Hacking: Implications For Computerized Accounting Information System
Essay by 24 • November 25, 2010 • 2,724 Words (11 Pages) • 3,363 Views
Essay Preview: Hacking: Implications For Computerized Accounting Information System
HACKING
AND
IMPLICATIONS FOR COMPUTERIZED ACCOUNTING INFORMATION SYSTEM
Introduction
Along with the growth of computerized accounting information system (CAIS), the threats to the security of these systems have also grown. One such threat is hacking. In the recent years hacking has become a serious concern for businesses. Although, most hackers claim that they indulge in this activity for intellectual challenge, this is not always the case. In this paper we learn that hackers attempt to bypass the security mechanism of information systems not only for the thrill of learning, but also for the malicious intent of gathering information for gain.
HACKING
Meaning
Hacking is commonly used to refer to forms of trespass against a computer belonging to someone else. As per Infosec, a website devoted to information security - "Hacking means illegally accessing other people's computer systems for destroying, disrupting or carrying out illegal activities on the network or computer systems". Digitalguards defines it as, "Unauthorized use, or attempts to circumvent or bypass the security mechanisms of an information system or network".
History
At first, "hacker" was a positive term for a person with an expertise in computers who could push programs beyond what they were designed to do. Hacking has been around pretty much since the development of the first electronic computers. In 1960s, the first computer hackers emerged at MIT. University facilities with huge mainframe computers became breeding ground for hackers. In 1970s, phreaks broke into phone networks to make free calls. In the next decade, phone phreaks began to move into the territory of computer hacking, and the electronic bulletin board systems (BBSs) came into being. Hacking groups began to form. Among the first were Legion of Doom in the United States, and Chaos Computer Club in Germany. In the last decade, with the advent of internet, hackers moved all the hacking related information from old BBSs to new hacker Web sites. The face of hacking changed rapidly with easy access to information and plug-and-play kind of hacking tools over the internet. (PC World, 2001)
Tools used
There are many techniques that hackers use to illegally get into a computer. The most common ones defined in Wikipedia are as follows:
Virus: This self replicating program behaves in a way similar to the biological virus. It spreads by inserting copies of itself into other executable code or document.
Worm: Worm is also a self-replicating program like a virus. The difference between a virus and a worm is that a worm does not create multiple copies of itself on one system and that it spreads itself through computer networks.
Trojan horse: These are viruses that fool a user into downloading and/or executing them by pretending to be useful applications. These programs when used open a back door for the intruder to access the computer system.
Vulnerability scanner: It is used by the hackers to quickly check computers on a network for known weaknesses.
Sniffer: It is an application that captures passwords and other data while it is in transit either within the computer or over the network.
Exploit: It is a piece of software that takes advantage of a bug, or vulnerability, leading to privilege escalation or denial of service on a computer system.
Rootkit: When a hacker gets full access to a computer system, this collection of software helps him conceal the fact that the computer's security has been compromised. Root kits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Social engineering: It is a term given by hackers to any kind of trick that is used to get information from a worker of a targeted firm. At its basic level, social engineering exploits an understanding of human nature and people's natural openness and helpfulness when they are asked for help and advice
Recent trends
Hacking has definitely changed in the last few decades. Earlier, it was more of an art form, and learning how systems worked. The hackers then had more know-how of what they were doing. Thus, there was less unintentional damage to system being hacked. While now, the youngsters pick up pre-written hacking programs and start using them. These borrowed scripts may have bugs and may cause more damage than planned (Zetter and Brandt 2005). Counterpane Internet Security Inc., observed that in 2004, 41 percent of attacks on its clients were unauthorized activity of some kind, 21 percent were scanning, 26 percent were unauthorized access, 9 percent were DoS (denial of service), and 3 percent were misuse of applications. Computer crime is another recent trend that is expected to continue. Schneier (2005) says, "Hacking has moved from a hobbyist pursuit with a goal of notoriety to a criminal pursuit with a goal of money".
HACKERS
Motives behind hacking
The worms and viruses unleashed by hackers cost businesses billions of dollars in damage. Back in 2003 Microsoft created a $ 5 million fund to reward those who help capture hackers. But, I believe it is more important to identify and reduce the motives behind hacking. These motives can be varied. Australian Institute of Criminology (Krone 2005) lists those as:
Money: This may include transferring funds electronically, stealing valuable data, stealing intellectual property (piracy), extortion etc.
Entertainment: This category hacks for personal pleasure
Intellectual Challenge: Hackers in this category do it for intellectual challenges, not for outside recognition.
Entrance to social groups/status: Some people do it to be part of the various groups/communities of hackers. These "online communities can be very absorbing and not only provide peer recognition, but also the tools to hack through the sharing of knowledge, skills, techniques and technology".
Vengeance: Some hackers are motivated by individual grievances against individuals or companies.
Classes of hackers
There are generally two classifications. The bad guys are called "Black
...
...