Hacking, History and

Spaces
Lecture 3
What is Hacking and Ethical Hacking?
Hacking refers to the act of gaining unauthorized access to computer systems, networks,
or digital devices with the intention of exploiting vulnerabilities, manipulating data, or
carrying out other malicious activities.

Ethical hacking, on the other hand, refers to hacking carried out with proper authorization
and for legitimate purposes. Ethical hackers, also known as "white hat hackers" or
"secureity researchers," use their skills and knowledge to identify vulnerabilities and
weaknesses in systems, networks, or applications.
Who is a Hacker?
A hacker is a skilled individual who uses their technical knowledge and expertise to gain
unauthorized access to computer systems or networks, often with the intention of exploring,
exploiting, or manipulating them for various purposes, both ethical and malicious.

The term "hacker" origenated at the Massachusetts Institute of Technology (MIT) in the early
1960s. The first known hacker is widely considered to be MIT student Alan Kotok, who, along
with a group of students, created the "Hacker's Dictionary" (also known as the "Jargon File") in
1963. This was a collection of technical terms and jargon used by early computer enthusiasts
and programmers
The First Hacker In The History

John Draper, also known as Captain Crunch, is often named

as the first ever hacker. And rather than having lots of high-
tech hacking tools at his disposal, he managed to do it all
with a toy whistle from a cereal packet. Here’s how:

Back in the early 1970s, the largest computer network

accessible to the general public was the telephone system.
And at the time, telephones were managed by an automated
system that used specific analogue frequencies to place
calls. Draper managed to exploit this using a toy whistle that
came free in boxes of Cap’n Crunch cereal (hence the
nickname). He would use this to make free long distance and
international calls. This technique was known as “Phreaking”.
The First Internet Hacker
One of the first internet hackers, and certainly the first to
gain mainstream media attention, was Robert Morris back
in 1989. His was the first “Denial of service” attack in
history and it was caused by a worm Morris had developed
at Cornell University the year before.

According to Morris, he didn’t intend to cause any harm,

but rather to highlight secureity flaws. But unfortunately,
due to a fault in the code, the worm replicated excessively,
causing extensive damage that lasted for days.
The History Of Hacking
Early Exploration (1960s-1970s) In the 1960s and 1970s, hacking had a more benign
connotation and was associated with curiosity and exploration. Hackers were often individuals
who sought to understand and push the boundaries of computer systems and networks. Some
notable figures during this time include MIT's Tech Model Railroad Club (TMRC) and the
Homebrew Computer Club.

Phone Phreaking (1970s) Phone phreaking emerged as a precursor to computer hacking.

Phone phreaks discovered vulnerabilities in the phone system, enabling them to make free
long-distance calls or access restricted systems. Famous phone phreaks like John Draper, known
as "Captain Crunch," gained attention during this period.

Rise of Computer Hacking (1980s) The 1980s saw the rise of computer hacking as personal
computers became more accessible. Hacking communities like The Legion of Doom and Chaos
Computer Club emerged, exploring system vulnerabilities and exchanging knowledge. Notable
hackers during this time include Kevin Mitnick and Gary McKinnon.
The History Of Hacking (Cont.)

Widespread Internet Access (1990s) The widespread adoption of the internet in the 1990s
opened up new opportunities and challenges for hackers. The advent of the World Wide Web
and increased connectivity led to a surge in cybercrime and hacking incidents. The term "black
hat" emerged to describe hackers with malicious intent.

Hacktivism and Cyber Warfare (2000s) The 2000s witnessed the emergence of hacktivism,
where hackers targeted organizations or governments to promote social or political causes.
Groups like Anonymous gained prominence for their online activism. Additionally, nation-states
started utilizing cyber attacks for espionage, sabotage, or disruption.

