2024年3月7日发(作者:)

黑客的危害英语演讲

Hackers and malware have evolved in recent decades. In

the days when computers were crude and big boxes, hackers

were new. At best, they were teenagers who liked to play

pranks. Maybe they made some malicious software, but the

level of sophistication of the malware was very different

from today's malware. With the introduction of computers

into the economic field, hackers have also developed from a

group of godless teenagers addicted to the Internet into a

daring criminal group.

Computers are no longer new, and hackers are no longer

mischievous. Their social image of late nights, energy

drinks and junk food has changed dramatically. Today's

hackers are cautious professionals with high salaries, and

some hacker organizations even have their own HR teams and

vacations. Although there are many types of hackers, they

can be roughly divided into the following 11 basic types.

1. Bank robber type

Bank robbers and road robbers used to ride horses with

guns and take money from banks, travelers, businessmen and

easy targets. Now the tools of financial hackers are

ransomware, fake credentials, date spoofing, fake checks,

fake intermediaries, denial of service attacks, and

anything else that can help them steal money from

individuals, companies, banks, stock accounts. Greed is

their invariable nature.

2. National endorsement type

Many developed countries employ plenty of skilled

hackers. Their main job is to penetrate the military and

industrial networks of other countries to steal secrets and

install backdoors. In the event of hostilities between the

two countries, these cyberwarfare machines can be ready to

go.

Stuxnet, which destroyed hundreds of Iranian

centrifuges, is the poster child for cyberwarfare. This is

just the tip of the iceberg. Such hackers attack all the

time, but most of the time quietly, and the viruses and

backdoors they install remain dormant.

3. Corporate espionage

For many hackers, their day job is stealing

intellectual property from companies, selling information

about others or working for the state that employs them.

The common type of corporate espionage is the theft of

secret patents, business plans, financial data, contracts,

health data and even records of legal disputes. The use of

hacking groups to steal information about competitors is a

well-kept secret on both sides. Only when illegal access to

information about competitors is caught by the victim

companies and relevant government agencies will the

corporate spies behind them be exposed.

4. Mercenary type

There is also a new breed of professional hackers who

develop, buy or steal powerful malware and offer advanced

persistent Threat (APT) services. Then they put a price tag

on their hacking skills and tools. Their goals range from

financial gain to taking down competitors to infiltrating

enemies and possibly stealing valuable data or intellectual

property. Their clients range from governments to companies

interested in corporate espionage and even criminal groups

looking to steal from other hackers.

The most notorious of these hackers is the Deathstalker.

Their targets are mainly in the financial sector, including

law firms, wealth advisory firms and financial technology

companies with which they work. Active in Asia, Europe and

South America, the group typically launches spear-phishing

attacks using the Powershell-based Powersing malware, which

then uses the malware to capture information such as login

credentials and execute PowerShell malicious scripts.

5. Type of rogue

Some people might argue that teenagers playing video

games does no harm other than to their academic performance.

But gaming is serious work for millions of people and has

spawned a multi-billion dollar industry. Some high-end

gamers may spend thousands of dollars on high-performance

hardware and spend hundreds or even thousands of hours a

year playing games. In this environment, it's not

surprising that hackers have been targeted specifically at

the game industry. These hackers will steal competitors'

credit caches or launch distributed denial of service (DDoS)

attacks to take down competitors.

6. Type mining

Mining hackers can be called resource vampires, and

their main method is to illegally use the computing power

of other people's computers. Hackers have been doing this

together since computers became commonplace. It's just that

in the early days, it was common for hackers to use other

people's hard drives to store large files like videos. A

few years ago, SETI launched a campaign for volunteers to

install a screen saver. The screen saver can use

volunteers' computer cpus when their computers are idle to

help search for extraterrestrial life.

Today, the biggest motivation for hackers to steal

computer resources is to mine cryptocurrencies. Mining

attacks exploit browser visitors or infect websites they

visit to spread malware and then have those infected

computers mine cryptocurrency for them. This effectively

amounts to stealing resources such as electricity and

computer power from the victim. The originators of mining

attacks do not pay for these resources, while profiting

from the cryptocurrency mined. This act is tantamount to

theft. Many employees have also been fired for using

company computers to mine mines.

