1.6 Malicious Hackers

The term malicious hacker refers to those who break into computers without authorization. They can include both outsiders and insiders. The hacker threat should be considered in terms of past and potential future damage. Although current losses caused by hacker attacks are significantly smaller than losses caused by insider theft and sabotage , the hacker problem is widespread and serious. One example of malicious hacker activity is that directed against the public telephone system (which is, by the way, quite common, and the targets are usually employee voice mailboxes or special " internal-only " numbers allowing free calls to company insiders). Another common method is for hackers to attempt to gather information about internal systems by using port scanners and sniffers, password attacks, denial-of-service attacks, and various other attempts to break publicly exposed systems such as File Transfer Protocol (FTP) and World Wide Web (WWW) servers. By implementing efficient firewalls and auditing/alerting mechanisms, external hackers can be thwarted. Internal hackers are extremely difficult to contend with because they have already been granted access; however, conducting internal audits on a frequent and recurring basis will help organizations detect these activities.