“Florida water treatment plant was involved in a second security incident before poisoning attempt.”
Is this a real headline or some fictional dystopian announcement? If you chose a real headline, you are unfortunately correct. What started out as a normal Friday morning at a Florida water plant back in February 2021 ended up being just a click away from catastrophe.
While at his workstation’s computer, one of the plant’s employees, who chose to remain nameless, was dumbfounded when he realized that his mouse cursor was gliding across the screen on its own, or so he thought. Hackers had actually commandeered the controls when they gained access through the primary software used by the company’s employees, called TeamViewer.
The phantom mouse operator then took it a step further when they increased the level of sodium hydroxide, more commonly known as lye, that would be distributed into the water supply. While lye is a common additive during the water treatment process because it controls acidity, the volume the hackers attempted to dump into the water would have been exceedingly dangerous, if not poisonous, upon consumption. To give you a better idea of just how hazardous large quantities of lye are, it can actually disintegrate bone and skin.
This situation could have quickly escalated into a tragedy. Now, consider if this scenario were to take place on a national scale, happening in every major city of every state. The capacity to command the world around them is what a hacker yearns for, but how they use their skillset defines what category of hacker they fall into. Here are the three main categories of hackers:
A white hat hacker is someone who uses their skills to fortify a system’s defense, which in turn helps prevent a hacking attack. This type of hacker is usually contracted out by organizations that pay them to set up counteractive security measures. Their obligation to protect has earned them the alias of “ethical hackers.”
Black hat hackers are the worst of the worst, making them the antithesis of what a white hat stands for. They’re criminals who use their skills to manipulate technology in order to carry out some measure of malicious intent. The motivation? Typically, it’s for monetary gain resulting from the sale of sensitive data. Can you guess this group’s alternative alias? That would be “unethical hackers.”
A gray hat hacker is exactly what it sounds like; the moral compass of these hackers falls between those of the white and black hats. These hackers are just as skilled as the white and black hats, yet there are no definitive lines of loyalty that they abide by. What is their motivating factor? Usually, these hackers take on jobs out of self-interest. More often than not, when you hear of a story about a whistleblower coming forth and airing out some company’s dirty laundry, they’re a gray hat. Being inherently fickle, this group couldn’t decide on a sweet nickname.
Now that we know about the different categories of hackers, let’s look at the types of hacks they often employ. There are five main types that both businesses and individuals are susceptible to:
Bait and Switch
You’re doing a little online Christmas shopping when an ad pops up for a digital camera that you think would be the perfect gift for your sibling. You click on the ad, but instead of being redirected to the source site of the sale, you’re brought to a harmful website. This is a classic example of a bait and switch hack. The best way to avoid this tactic is to identify the bait before falling for it. If the ad looks too good to be true, it most likely is. Try to validate the ad by checking it for any grammatical errors and looking at merchant credibility. You can also enable ad-blocking software or extensions.
Keylogging uses a more archaic software that records the keystrokes you make on your keyboard as well as the clicks of your mouse. This record allows hackers to decipher sensitive information like passwords and other account details. One way to combat this type of hack is to use an onscreen keyboard, which will either scramble or encrypt everything you type, making it impossible to record.
Malware: Viruses and Trojans
Malware often takes the shape of a file that contains a virus. This is particularly tricky because the virus will lie in wait until you open the file or download its contents. Maintaining up-to-date anti-malware software is the best defense against these types of hacks, or you can avoid opening files from unfamiliar sources.
Phishing is the most common form of hacking used by hackers. Typically, it’s presented as a message in text or email format. The sender is disguised as either someone from your contacts or from a company you frequently shop with. The subject of the message varies: It can be an alert stating there’s an issue with your account, a free offer or even just a prompt to enter in your account details.
If the message appears to have been sent from one of your personal contacts, the hack will be embedded within the text of the message, which will then direct you to a malicious site. To avoid this, always confirm the message’s sender and avoid clicking on any included links unless it’s one you expected to receive. Phishing emails can be reported to the Federal Trade Commission at firstname.lastname@example.org.
Hackers use specific software that allows them to build a pseudo WiFi access point (WAP). These seemingly innocent internet connections provide hackers an all-access pass to all your system’s sensitive data the moment you connect with them. To protect yourself from falling for this trap, simply enable a virtual private network (VPN), which will create a secure connection from the public network. Another option is to verify the legitimacy of the WiFi network with the person responsible for it.
Cybercrimes are becoming increasingly more prevalent, making it imperative that you equip yourself with the basics of what these harmful hacks encompass and what you can do to prevent them.