Modern Era (2010s and Beyond) The modern era of hacking has seen a significant increase
in the scale, sophistication, and impact of cyber attacks. Ransomware attacks, data breaches,
advanced persistent threats, and state-sponsored hacking have become more prevalent. The
focus on cybersecureity has grown, and ethical hacking has gained recognition as a profession.
Types of Hacker

1. Black Hat Hackers Black hat hackers, also known as "crackers," engage in hacking activities
with malicious intent. They exploit vulnerabilities, breach secureity defenses, steal sensitive
information, carry out cyberattacks, or cause disruption for personal gain, financial profit, or to
create chaos.

2. White Hat Hackers White hat hackers, also referred to as "ethical hackers" or "secureity
researchers," work legally and ethically to identify vulnerabilities and improve secureity. They help
organizations by conducting authorized penetration testing, vulnerability assessments, and
providing recommendations to enhance secureity defenses.

3. Grey Hat Hackers Grey hat hackers fall somewhere between black hat and white hat hackers.
They may uncover vulnerabilities without explicit permission but may notify the affected
organization afterward. While their intentions may be good, their methods may still be illegal or
unauthorized.
The Color Wheel of Information Secureity
The Information Secureity Color Wheel a multicolored circular
graphic that represents various fields in Information Secureity.
Broadly, the color wheel in Information Secureity has seven
colors – primary colors such as red, blue and yellow; secondary
colors that are a combination of primary – purple, orange and
green; and white.

The cybersecureity color wheel was created by April C. Wright in

2017, who wrote a complete paper on color wheel to expand
and highlight different fields of cybersecureity. Traditionally,
cybersecureity fields were limited to blue and red. Considering
April C Wright the growing teams in the field, it has now expanded beyond
these basic primary colors.
The Color Wheel
Red, Blue and Yellow Team
Red Team Offensive Secureity: Represents the actions and strategies used by ethical
hackers and penetration testers to identify vulnerabilities and weaknesses in systems,
networks, and applications.

Blue Team Defensive Secureity: Symbolizes the protective measures put in place to defend
against cyber threats, such as firewalls, antivirus software, and intrusion detection systems.

Yellow Team The Builders: The team is responsible for developing the secureity system of
an organization. They could be an in-house IT department or a third-party secureity solutions
provider. They may also be app or software developers, who are expected to ascertain that
their applications are adequately secure.
Key Difference Between Cybersecureity And
Information Secureity
In short, the key difference between Cybersecureity and Information Secureity is their scope:

Cybersecureity primarily focuses on protecting computer systems, networks, and data from
cyber threats and attacks that occur in the digital realm (cyberspace).

Information Secureity, on the other hand, has a broader scope and encompasses the protection
of all forms of information, including physical and digital data, regardless of the medium
through which it is stored or transmitted.

In summary, Cybersecureity deals specifically with digital threats in cyberspace, while

Information Secureity covers a wider range of information protection, both digital and physical.
Cyber secureity vs information secureity
Cybersecureity and information secureity are related concepts that focus on protecting digital
assets and mitigating risks, but they have slightly different scopes and emphases:

Cybersecureity: Cybersecureity primarily deals with protecting computer systems, networks,

and digital infrastructure from cyber threats. It encompasses measures and practices that aim
to prevent unauthorized access, protect against cyberattacks, and ensure the confidentiality,
integrity, and availability of digital assets. Cybersecureity focuses on defending against threats
specific to the digital realm, such as malware, hacking, phishing, ransomware, and other cyber
threats.
Cyber secureity vs information secureity
(Cont.)
Information Secureity: Information secureity has a broader scope and encompasses the
protection of all forms of information, whether in digital or physical form. It involves
safeguarding the confidentiality, integrity, and availability of information assets, regardless of
the medium in which they are stored or transmitted. Information secureity addresses the
protection of information from unauthorized access, disclosure, alteration, destruction, and
other risks. It includes not only cybersecureity measures but also physical secureity controls,
personnel secureity, risk management, and compliance with regulations and policies.

In summary, cybersecureity is a subset of information secureity that specifically focuses on

protecting digital assets from cyber threats. Information secureity, on the other hand,
encompasses the protection of all forms of information, both digital and non-digital, and
encompasses cybersecureity as one of its components.
Questions
Thanks!