7. Promote hacktivism

Hacktivists use hacking to make political statements or

promote social change. They sometimes steal embarrassing

information from victim companies and then create business

problems for those companies; Sometimes vandalism,

inflicting damage on the victim company, is used to draw

attention to hacktivism. The representative of this type of

hacker is Anonymous. Many otherwise good and law-abiding

people end up in prison for following hacktivism. Their

intentions may be good, but the consequences are the same

as those of a hacker with bad motives.

8. Botnet type

Many malware programs seek out meat machines and then

use them to spread the malware around the world to infect

as many computers as possible. The goal of this type of

hacker is to build large botnets. Once a user's computer

has become a zombie, it waits for instructions from its

owner. It is usually the command and control server that

issues the instructions. Although BOTNETS CAN BE DIRECTED

DIRECTLY BY their CREATORS, BOTNET creators typically rent

them out for profit.

The current popular botnet is Mirai, which can attack

routers, cameras and iot devices. One of the largest DDoS

attacks of all time was caused by the Mirai botnet

attacking DNS service provider Dyn. The attack generated

1.2TBpS of malicious traffic. The Mirai botnet program is

easy to install, and one of its biggest features is that it

automatically looks for devices that do not install patches

and change their default login credentials in a timely

manner. Iot devices are often easy targets. Experts

estimate that a fifth of the world's computers are now part

of botnets.

9. Advertising and spamming

Users are lucky if they are only attacked by spam

malware programs, or if their browsers are hijacked only by

advertising programs. An AD program works by redirecting

the browser to a site the user doesn't want to visit. For

example, when a user searches for "cat," the AD program

forces the user to "camping gear."

Many legitimate companies are surprised to find that

their online marketing campaigns are using spam and

advertising programs. When companies hire online media

experts to run marketing campaigns, they often ask only to

ensure high response rates, but don't prescribe a specific

approach.

Spam and advertising programs may not seem like much of

a threat, but they suggest that a user's system may be

seriously compromised. These tools are infiltrated through

unpatched software, the same route used by social

engineering and more serious threats like trojans and

ransomware.

10. You're a show-off

Most of the people behind hackers who are looking for

money have nefarious motives or political agendas. But one

group of hackers just want to show off. They may want to

demonstrate their technological prowess to themselves or to

the online community. The reason such attacks are rare is

that hacking, whatever the motivation, is illegal and

punishable by prison.

This type of hacker is most interested in hacker-specific hardware. The emergence of hacker-specific

hardware tools such as RaspberryPi with chips, circuits and

jumpers has sparked interest in hacking hardware. There are

even hacker-only hardware sites for kids.

11. A contingency

The last type of hacker is more of a traveler than a

saboteur. They may have some technical prowess, but they

never deliberately try to crack anything. Until one day,

they came across a website with an obvious coding error.

Attracted by these vulnerabilities, they began to play the

hacking game. To their surprise, they found that attacking

these vulnerabilities was as easy as it seemed.

This happens all the time. For example, websites

identify customers with easy-to-guess numbers on their urls.

Casual hackers sometimes have trouble reporting their

findings to companies without getting into trouble. When

they use the existing vulnerability to invade the site will

suddenly find that their behavior has been illegal criminal

behavior. Most security experts battling nefarious hackers

believe that casual hackers can escape legal liability as

long as they report the companies they invade promptly.

