Network intrusion is a form of cybercrime which involves, as its name implies, unauthorized entry into a network. It may not lead to the bringing down of the network, such as in a network attack but it does involve the doer entering the network through a back door or a loop hole to gain unauthorized access to a network’s resources, system, data and more.

The confusion between network intrusion and network attack

Network intrusion is almost always confused with network attack. Although these two fields are related and sometimes do overlap, network intrusion is a unique form of cybercrime in itself.

While Network attacks concern themselves mostly with bringing down a network in order so that it becomes almost totally unusable, Network Intrusion involves, as said earlier, unauthorized entry into a network.

Network intrusion is a fairly advanced skill, as knowledge about networks and how they operate is needed. In contrast, network attacks can be done without any knowledge whatsoever of the network structure. Network intrusion also involves a lot of planning in order that the objective is achieved in minimum time (for example, to retrieve the passwords of the users in that network). However, many tools are available out there that make forced entry into a network fairly easy.

Back to Jump

Motive : Theft

The first obvious motive of a crime is usually money. Why risk getting thrown into prison for a long time? Because if you can get away with it, you’ll be many times richer than you are presently. Examples of networks which, when intruded yield a lot of money, include bank networks and escrow networks. This type of business deals a lot with money and any intruder who gets superuser access into the system can conveniently change the details of the user accounts within the network or even silently transfer the money over to his bank account. With superuser access and enough skills, the hacker can even remove any trace whatsoever of the transaction ever taking place. In the movie “Hackers”, the master hacker sent out a virus which silently transfers very small amounts of money from hacked user bank accounts. Nobody ever suspects anything as the amount is small when looked at individually, but collectively, the amount is enough to make the master hacker a millionaire.

Personal Information

Sometimes hackers are not out for an easy way to get rich. Rather, they’re out for power. Just like not all criminals commit crimes for money. Some steal information in order that their own companies can become powerful. Similarly, personal data like your passport number, your user id and password to some secure server or even to your bank account can make the hacker both more powerful and/or richer. In some countries, just by knowing the passport number of a person, you can check what books he has loaned out from the library, what school he was posted to and even get to cancel his mobile account. That is pretty scary. What more if a hacker silently intrudes a network and spies on the user of that network for any typed user ids and passwords or even passport numbers? The hacker will ultimately become “God’ after being granted such divine powers as to affect the lives of those he stole personal information from. It can even become a form of blackmail.

Classified Information (Military or industry)

Military information is kept secret for a reason. If leaked, the security of a country can be threatened. The trouble is some military servers which keep confidential data are kept online for long periods of time for communication and data transfer purposes. A cyberterrorist can take advantage of this situation if he is able to find out how to connect to the server. He can then attempt to enter it through any back doors or any unpatched loopholes. That done, he can help himself to the mega load of information available on the server and quickly transfer it to his own computer. In times of war and in cases where the hacker is a foreigner, this is a very dangerous situation as the country where he resides in is obviously not going to help the country whose server was hijacked as that hacker was probably hired by the former to obtain such information to gain an upper hand in the country. With such information, a country on the opposite side of the war can find weaknesses in its enemy and even develop highly effective countermeasures to the weapons used by its enemy.

In times of economic depression, competition is the keyword amongst companies. The cliché “Eat or be eaten” comes into play here as companies have to strive to be as creative and as unscrupulous as possible in order to stay alive. No one can afford to be kind to another company lest they drown in the flood of the depression. In such, times, companies are willing to hire network experts to tap into the networks of their rivals (of course, secretly and discreetly) to obtain future product plans. They can use such stolen data by building what has been planned by their rivals and releasing it much faster than their rivals have planned. By doing so, they cut into the business of their rivals and thus, will stay competitive and ahead of their competition. A lot more can be done with such information that the possibilities are only limited to one’s imagination.

Back to Jump

Control

Network Control

A lot of the more talented hackers hack for the sheer thrill and fun of it, not for the fame. As such, hackers tend to try to take control of a certain network on the whole to see how far and how much they can get away with. Think about it. Wouldn’t it be fun to control the Stock Exchange? Wouldn’t it be fun to alter your classmate’s academic record just to spite him or her? Yes, you might say no, but granted the skills and power to do so, it is almost definite that you will agree that control is indeed a fun thing. These people do get a thrill from opening and closing your CD trays remotely.

