Hacking is just like a cancer that has very dangerous effects on the society.

Today in this modern world, where measures have been taken to improve the
security level in the distributed systems hackers have found a way to crack into
systems and take away information. In this paper, I will explain you few aspects
of hacking that has caused of its existence and few techniques through which we
can minimise this.

What are the different issues and motivations that arise in a person that he opts
for hacking? Is money, thrill or something to break the rules inspires the hacker
to indulge into such acts are discussed in this paper. This paper also gives you
an insight to consider how important the network security plays to avoid hackers
to steal away information that is very confidential. Measures are to be taken in
order to remove these possibilities.

In recent years we have seen a drastic change in the field of IT, where
electronic commerce, email, online shopping, online banking, information bank
of numerous data, software development has improved leaps and bounds. As
the technology has increased to new heights the hackers have found a way to
get easy money. They find ways to get into government confidential files,
personal banking details, steal away their money from the banks, implant a
Trojan or virus into different computers to make them vulnerable to work. In
this paper I have thrown some light on hackers skills, their perspective, their
targets.

Hacking according to oxford dictionary means to “gain unauthorized access

(to data in a computer)”. Banks defines hacking as “something that boring
mainframe computer operators did to improve performance and battle
boredom.” [1]. Here a bank focuses on boredom as the reason of hacking.
Darlington believes hacking is not limited to accessing data or information
but also includes an attack on the privacy of all people [5]. Almost all
different opinions agree on the illegality of hacking.

On the other hand the word hacker is the agent of hack or hacking and it
was defined as a person who enjoys accessing files whether for fun,
imposing power or the interest related to the accessed files or data
according to Taylor [8]. While Marotta has a negative view of the hacker as
a data lord, a barbarian who takes what he wants [9]. Himanen defines
hacker as any person who performs illegal actions whether they were related
to computer or not which means the usage of a device apart from its
functionality. Seems hacking according to Himanen is related to any illegal
or unauthorized action [7].
The motives and goals of hackers in cyberattacks vary widely. Some want to
steal data, some are seeking ransoms and some want to deny service or
steal infrastructure.

Identifying What Hackers Want

We tend to treat hackers more or less as a single group. Yet in reality, there
are many different types of hackers. Their strategies and methodologies
vary. So do their motivations, which fall into the following main categories:

Exploiting Data
Some cyberattacks are designed to gain unauthorized access to data so that
the data can be exploited in some way.

For example, exploiting consumer data was probably the goal of the hackers
behind the Equifax attack in 2017.

In attacks like this, stolen data can be used to steal more information or
assets from the parties who are affected.

Holding Data Ransom

In other cases, hackers might steal (or otherwise gain control over) data
with the goal not of holding onto it permanently, but of charging a ransom to
give it back.

This was the motive behind the recent Wannacry ransomware attack.

You could categorize these attacks as a form of data exploitation.

However, they differ in that the goal of the attacks is not to exploit the
information within the data itself, but rather to make money by holding data
for ransom.

Stealing Infrastructure
If you’re a hacker, you want access to computing resources and you don’t
want to pay for them. In these instances, you might launch an attack
designed to steal infrastructure.

Such an attack allows you to take control of the storage, compute or

network resources owned by other people. Hack ’em and you can then use
these resources for yourself.

In some cases, hackers execute an attack against infrastructure in order

to host websites or ads.
In other cases, their goal is instead to create a botnet of other people’s
servers and computers. The botnet can then be used to execute other
attacks.

Denying Service
Among the most common types of attacks that are executed with a botnet
(although this is not the only way to launch these attacks) is a denial-of-
service (DoS) attack.

Can you go to jail by hacking?

The broad category of computer crime encompasses an array of allegations
and potential criminal charges. However, one type of computer crime —
hacking — seems to garner the most attention and headlines.
Generally, hacking refers to accessing someone else’s computer system
without proper authority or permission. Access can be gained in a number of
ways, including launching a virus or other malicious code, gaining entry to
computer databases, sending “spear phishing” emails with malicious
attachments, or logging into a computer in person.
The goals of hacking are as varied as the methods. Data theft — including
emails, personal information, and credit card numbers — and financial
fraud rank among the top reasons hackers access computer systems.

Legally, what is computer hacking? A number of state and federal laws apply.
At the federal level, most individuals accused of hacking are charged under
the Computer Fraud and Abuse Act. The law covers a range of computer-
related offenses, and the government uses it frequently.
The CFAA protects certain information related to interstate commerce and
the U.S. government, such as that required for national defense or foreign
relations, and it restricts access to data. The law forbids unauthorized
access, use or distribution of any information:
 Related to national security.
 Within financial records belonging to financial institutions, including credit
card issuers.
 With an intent to defraud.
 Belonging to any U.S. government department or agency.
 Related to foreign or interstate communications and commerce.
Developing or possessing potentially harmful computer codes are not crimes.
However, the CFAA prohibits disseminating codes, commands, programs or
information that intentionally cause damage to protected computers. Anyone
conspiring to engage in any of the prohibited activities also may be charged
under the act.
In addition, the Electronic Communications Privacy Act served to amend the
Federal Wiretap Act, covering data stored on and transferred from computer
systems. The law prohibits illegal interceptions of wire communications,
including data sent over the internet. In addition, the act protects stored
messages, such as email in server archives. Under the ECPA, accessing
computer messages — either in storage or in transit — without authorization
constitutes a federal crime.
Other federal laws also apply to computer hacking. For instance, prosecutors
can use the CAN-SPAM Act to go after individuals who gain unauthorized
access to computers to distribute significant amounts of commercial
information by email.
If you are charged under the Computer Fraud and Abuse Act, you may be
subject to either misdemeanor or felony counts. In most cases, unauthorized
access of a computer that causes damage of more than $5,000, and using
the information for profit, results in felony charges.
Under the CFAA, distributing computer code — or placing it into the flow of
interstate commerce — is illegal if the perpetrator intends to cause either
physical or economic damage. The CFAA provides for fines up to $250,000
and imprisonment for as long as 20 years for individuals convicted under the
act.
Penalties for violating the CFAA can vary based on the specific allegations
and the degree of harm alleged by the government. The act also authorizes
penalties for intentionally or recklessly installing viruses on computers that
are part of interstate commerce.
Violations of the CAN-SPAM Act can result in a range of criminal and civil
penalties depending on the method of delivery and volume of the spam,
along with the harm caused.

