Availability and Accessibility of Hacker Information on the Internet

V Stagg¹ and M Warren²

¹School of Computing & Mathematics, Deakin University, Australia,

E-mail: vstagg@deakin.edu.au

²School of Computing & Mathematics, Deakin University, Australia,

E-mail: mwarren@deakin.edu.au

Word Version of Document (zip file)

 

ABSTRACT: Knowledge is considered as power. The Internet has become a repository for knowledge. What happens when that information is considered harmful (e.g. how to make bombs, how to hack, etc.)? Society would wish that this information is not made available via the Internet, but the spread of information cannot be stopped. This paper will look at the spread of harmful information and the limitations in trying to control the spread of this information.

 

Keywords: Information security, computer security, hacking, hacker tools, Internet.

 

 

INTRODUCTION

 

From humble beginnings as the ARPANET in 1969 through to the pervasive and omnipresent nature of the Internet today, information has been the ultimate objective of this medium. Originally used by scholars to share information and research, the Internet these days provides services and products limited only by the imagination of developers.

Information is available on all kinds of topics - from the beginning of the world to the latest results of your favourite sports. Numerous How-To's and Frequently Asked Questions (FAQ's) exist for novices while more advanced details can be obtained by those with computer savvy. No longer do you need to rummage through old newspaper clippings or visit numerous libraries for that elusive reference, these days nearly everything you need is online.

However, this freedom of information is not without its problems. Personal details, sensitive information, offensive, and illegal material have all appeared in various guises on the Internet. The fundamental nature of the Internet has enabled information to travel freely around the world and to be available from many places at any time. One source of information that has been around since the early days of the Internet is that of hacking.

 

HACKERS

 

Hackers of the early days were people who would experiment to find machines weaknesses or tweak machines to perform beyond their intended purposes (Frenkel 1987, Denning 1990). Through the use of email and bulletin boards, these hackers would post their methods and results, with a hacker culture developing through this interaction. It was not long however before other types of hackers appeared, ones who used their skills to gain unauthorized access to systems, data and software. Many of these hackers also used their skills to override the public telephone system and were known as phreakers (Sterling 1994). The Internet provided the perfect medium for these people to boast of their "exploits" and provide details on how to reproduce these hacks.

Since many of these hacks went unnoticed, caused little or no damage, or were seen as harmless incidents the general perception of the public towards hacking was relatively indifferent. A number of famous hacks had been documented, such as the break in at LBL computers (Stoll 1989), the Internet worm (Spafford 1989), and the feats of Kevin Mitnick (Haffner & Markoff 1991), but these had minor impact as they did not affect the public at large or have major disruptions to everyday life.

It has only been the last few years that the Internet has become a major component of governments, industries and commercial sectors (Cheswick 1994). The rapid development and deployment of online capabilities and the evolution and implementation of information technologies is transforming society (Kadner et al. 1998). As Table 1 shows, the growth of the Internet has been staggering with currently over 377 million users worldwide (http://www.nua.ie/surveys/how_many_online/world.html).

 

 

Table 1. Number of online users

 

In the space of five years, the number of users online has grown by a factor of 22, and this only represents just over six percent of the world's population! In July of this year, the NEC Research Institute catalogued over 1 billion unique Web pages on the Internet (http://www.inktomi.com/webmap). Table 2 shows a partial breakdown of the survey, indicating the number of individual and mirrored servers discovered.

 

Number of servers discovered	6,409,521
Number of mirrors in servers discovered	1,457,946
Number of sites (total servers minus mirrors)	4,951,247
Number of good sites (reachable over 10 day period)	4,217,324
Number of bad sites (unreachable)	733,923

 

Table 2. Internet statistics

AWARENESS

 

In June 1996, the General Accounting Office of the United States released a document entitled "Information Security: Computer Hacker Information Available on the Internet" (GAO 1996a). A parliamentary testimony, it identified the increasing risks computer hackers pose to computer systems and the proliferation of hacking information available on the Internet. It detailed the access hackers have to numerous tools and techniques that would enable various attacks, active or passive, on computer systems. The tools identified included software that enabled passwords to be broken, data packets to be captured, and vulnerabilities of systems identified. Techniques included methods for bypassing system security measures, rewiring electronic devices, and obtaining system root privileges.

This testimony, along with another report identifying the risks of computer attacks (GAO 1996b), highlighted the computer and communications security concerns within government, military, and private sectors. These documents indicated the government's awareness of the vulnerability of the Internet and computer systems, the threats that existed, and marked an important change in attitude towards these technologies.

