The term computer hacking and its variations are today often used in an overused manner in place of other forms of cyberattacks. In practice, computer hacking refers to the act of breaking into a resource without the knowledge of its legitimate owner. There are, therefore, only two main types of computer hacking: hacking of equipment or hacking of an online account.
What Is Computer Hacking?
Hacking involves unauthorized entry into a resource such as a computer, server, network, online service, or mobile phone. In practice, computer hacking can take two primary forms: hacking an account or hacking equipment. In both cases, the hacker’s objective is to take control of the resource in question (equipment or account) and to steal information (personal, confidential, etc.) with the aim of making malicious use of it: identity theft, bank fraud, money making, espionage, sabotage, claiming, blackmail, vandalism, etc.
Computer hacking covers in everyday language a whole quantity of very different meanings. It is sometimes used in an abusive manner, whether by ease, by shortcut, or even by ignorance of a subject, which can very quickly prove difficult due to its technicality. Thus, we sometimes call “computer hacking” cyber-malevolence, which is not such. To be able to talk about computer hacking, there must necessarily be an intrusion, in other words, unauthorized access to a resource (equipment or an account). Without intrusion, there is no hacking.
Computer hacking can, nevertheless, have various causes or origins. There is, thus, a recurring confusion between the intrusion and the vector that allowed the intrusion into a resource. For example, receiving a phishing message is not an intrusion in itself but can be a vector for intrusion . This means that phishing can lead to computer hacking. Indeed, when a victim receives a phishing attempt by email, there is no intrusion stricto sensu either on their online account or on their equipment.
On the other hand, a phishing attempt can, in some instances, cause an intrusion and, therefore, computer hacking. This is, for example, the case if the victim, by clicking on the attachment of a phishing email, unknowingly installs malicious software (virus) on their computer. In this case, we clearly observe an intrusion on the victim’s equipment conveyed by the phishing email. Conversely, if the victim does not click on the attachment, no action will be taken. The phishing email will remain a futile attempt.
Another example of ransomware, or ransomware attack can also occur following a computer hack. As explained in this article, ransomware is not always just a simple virus but can also be an attack technique that can take different forms. It can thus be a computer hack, in the sense of an intrusion into the computer network or the equipment of a victim, in order to be able to encrypt it and thus pursue different objectives (data theft, etc.).
On the other hand, carrying out a denial of service attack (or DDoS ) with the aim of saturating an organization’s server cannot really be considered computer hacking (in the sense defined in this article), even if it is often called such. Indeed, such a denial of service attack constitutes a reprehensible offense. In that case, it is not strictly speaking an intrusion into a server but the sending of multiple requests to the point of saturating it so that it can no longer answer.
What Does Hacking A Computer System Involve?
A computer system (or information system) is a device, equipment, or set of materials used to process and store data. Hacking a computer system is defined as any unauthorized access to this system by a third party.
What Types Of Equipment Are These?
For all categories of audiences, this could involve hacking a computer, a mobile device (tablet, smartphone, etc.), a connected object, etc. However, in the professional sphere, there may be other types of more specialized equipment, such as servers, routers, networks, etc.
Note that professionals have more equipment likely to be hacked than individuals, even if it may be the same type of equipment. Indeed, professionals have PCs, smartphones, and tablets… just like some individuals have servers.
However, professionals represent a more exciting or even more lucrative target for hackers because they often have more significant financial resources and may have particularly critical activities and confidential personal or professional data. Hacking a professional computer system can thus have serious consequences for the organization that is the victim since it can lead to the theft, or even total loss, of data from the affected system.
What Are The Possible Means Of Intrusion?
In practice, cybercriminals can use different methods to hack a computer system :
- following the exploitation or use of a security vulnerability;
- following the incorrect configuration of software or a device;
- following infection by malicious software ( computer viruses );
- following a fraudulent call or email (phishing or phishing message ) intended to recover your account login credentials without your knowledge;
- Following a password that is too easy to guess, a default password that has not been changed, etc.
Subsequently, the hacker can seek to spread to other equipment on the attacked network. The origin of the intrusion can be external (cybercriminals) or internal (negligence of the owner of the equipment, a relative, a collaborator, or a service provider; deliberate act on the part of a collaborator or service provider unhappy…).
What Does Hacking An Online Account Involve?
Online account takeover refers to the takeover of an account by a malicious individual to the detriment of its rightful owner. As observed by Cybermalveillance.gouv.fr in its 2021 activity and threat report, online account hacking today represents the second most encountered cyber threat by both professionals and individuals.
Which Accounts Are Hackers Interested In?
Online account hacking concerns all everyday online accounts: email accounts, social networks, banking services, administrative sites, online commerce platforms, etc. However, given the wealth and number of data contained in messaging (passwords, administrative documents, banking documents, personal exchanges, etc.) and the multiple possibilities and benefits that cybercriminals can derive from it, mailbox hacking is the favorite target of hackers.
What Are The Possible Means Of Intrusion?
In practice, attackers were able to gain access to your account in several ways :
- Following the hacking of equipment. Indeed, once installed on a victim’s equipment, the cybercriminal can steal the victim’s passwords and thus connect to their various online accounts (email, social networks, etc.);
- Following the use of the same password on several sites, one of which was hacked;
- following a fraudulent call or email ( phishing or phishing message ) intended to recover your account login credentials without your knowledge;
- Following a password that is too easy to guess, a default password that has not been changed, etc.