Related Types of Computer Crime and attack:

Different kind of hacking attacks are considered as computer crimes. The

following is the list of crimes which are committed frequently:

Password Hacking.

Hackers find a way to illegally hack into the passwords of users of federal
bureau, banks in order to gain benefits from them.

Network intrusions.

Malicious Trojan, worms and viruses to gain access into the information
systems.

Cheat.
Illegal use of people identities such as credit card details.

Software piracy.

Illegal copying and use of software

Viruses.

Viruses, Trojan horses and worm cause the computers to become more
vulnerable and susceptible to hardware damage.

IP address spoofing.

Disguising the IP address and using that to gain illegal access into countries
most confidential files.

Money Laundering

Illegally acquiring funds through the manipulation and falsification of

financial statements and illegal transactions.

Data-modification.

The modifying all the data.

Smuggling of files.

Gain illegal access of confidential files including bodies like

military/government networks, communication systems, power grids, and
the financial community

Pipkin lists a number of hacking attacks that are most commonly used in
breaking system and causing disruption and damage for services. These
attacks can be summarized as following [10]:

Software piracy is a criminal offense. Many hackers have indulged in making

copies of software and selling them to gain profits on their own. The
companies who develop these software will have to bare all the losses only
because of someone who is illegally misusing software. Stealing confidential
files through illegal access of the companies most confidential files. Hackers
have many such motives, few of them like denial of services to the user and
to make hardware conflict, making unwanted popup, causing trouble,
terrorism.

Taylor listed the main characteristics of hacking attacks in three points [8]:
  Simplicity: means that the attack should be simple in appearance but the
effects are impressive and the results will be as pleasing to the hacker as
what he planned for. It means that do your job in a smart and easy way.
 Mastery: the methods used in hacking contain sophisticated knowledge which
is difficult for anyone to understand. The reason behind mastery is to make
sure that the hacker is the only one who can solve the problem being caused.
 Illicitness: means that the act is against all rules and laws.

There are several types of computer crimes, but some of the most high-profile examples
involve hacking. With data breaches increasingly becoming daily occurrences, hackers have
affected everything from the economical (including numerous retail businesses) to the political by
invading every aspect of our lives. (FindLaw's team of legal writers and editors.)

For instance, if an individual acts without consent or any lawful authorization (i.e. from law
enforcement agency and/or a court order) and penetrates a business' firewall to access private
servers and cloud storage systems or uses phishing to install malware to desktop and laptop
computers with the intent to monitor communications and activities, they can be charged with a
crime.

Federal Hacking Laws

There are several federal laws that address hacking, including:

 The Computer Fraud and Abuse Act (CFAA);

 The Stored Communications Act (SCA);
 The Electronic Communications Privacy Act (ECPA); and
 The Defend Trade Secrets Act (DTSA).

Computer Fraud and Abuse Act

The Computer Fraud and Abuse Act (CFAA) is the leading federal anti-hacking legislation that
prohibits unauthorized access to another's computer system. Although the law was originally
meant to protect the computer systems of U.S. government entities and financial institutions, the
scope of the Act expanded with amendments to include practically any computer in the country
(including devices such as servers, desktops, laptops, cellphones, and tablets).

Criminal Penalties Under the CFAA

The chart below provides select examples of violations of the CFAA and the penalties.

Civil Violations Under the CFAA

Although the CFAA's penalties are mostly for criminal violations, the 1994 amendment
expanded the Act to include causes of action for civil suits, in addition to criminal prosecution.
Civil violations include the following:

 Obtaining information from a computer through unauthorized access;

 Trafficking in a computer password that can be used to access a computer;
 Transmitting spam; and
 Damaging computer data.

Federal anti-hacking legislation provides civil remedies for hacking victims, including the
following:

 Injunctive relief;
 Seizure of property; and
 Impounding of the stolen information and the electronic devices used to carry out the invasion.

Other Federal Hacking Laws

The Stored Communications Act mirrors the prohibitions of the CFAA and protects
stored electronic communications and data or data at rest (including email, texts, instant
messages, social media accounts, cloud computing and storage, and blogs/microblogs). There is
a lot of overlap with the CFAA and often hackers will be in violation of both statutes.

The EPCA, a counterpart law to the SCA forbids intentional interception of electronic
communications in transit or "data in motion," rather than "data at rest."

Hacking Laws: State Laws

Although much of the focus is on federal laws, states have enacted hacking laws as well.
While every state has computer crime laws, some states address hacking more specifically with
laws that prohibit unauthorized access, computer trespass, and the use of viruses and malware.

For example, approximately half of the states in the country have laws that target the use of
denial of service (DoS) attacks. In this form of hacking, an intruder floods the system or servers
with traffic, denying access to legitimate users. Florida penalizes this more severely, categorizing
this crime as a felony in the first degree.

Ransomware occurs when malware is installed on someone's computer, denying access to the
computer unless a ransom is paid. Several states, including California, have laws that specifically
criminalize ransomware.