 

 

INCIDENTS

 

The number of computer security incidents has grown rapidly over the years. CERT, the Computer Emergency Response Team  (http://www.cert.org), maintains a database of such attacks and has seen a significant number of incident reports since its inception in 1988. Of course, these are only the ones detected or actually reported; the real number would be much higher.

 

 

 

Table 3. CERT Number of incidents reported

 

The figures obtained by CERT rely on organizations supplying the appropriate details and do not always reflect the real number of actual incidents. Many organizations are loathe acknowledging their weaknesses or may not even be aware of attacks occurring. Others may have political, legal, financial, or security reasons for not disclosing details. Efforts are underway to improve this situation with the development of Information Sharing and Analysis Centers (PDD 1998) that are intended to remove many of the obstacles in sharing information. The Computer Security Institute recently released its Computer Crime and Security Survey for 2000 (CSI 2000), which showed an increase in security incidents with the Internet as a frequent point of attack.

 

 

Year	Incident			Point of Attack
	Yes	No	Don't know	Internal	Remote	Internet
1996	42	37	21	53	39	37
1997	50	33	119	52	35	47
1998	64	18	18	44	24	54
1999	62	17	21	51	28	57
2000	70	16	12	38	22	59

 

Table 4. CSI survey, figures represent percentage of respondents

 

Computer attacks can disrupt communications, steal sensitive information, and threaten the ability to execute operations (GAO 1996a). Threats are increasing because the number of individuals with computer skills is increasing and because hacking techniques have become readily accessible through magazines and the Internet (GAO 2000a).

There are significant challenges in controlling unauthorized access and preventing unknown individuals or groups launching untraceable attacks from anywhere in the world (GAO 1996b). With technology rapidly developing and costs diminishing, attackers have sophisticated hardware and software to carry out potentially damaging attacks on systems worldwide. Information warfare techniques have become a predominant focus of governments and militaries as they adjust to a new wave of technological defence. Toffler's (1998) Third Wave has become reality as society shifts to an information-based economy and information, a sought after commodity, is no longer regulated or controlled by the traditional dominant power structures such as government or military (Kadner et al. 1998).

Recent computer security incidents have highlighted the debilitating and costly effects that they can have on organizations. The infamous Melissa (http://www.melissavirus.com) and ILOVEYOU (http://www.datafellows.com/v-descs/love.htm) viruses had repercussions worldwide, even gaining the spotlight of the world's press, whilst distributed denial-of-service attacks on sites such as Amazon (http://www.amazon.com), Yahoo (http://www.yahoo.com), and eBay (http://www.ebay.com) caused significant income losses for these companies[1]. Stories abound of hackers gaining access to confidential information such as credit card details, medical or financial details, even classified government material.

An information security survey conducted by ICSA's Information Security Magazine (http://www.infosecuritymag.com) identified various concerns held by organizations, including the threat of attack by outsiders. Although insiders are the prime cause of incidents and usually represent the greater risk, outsiders represent an important concern as they:

 

·         Are harder to prosecute

·         Often get high profile headline attention

·         Can affect shareholder or consumer confidence

·         Incidents cannot necessarily be controlled "in-house"

·         Attacks may not have a clear purpose

·         Attackers may be more organized or focused than an insider

 

 

 

Table 5. ICSA survey of detected outside breaches

 

AVAILABILITY

 

With the vast number of online users these days, and the enormous amount of information available, it is only inevitable that much of this information will be of a malicious, pernicious, or iniquitous nature. Apart from illegal or inflammatory considerations, much of this information has every right to be available and it is not the intention of this paper to delve into moral, religious, or censorial issues.

Hacker information is readily available on the Internet as well as through other mediums including magazines, CD's, and even television shows. Much of the information is very basic in nature, often outdated, or applicable only to obsolete technology. With a little effort however, information can be found on methods and techniques for hacking that is very applicable for today's technologies.

As part of the GAO (1996a) report, the phrases "hacking" and "password cracking" were searched using a popular search engine of the time, AltaVista[2], with reasonable results. As a comparison, a search was conducted recently on these phrases, as well as the phrases "cracking" and "hacker tools", using the same search engine and Google[3]. As the tables below show, there has been a significant increase in hacker information availability!

 

 

 

 

Table 6. 1996 Search results

 

 

Table 7. 2000 Search results

SOURCES

 

Search engines provide links to numerous hacking information sites. Often these sites contain the same information (mirror sites), have a short life span, or contain links to yet further sites. As well as providing information in the form of documents, many of these sites also offer software, serial numbers, chat lines, newsletters, magazines, or even a bulletin board. Many of these require passwords or advanced knowledge of their existence and often contain more advanced material than generally available.

Other Internet sources for hacking information exist in the form of email, news groups,