same tools or approaches for how they operate. For this reason, hacking is highly expressive and serves as identification of self for some. With a choice of over a thousand programming languages, dozens of operating systems, and hundreds of different communication protocols, hackers have so many options to explore and test for vulnerabilities. While it would be impossible to describe every tool and technique, it is easy enough to talk address the most common form of attacks and how to protect against them.
Man in the Middle (MiTM)
Hardware is always communicating, and at each layer where one system talks to another, a hacker can potentially sit and listen to the data sent back and forth. MiTM attacks most often occur over network connections, usually between a client machine and a server. Generally, the victims of these types of attacks are only a small group at a time, but with the use of malware or with lacking security protocols on either the client or server, they can be powerful on a much larger scale.
The simplest form of MiTM attacks may involve a hacker sitting at a coffee shop. The attacker can exploit vulnerabilities in a wireless router’s by exploiting weak or default passwords. Their attacks can be simple, such as capturing form data like user login credentials or credit cards entered on a shopping cart. Most of the time these attacks go unnoticed, even when a browser and server have secure communication connections. The attacker can easily serve as a relay for the information and satisfy the security protocols that are implemented between the client and server and copy any and every interaction between the two.
Man in the middle attacks can also be carried out through DNS spoofing, port stealing, traffic tunneling, route mangling, and many other phrases that you may not care to memorize. The point is simply that these attacks are common and sometimes the hardest to recognize. All systems should be sending only secured data back and forth by using SSL certificates on website, obfuscating routes and creating custom encryption schemes.
Sometimes a hacker does not have to sit back and hijack data from the network. Instead they can go straight to the source and extract all the information at once. Many websites use a relational database on their back-end server, which is often built on and powered by SQL. These databases can be exploited by injecting database query logic into forms and url’s to extract extra information from the database. Whenever a website is built on an off the shelf-solution, such as wordpress, it comes riddled with vulnerabilities which hackers can easily look for. Proprietary software on the other hand, can be even more insecure. If a developer is hired to build a website, and does not know about best practices or security standards, then they may unknowingly be creating an extremely vulnerable application. Not only do SQL injections pose a threat for the back-end, but hackers can also introduce scripts on the front-end using cross-site scripting (XSS) techniques in order to modify the website or steal information.
Protecting from injections should be done on the application level by hiring a strong and competent development company to either audit, patch or build the initial application. Modern frameworks, such as Ruby on Rails, comes with many security measures implemented at the core and out of the box provide a certain level of security. Schemaless databases such as MongoDB also help protect against injections, as the database itself does not have a query language.
Brute forcing is the act of attempting multiple username and password logins on a system by using a program to automate and test various combinations repeatedly. In the example of the MiTM hacker sitting at a cafe, a brute forcing attack was buried subtly in the details. Often times, a cafe may secure their router by changing the password on initial setup, but still leave either a default username. In addition, low end routers do not have any sort of brute force detection or lockout. This combination makes it incredibly easy for a hacker to get in. For example, if the hacker knows that the router username is “admin” he can create a program that will run through an algorithm or database of password combinations, often called rainbow tables, in order to find the correct password.
Protecting from brute forcing is actually pretty simple. It is important to first of all purchase commercially hardware such as a mid or high level router when offering up a public connection. For software applications, brute forcing can be protected against with fraud detection software and lockouts written into proprietary application code.