Individual’s Computer

Most hackers use their skills to spite individuals. The typical hacker as depicted by common perception is a weak, physically unfit, malnourished guy who spends most of his time in front of the computer doing nothing else but fiddling with it. As such, the typical hacker can’t do anything much in real life to retaliate any bullies and whatnot. He thus resorts to using the computer to vent his frustration and anger on those who make his life a living hell. Such people can also use their skills to stalk others online and harass them (a phenomenon called ‘cyberstalking’). The reason for cyberstalking is easy. The Internet puts a magic cloak of invisibility around them.

Back to Jump

Vandalism

Deliberate Data Destruction (DDD)

Vandalism can come in the form of the deliberate deletion of files while the hacker is connected to the affected network. Why delete files? Why, simple actually. Why do teenagers destroy public property? It is because it will cost the public and the government ultimately, a lot of money to replace such damaged equipment. Similarly, data has a lot of value these days. Imagine if there exists a network which stores the only copy of works by authors. Let’s say a hacker hacks into this network and feels like being mean to these authors by destroying their life’s work. He can simply delete the files stored on the network and voila! the authors will have no pay, the owners of the server will scramble to hire network security experts to fix the problem, and so on and so forth. All this loss of money is effectively what vandalism is about.

Data diddling

Similar to its cousin, DDD, data diddling results in financial loss. However, data diddling may hide an even uglier consequence. Say you have a presentation stored on your company server for a presentation you’ll be doing the following day. If some hacker had that document changed, you’ll be in deep trouble as whatever you have rehearsed for your previous presentation will be of no use and you’ll be caught off-guard. Some one can even take the credit for your work which you have submitted. All he needs to do is just change your name to his. A worst-case scenario would be a hacker changing the records of the amount in your bank account from $1,000,000 to just $10. Imagine the horror it will cause you.

Website defacement

Website defacement is common amongst most teenage hackers who don’t want to cause much harm. They just want to get their message out. Like graffiti walls where they express their creativity, websites which are hated by them become victims to these vandals. Website defacement is also a tool commonly used by cyberterrorists as a medium for propaganda and expressions of hatred.

Back to Jump

Methods of Intrusion

Social Engineering

It has often been said amongst the underground hacker society that the most powerful hacking tool is social engineering and the weakest link to every network, is a human. This is indeed true. Finding a loophole in a network is very difficult and tedious. Fooling incompetent humans, on the other hand, is much more effortless and has a higher success rate than conventional hacking techniques, considering the fact that most security guts know nuts about computers. Social engineering involve manipulating humans into letting you enter the network, either through physically gaining access to the building where the server is stored or through calling up anybody working in that building and tricking them into giving you their password to the network. It is highly effective especially if you know a lot about manipulating people.

Impersonation

Once a hacker has stolen passwords and user ids of unsuspecting victims, he effectively gains access to the network. All he has to do is log in as his victims and he has what he wants. This technique is effective but not really safe as system admins might be monitoring the network and logging down the IP addresses of those on the network. Unless the hacker knows how to remove any traces of him being on that network, he should not try this method.

Exploits

Everything that is created by humans has its flaws and loopholes. This principle and law of life is taken advantage of by hackers. There are many hackers who spend hours and hours trying to find bugs in Operating Systems and network hardware so that they can tell the whole hacker world that these bugs exist and hackers can exploit these loopholes to gain unauthorized access to these buggy systems. Almost any piece of software has its weak point and it is only a matter of time before hackers find them out and use them to access networks illegally to wreak havoc.

Back to Jump

Reference

International Intrusions: Motives and Patterns
http://www.aracnet.com/~kea/Papers/paper.shtml

Intrusion detection: Implementation and operational issues
http://www.stsc.hill.af.mil/crosstalk/2001/01/mchugh.html

Intrusion Detection: Knowing when someone is knocking on your door.
http://www.rootprompt.org/article.php3?article=581

Catching them Red-Handed
http://www.dqindia.com/content/industrymarket/software/103063002.asp