Cybersecurity Expert Answers Hacking History Questions

by

History & Definitions

  • Most Influential Hacker: Kevin Mitnick is cited for his mastery of social engineering (conning people to gain access) rather than just technical exploits. He famously served prison time for manipulating the phone system to make free long-distance calls.

  • Origin of “Hack”: The term originated in the 1960s at MIT’s model train club. It originally meant using technology in a creative, unconventional way. By the 70s and 80s, the meaning shifted to unauthorized access.

  • Hacker “Hats”:

    • Black Hat: Malicious, breaks into systems to steal or damage.

    • White Hat: Ethical, reports vulnerabilities to improve security (similar to the original MIT definition).

    • Grey Hat: Somewhere in between; claims to do good but often crosses legal/ethical lines.

Evolution of Hacking

  • 60s/70s (Physical Era): Hacking required physical access to data centers (“guards, guns, and gates”).

  • Phone Phreaking: Before widespread computers, hackers targeted the phone system. They used 2600 Hz tones (which could be replicated by a Captain Crunch toy whistle) to trick switches into granting administrative access for free calls.

  • 90s (Internet Era): The internet connected everyone globally, dramatically increasing the attack surface.

Notable Attacks & Malware

  • CIA Hack (1996): Hackers changed the CIA website title to “Central Stupidity Agency.” It caused reputational rather than physical damage.

  • Morris Worm (1988): The first major internet worm. Created by a student, it self-replicated and crashed about 10% of the internet at the time.

  • Stuxnet: Malware attributed to the US and Israel designed to sabotage Iranian nuclear centrifuges. It physically destroyed equipment by speeding them up and slowing them down. It was introduced via USB (air-gapped) but eventually spread to the wider internet.

  • WannaCry (2017): A massive ransomware attack stopped by Marcus Hutchins, who discovered a “kill switch” domain in the code. By registering the domain, he stopped the malware from replicating.

  • Colonial Pipeline: The operators shut down the pipeline out of caution after a ransomware attack. They paid a $5 million ransom for a decryption tool, but it was so slow they used their own backups anyway. The FBI later recovered about half the ransom.

  • “I LOVE YOU” Virus: Designed to overwrite files to inflict maximum damage and spread virally.

Cybersecurity Concepts

  • The CIA Triad: The fundamental model of information security:

    • Confidentiality

    • Integrity

    • Availability

  • Deep vs. Dark Web:

    • Surface Web: ~5% of the internet (indexed by Google).

    • Deep Web: ~95% of the internet (unindexed business records, databases).

    • Dark Web: Intentionally hidden, requires special tools (like Tor). Used for illicit activity but also by whistleblowers and dissidents.

  • Passkeys vs. Passwords: Passkeys are the future. They use cryptographic keys stored on a device (FIDO standard), making them resistant to phishing, unlike traditional passwords.

  • VPNs: They encrypt traffic (good for privacy from ISPs), but you are simply shifting your trust from the ISP to the VPN provider, who can still see your data traffic.

  • Election Security: The expert prefers paper ballots over purely electronic voting because paper provides a physical audit trail that cannot be deleted by a glitch or hack.

Social Engineering & Phishing

  • Why it works: Humans are hardwired to trust. Attacks exploit this trait (e.g., holding a door open for someone who doesn’t have a badge).

  • Types:

    • Smishing: Phishing via SMS.

    • Vishing: Phishing via Voice/Voicemail.

    • Quishing: Phishing via QR codes.

Hollywood vs. Reality

  • Real hacking is often hours of boring, repetitive tasks and running scripts, not the fast-paced “I’m in!” moments shown in movies.

In it Trinity uses nmap to scan a network, notices a open SSH port and then uses SSHnuke to gain access. It is the best example of somewhat realistic hacking in movies. Her technique would have worked fine back when the movie was released but these days the default level of security is generally much better on average.

Regarding reboots, do NOT DO THAT when you are in organization and you know it’s been attacked (especially if your files are encrypted). Disable Internet connection, notify your IT team, but keep your computer on at all costs. There is a chance that encryption keys are stored in volitale memory that is going to be wiped when power is turned off. And even if they’re not, there’s better chance to get traces helping post-break analysis in the live system.

This brings back some memories. I was a Sysop in the late 80s, early 90s. I remember reading Phrack magazine, the Legion of Doom (LOD) Technical Journals, making my own red box. The Humble Guys were another group that was popular back then. Man what great times.
Security researchers usually analyze malware in a virtual machine that fakes network access by seemingly allowing every connection to go through and logging what the malware attempts to send to which IP. In order to defeat that scenario, malware pings “random” addresses (that shouldn’t exist), and if they see “successful ping”, they assume it must be a fake response inside a test environment and shut themselves down to make it harder to anaylze what would’ve happened thereafter. It is believed that the programmer of Wannacry made a mistake and forgot to randomize the address properly, causing the malware to always probe the same target. That’s why registering the target domain killed it. It’s also said that Marcus orginally registered the domain “just to see what would be sent there”, and only later realized it was an accidentially functioning kill switch for many instances.

Leave a Comment