Ask a New Question
Menu

Choose a topic you reviewed in this module and post three key takeaways. How you might apply these on the job and in what situations? Hacking refers to a variety of computer crimes that involve gaining unauthorized access to a computer system or its data, usually with the intent to steal private information from, or causing harm or embarrassment to, the rightful owner.

Note
The word hacker also has a benign meaning, referring to a computer expert who is thoroughly familiar with, and enthusiastic about, the inner workings of a computer system. This meaning is older, but the newer meaning, which associates the term hacker with criminal activities, is now more prevalent.

Some examples of hacking are as follows:

Stealing passwords or personal information

Gaining remote access to a server or an operating system

Logging in locally and stealing data

Changing a website's content

Gaining access to the contents of a database (perhaps one that contains passwords or credit card information)

Surreptitiously analyzing network traffic

Installing software designed to cause harm or steal data

Creating a condition in which a computer or network no longer works well

Modifying existing software so that it no longer performs as it should or so that it secretly does harmful things in addition to its usual activity

Much of this chapter is devoted to helping you understand how hackers target computer systems to gain access or cause damage. If hackers can gain access to certain system files, for example, they may be able to retrieve the administrator password for the system. To prevent this type of attack, you might use BIOS-level security to prevent a PC from booting from a disk other than its hard drive.

Wireless networks are great for users, but they also can open up huge security holes in our networks. Hackers may try to connect to your wireless network looking for computers or data that isn't protected. To prevent this type of attack, you can employ wireless networking security techniques, which I introduced in Chapter 8, “Networking Concepts and Technologies,” such as WPA2.

Or perhaps a hacker might take advantage of open network ports to access a computer remotely. Firewalls can help guard against this type of attack. Finally, hackers might install software on your computer that causes damage or causes additional security breaches. The trick is to get you to install it for them without knowing! Anti-malware software can help out in some of these cases, and safe web browsing and emailing practices can thwart others.

What is the goal of the hacker, though? Most criminal hackers generally want to make money from their exploits or cause damage to businesses or individuals. The bigger impact they can have, the better. Hackers know that data or information is often the most valuable asset that a company owns. After all, data is the new oil, right? And with nearly everything being digitized today, there are plenty of targets for hackers to pursue. Here are three specific areas that hackers might find appetizing:

Data as a Driver of Business Decisions It's impossible to overemphasize how much companies use data to make decisions. Chapter 7, “Database Fundamentals,” talked about how many companies have massive data repositories or try to leverage Big Data to create insights and information in order to sell more of their products and services. This requires the company to capture and collect data from customers, websites, or anywhere else it can get it. The task then is to find correlations within the data to generate breakthrough insights. This data is, or at least could be, worth huge amounts of dollars to that company or its competitors.

In addition, some companies use data for reporting their business performance. These reports could be used by management to make multimillion-dollar strategic decisions. Imagine what would happen if the data is missing or incorrect. It could cause the company to fail. Finally, some companies, such as healthcare providers, are required to report on the meaningful use of data to be compliant with government regulations. Again, having the data stolen, destroyed, or compromised could cause serious problems.

Intellectual Property Companies that invent a new idea or product want to ensure that they have exclusive rights to sell it for a fair period of time. The same holds true for company logos and other equity assets, which are integral to creating revenue. For example, a small startup company would be wise not to use an outline of an apple with a bite taken out of it as its logo, lest they desire a certified letter in the mail from a certain California-based company.

Three ways to protect intellectual property are trademarks, copyrights, and patents. A trademark is a word, words, or a symbol legally registered as representing a company or a product. I already mentioned Apple's iconic apple, but millions of examples exist, such as a swoosh, the words, “Just Do It,” and the brand name Nike. Trademarks may use the ™, ®, or sm symbols. A copyright, represented by the © symbol, protects original works of authorship, such as this book, but also songs, plays, movies, computer applications, and architecture. Finally, a patent signifies ownership of an invention for a limited time. It can be a machine, process, formula, or product.

Digital Products Social media companies exist solely as digital products; they don't make their money from physical assets. Examples are easy to find. Uber existed as a digital product only until it ventured into self-driving vehicles. YouTube is another great example, as are the thousands of software titles available on Amazon, which in itself relies heavily upon a digital platform.

Because of the great value of these resources, it's paramount that companies invest in the security to protect them. The challenge is daunting, as it seems that hackers are always one step ahead of everyone else. Know that you're not alone in this fight. There are companies and tools out there to help you protect what's rightfully yours. Being aware of potential threats is a great first step in mitigating them.

1 answer

Here are three key takeaways from the module on hacking, along with suggestions on how to apply this knowledge in a professional setting:

Key Takeaways

  1. Understanding Hacking Techniques: Hackers employ various methods to gain unauthorized access to computer systems, such as stealing passwords, exploiting open ports, or installing harmful software. Recognizing these techniques is crucial for devising effective countermeasures.

    Application: In the workplace, an IT professional can apply this understanding by conducting regular security audits to identify potential vulnerabilities. For instance, implementing stronger password policies and ensuring systems are updated with the latest security patches can mitigate risks associated with password theft and software exploits.

  2. The Value of Data: Companies heavily rely on data for strategic decision-making, and this data is often a prime target for hackers. Compromised data can lead to financial loss, reputational damage, and legal repercussions.

    Application: In roles such as data analysis or business strategy, awareness of data security can influence decisions around data collection and storage practices. For example, advocating for encryption of sensitive data and regular backups can help protect against data breaches that can disrupt business operations.

  3. Intellectual Property Protection: Intellectual property (IP) is a critical asset for businesses, and hackers may try to steal or compromise it for financial gain. Understanding the importance of IP and the legal protections available (trademarks, copyrights, patents) is essential for safeguarding company interests.

    Application: As a project manager or team leader, emphasizing the importance of IP protection within your team can foster a culture of compliance and vigilance. This may involve ensuring that all team members are educated about IP rights and the consequences of infringement, as well as implementing strict guidelines around the use of proprietary information in project work.

Situational Applications

  • Security Awareness Training: Organize or attend training sessions that improve the team's knowledge about phishing attacks and secure browsing practices, thereby reducing the likelihood of successful hacking attempts.
  • Incident Response Plan: Contribute to the development of an incident response plan that outlines steps to take in the event of a data breach or hacking incident. This preparation can save time and resources when real threats arise.
  • Collaboration with Legal Teams: Work closely with legal or compliance departments to ensure that data handling and intellectual property practices comply with industry regulations and standards, minimizing the risk of legal issues following a security breach.

By understanding hacking methods, the value of data, and the significance of intellectual property protection, professionals can take proactive measures to safeguard their organizations against increasingly sophisticated cyber threats.

Similar Questions
    1. answers icon 1 answer
    1. answers icon 1 answer
    1. answers icon 1 answer
    1. answers icon 1 answer
more similar questions