黑客和恶意软件在近几十年中不断发展。在计算机还是粗糙的大机箱时代,黑客还是新生事物,他们顶多是一群喜欢恶作剧的少年,也许他们会制作一些恶意软件,但是这些恶意软件的精致程度与今天的恶意软件有着天壤之别,最多算是游走在法律边缘。随着计算机进入到经济领域,黑客也从一群两眼无神的网瘾少年发展成为了一个个胆大妄为的犯罪集团。

如今计算机已经不再是新生事物,黑客也已经不再恶作剧。他们原来的社会形象是喜爱熬夜、喜爱能量饮料和垃圾食品,这些社会形象今天也已经发生了极大的变化。现在的黑客都是做事小心谨慎的专业人员,他们的薪水很高,有的黑客组织甚至有着自己的人力资源团队和假期。尽管黑客的类型非常多,但是大致可分为以下11种基本类型。

1.银行劫匪型

以前的银行劫匪和公路抢劫犯是骑着马拿着枪从银行、旅客、商人以及一些容易得手的目标那里打劫钱财。如今金融黑客的工具换成了勒索软件、虚假凭证、日期欺骗、假支票、假中介、拒绝服务攻击,以及任何能够帮助他们从个人、公司、银行、股票账户中窃取钱财的黑客手段。贪婪是他们不变的本性。

2.国家背书型

许多发达国家都雇佣了大量熟练的黑客。他们的主要工作是渗透至其他国家的军事和工业网络的内部,伺机窃取秘密并安装后门程序。一旦两国之间发生敌对行动,这些网络战机器可以随时准备开动。

摧毁了数百台伊朗离心机的震网病毒就是网络战的典型代表。这只是冰山一角。这一类黑客一直在进行着攻击,只是大部分时间都是悄悄地进行,植入的病毒和后门程序也一直处于沉睡状态。

3.商业间谍型

对于许多黑客而言,他们的日常工作是窃取企业的知识产权,出售他人信息,或是为雇佣他们的国家政权服务。常见的商业间谍类型是窃取秘密专利、商业计划、财务数据、合同、健康数据甚至法律纠纷记录。利用黑客组织窃取竞争对手信息是竞争双方心照不宣的秘密。只有当非法获取竞争对手信息的行为被受害公司和相关政府机构抓住,他们背后的商业间谍才会被曝光。

4.雇佣兵型

如今还出现了一种新型的黑客组织,这些专业的黑客会开发、购买或是窃取强大的恶意软件,并提供高级持续威胁(APT)服务。然后,他们会明码标价出售自己的黑客技能和工具。他们的目标五花

八门,有的是经济收益,有的是打击竞争对手,有的是向敌方渗透,有的可能是盗窃有价值的数据或知识产权。他们有着形形色色的客户,有的是政府,有的是对商业间谍活动感兴趣的公司,有的甚至是想窃取其他黑客手中东西的犯罪集团。

在这类黑客中,最臭名昭著的是Deathstalker。他们的目标主要是金融领域内的目标,包括与之合作的律师事务所、财富咨询公司和金融技术公司。这个组织活跃在亚洲、欧洲和南美,常用的手法是通过基于PowerShell的Powersing恶意软件发动鱼叉式网络钓鱼攻击,然后再利用该恶意软件捕获登录凭据等信息,并执行PowerShell恶意脚本。

5.流氓型

有些人可能会认为青少年玩游戏除了影响学习成绩外,并没有什么别的危害。但是对于数百万人而言,游戏是一项严肃的工作,并催生出了一个价值数十亿美元的行业。一些高端游戏玩家可能会花费数千美元配置高性能硬件,每年花在游戏上的时间高达数百甚至数千小时。在这种大环境下,出现专门针对游戏行业的黑客也就不足为奇。这些黑客会窃取竞争对手的信用缓存,或发起分布式拒绝服务(DDoS)攻击以打击竞争对手。

6.挖矿型

挖矿型黑客堪称资源吸血鬼,其主要手法是非法利用他人计算机的算力。自从计算机普及以来,黑客就一起在这么干。只不过在早期,黑客的常见做法是利用他人的硬盘驱动器来存储视频之类的大文件。前些年,SETI还发起了一项征集志愿者的活动,让志愿者安装一个屏幕保护程序。该屏幕保护程序可在志愿者的电脑闲置时可以利用他们的电脑CPU来帮助寻找外星生命。

