Jul.23

“A Walk to Secure Future”- Part 4

“For a long time now, it is often seen that irrespective of an inside source, private data from the organisations have been sold out in black market of marketing agents. Let us understand this. Private information stored on the company servers, whether privately hosted, dedicated hosted or any other way, it gets stolen by hackers, no matter they had any internal help from employees, or not. In the quest to steal data from a server, hackers had some very common weapons in-hand which were very popular by the turn of the century. It was based on an easy concept, send in crawler scripts and extract the data. At that time, around 2001-02, cyber security was not an urgent issue. Companies that stored data on servers were limited due to lack of open technology and that being a costly affair. Such companies hired trained professionals to secure the servers but on the contrary, they neglected that competition in the market would want to steal the data. So the staff appointed basically concentrated on data management rather data security. This made it very easy for the hackers to carry out their missions.

The revolution came in when such stolen data gained an enormous buying rate in the market, where the buyers were marketing and other concerned officials of other companies. This gave birth to Black-Marketing. Data robbery became a fashion or rather a flourishing business. The companies then started working on securing the data. It was the same time when dedicated hosting and isolated servers came into existence.

Isolated servers are those which have a completed cut off hard-wired line from the source. It means the network which is completely isolated from any other type of network in its vicinity. It means this type of server cannot be accessed from any computer outside its network. Such servers need a physical data receptor to be installed in its root source to be hacked. Or in fancy words, the type of hacking you see in Action Movies. This helps a lot in data security since it is quite difficult to gain access to such machines.

 

The concept of data intercepting was born when hackers found a way to capture the traffic. Let me elaborate. Whenever you send any query from one computer to another, the signal travels in form of data packets. Just like light travels in form of photons, electricity in form of electrons, Data travels in packets. Now think if someone got access to those packets. He might be able to read the data it was carrying. During login authentication, packets carry your password and id to the server for verification. It means the hacker can read it from there. Well how simple it seems, it is not. First of all, the packets are made in a particular framework which cannot be easily read upon. They need decryption, understanding of different protocols, filtering, de-capsulation, but yes, ultimately they can be read. How it is done? And how such captured packets are read? Well these questions borne answers to a lot of things. Let us see how, for this you can download an application called “Wire Shark” or “Network Miner”. Study those applications and I guess that will answer many of your queries. Now how actually it is done is not an information that should be disclosed publicly but it is something you should find out on your own. Once you master the art of packet handling, I can assure you, there is no server in the world you won’t be able to break into. Hackers made this art of security analysis into a deadly weapon. This ruled that era of hacking where the servers and clients were still on hardware mode. Then came the CLOUDS and that completely redefined the techniques of both, Hacking and Security.

 

Cloud computing does not allow you to detect the physical location of data. With self-constructing features, clouds rule our technology today. Varying from one form to another, clouds are not completely integrated in our lives. May it be extensive data storage, or connectivity, clouds have proved efficient in many ways. None of our day passes off without using any cloud network. Since clouds have the ability to self-construct, destruct, traverse, they have helped in data security a lot. But this on the other hand has also encouraged the hackers to develop a more advanced way of infiltrating the system. Unfortunately the infrastructure required to do so is quite expensive but yet nothing is impossible. On simple scale, cloud networks can be made a 100% safe from virtual infiltration like malicious codes, malware and injections etc. They can be hacked with physical receptors which take us back to medieval era of hacking. However some techniques are still available to hack into such cloud networks almost but that still gives you partial access. Full access is quite difficult since the server cannot be easily located.

 

Data interception works like intercepting pigeons in olden days. Kill the pigeon in mid-flight and duplicate the data. Interpret it and here it is. Ready to bombard some other place. For a long time, data interception has been a key aspect of hacking clients as well as servers. But the ways change. The use of obfuscated coding, hacking into codes and scripts has reduced to 10-20%, code breaking is not a simple act of fool now. And for then data interception is the way one can think of hacking easy way. Codes cannot be easily broken, the server cannot be easily broken into by injection and data interception thus gains importance and a major issue worth worrying about by security consultants. Where data protection is greatest priority, millions of dollars are being spent on such programs to secure data and thus it has evolved into a major industry.

Technical
Share this Story:
  • facebook
  • twitter
  • gplus

About Nayan Goenka