如今,黑客窃取计算机资源的最大动机是挖掘加密货币。挖矿攻击会利用浏览器访问者或感染其访问的网站来传播恶意软件,然后让这些受感染的计算机为他们挖掘加密货币。这实际上相当于窃取了受害者的电力和计算机算力等资源。挖矿攻击的发起者不会支付这些资源的费用,同时又从挖掘到的加密货币中获利。这种行为与盗窃无异。许多员工也因利用公司计算机挖矿而被解雇。

7.宣扬黑客主义型

黑客主义者会利用黑客手段发表一些政治言论或是促进社会变革。他们有时会从受害公司那里窃取令人尴尬的信息,然后给这些公司制造业务难题;有时会肆意破坏,给受害公司造成损失,以图让外界关注黑客主义。这类黑客的代表是Anonymous(匿名者)。许多原本善良守法的人因追随黑客主义而最终锒铛入狱。他们行为的初衷可能是好的,但是造成的后果却与那些动机不良的黑客无异。

8.僵尸网络型

许多恶意软件都会寻找肉机,然后再通过它们将恶意软件传播到世界各地,以感染尽可能多的计算机。这种类型黑客的目标是组建大型僵尸网络。一旦用户的计算机沦为僵尸机,那么它们就会等待主人的指令。发布指令的通常是命令与控制服务器。尽管僵尸网络可由创建者直接指挥,但是通常情况下,僵尸网络的创建者会将它们出租出去以牟利。

目前流行的僵尸网络是Mirai,它们可以攻击路由器、摄像头和物联网设备。有史以来最大的DDoS攻击之一就是由Mirai僵尸网络攻击DNS服务提供商Dyn导致的。当时的攻击产生了1.2TBpS的恶意流量。Mirai僵尸网络程序安装容易,其最大的一个特点是会自动寻找未及时安装补丁程序和未及时修改其默认登录凭据的设备。

物联网设备通常很容易成为目标。据专家推测,全球1/5的计算机已沦为了僵尸网络的一部分。

9.广告和垃圾邮件发送型

对于用户来说,如果仅受到垃圾邮件恶意软件程序的攻击,或是浏览器仅被广告程序所劫持,那么他们还是相当幸运的。广告程序的工作原理是将浏览器重定向到用户并不想访问的站点。例如,用户在搜索“猫”时广告程序会将用户强行引导至“露营装备”。

许多正规公司会惊讶地发现自己的在线营销活动正在使用垃圾邮件和广告程序。公司聘请在线媒体专家开展营销活动时,往往只要求对方确保高响应率,并不会规定具体的方式。

垃圾邮件和广告程序看似威胁不大,但是却暗示着用户的系统可能已经出现了严重的漏洞。这些工具的渗透途径是未打补丁的软件,而社会工程和木马、勒索软件等更严重威胁也是通过相同的途径渗透进入的。

10.自我炫耀型

大多数以图财为目的的黑客幕后老板都有着邪恶的动机或是政治图谋。但是有一群黑客却只是为了炫耀一下自己。他们可能想向自己或是在线社区展示一下自己的技术实力。此类攻击之所以不多,是因为无论出于何种动机,黑客入侵都是非法的,存在牢狱之灾。

这类黑客最感兴趣的是黑客专用硬件。RaspberryPi等带有芯片、电路和跳线的黑客专用硬件工具的出现引发了人们对黑客硬件的兴趣。甚至还有专门为孩子们创建的黑客专用硬件网站。

11.偶然性

最后一种类型的黑客更像是过客而非破坏分子。他们或许有一定的技术实力,但是从未刻意尝试破解任何东西。直到有一天,他们遇到了存在明显编码错误的网站。受到了这些漏洞的吸引,他们开始玩起了黑客入侵游戏。令他们惊讶的是,他们发现攻击这些漏洞就像表面看起来的那样容易。

这种情况屡见不鲜。例如,网站在URL上使用易于猜中的数字来标识客户。偶然型黑客有时难以在不陷入麻烦的情况下向公司报告自己的发现。当他们在利用存在的漏洞入侵了网站后会猛然间发现自己的行为已经属于违法犯罪行为。大部分与邪恶黑客进行斗争的安全专家认为,偶然型黑客只要及时向他们入侵的公司报告,他们可以不被追究法律责任。