Myths and Misconceptions About Security and Hacking

Myths and Misconceptions About Security and Hacking

Today we are living in the digital era where we are dependent to the internet in one form or the other. And privacy and threat issues have been coming up tremendously in recent months. We have been hearing about how X company was hacked and Y amount of data was made public. And yes, that is happening. But there seems to be a lot of confusion regarding security. And most importantly there seem to be myths and misconceptions about security and hacking in general non technical people.

In this article I am all about clarifying why hacking isn’t as easy and not as what you might have imagined. And what actually happens with hacking. There is not silver bullet to performing a hack. Hackers are not behind the computer screen with mouse ready to click that hack button. And yes that is not really HACKING.

All I mean is that we might not know the world of exploiting this that can lead to a hack. Let us find out what myths you might be believing ?

Contents

What is HACKING ?
What makes hacker a hacker ?
Myths and misconceptions about hacking
    – Myth #1: You are not safe in a public network
    – Myth #2: Hackers will not target me because I am not important
    – Myth #3: You do not need antivirus software
    – Myth #4: Antivirus will prevent all viruses
    – Myth #5: My smartphone is secure
    – Myth #6: Ethical hackers are superiors to unethical ones
    – Myth #7: There is X tool to hack X account
    – Myth #8: SSL makes you automatically secure
Conclusion

What is HACKING ?

Hacking in literal sense means to gain unauthorized access to the data in an organized system or computer. Yes hacking means you accessing someone’s data without their consent or authorization. The reason hacking is taboo(ish) is because the victim might have super confidential things.

It’s exactly like someone coming to your house and exploring your personal things. You would not allow that would you ?

Now what you must bear in mind is that hacking doesn’t have to be done by a computer “wizard”. Even you can hack the system or computer. Remember the definition ? According to how a “hack” is described. You accessing your friend’s computer or mobile without him knowing is hacking. Trivial as it may sound, you will face severe consequences depending on where you are from if you do so.

But let us ask the real question here: Does that make you a hacker ? Well, sort of, but not really, NO. You are not a hacker even though you accessed your friend’s electronic device(s).

But the behavior you just presented is exactly what the hacker does. Now that we have understood hacking in general sense. Let us see what makes hacker a hacker.

Also Read : What is Denial of Service (DoS) and how does it work ?

TECHENUM

What makes hacker a hacker ?

It was audacious of me to label you as someone who is not a hacker. And with all due respect according to the context we established. You are NOT a hacker. But then what makes hacker a hacker, what can you do to be one ? I might be able to answer only the prior question here.

Now let us come to the main subject “what makes hacker a hacker ?”. Well, If I have to say it in a single word I will say “computer expertise”. Any hacker you hear in news is incredible with computers. They care about the finest details about a computer eco-system. And the details they master them through years of practice.

By now you might have clearly understood that hacking isn’t a thing it’s a process. And you cannot really complete a process by just sitting behind a computer screen and clicking buttons. That is one requirement but there’s more to it.

Now, that we have learned about hacking and hackers. Let us dive right into the myths and misconceptions about hacking.

Also Read : Password 101: You are overlooking your own security

TECHENUM

Myths and misconceptions about security and hacking

Here I have curated a list of hacking related false beliefs. And I have tried to debunk them and explain the what actually happens behind the scenes.

This is your chance to clarify myths and misconceptions about security and hacking. You’re not bored are you ?

Myth #1: You are not safe in a public network

Short answer : it depends on what you are doing.

Long answer :

If you are mindlessly clicking and downloading everything that popup on your browser. You are not safe even in your own home network. So you must make sure what you are downloading and from where.

Yes it’s true that people on public network are more at risks because not everyone uses the latest updated product. We might have delayed the security updates, especially those who are on Windows OS.

But if you want to take your chances with security always use updated software. They are life saving as much as annoying.

Having that said being open in the public network is sometimes a bad thing to do. If you are connecting to an unsecured website it is really dangerous. Because technically people connected to same network can see all the data back and forth.

Having a VPN will work in most of the cases. But my advise would be do not perform any important browsing in the wild. SSL can protect you up to a great extent. But having SSL doesn’t mean full on security.

Myth #2: Hackers will not target me because I am not important

We have this mindset and the idea that hackers in general go after multi million dollar companies. And they will not come after me, what is so important for hacker to hack me ?

For most part this is true hackers with immense skills target large companies where they see profit. But do not forget that the hackers are “experts” who know their ways with computer.

Even if you have no important document in your device there is something else that interests the hacker. It is your device itself.

Because unless you are some celebrity they will really not care about your personal files. Except for the monetary part maybe ?

Yes, your device is a really good for extending their botnet. Hackers will leverage every device that is connected to the computer that they can.

Also, they might redirect all the activities to your computer. So that if something serious happens and they trace the source all the authorities will find is a regular guy using a PC to do regular tasks.

Why ? Because they can and they will. All the DDoS you hear in the news use the zombie computers in the botnet. You will not even realize that you are a part of the network.

Myth #3: You do not need antivirus software

This is one of many other myths that you do not require any antivirus software. Which is not true, you need to have one.

Even though Windows Defender does a really good job. It has really low detection rates among the others. It will block basic threats but it will fail.

I have seen people with only Windows Defender catch ransomware and other viruses. I am not criticizing the defender but you need to have better solutions. Even the free antivirus software will do. And you do not need to pay for the antivirus they perform equally good paid or unpaid.

So if you have only Windows Defender on your system. Consider getting other antivirus solutions. Even if you have knowledge regarding how everything works do not let your guard down.

Cheers to all the Linux users.

Also Read : Tycoon : A New Java ransomware targets Linux and Windows

TECHENUM

Myth #4: Antivirus will prevent all viruses

This is not true even if you have an antivirus software you will get viruses. And the antivirus may or may not detect the threat. Even if it detects the virus might have already completed it’s task on the system.

But this contradicts with #3 right ? Well, NO.

What I have mentioned earlier is that you feel you do not need antivirus which is not true. And what I am telling here is antivirus might not detect all the threats.

But what is my point ? Just as I have stated earlier you have to be careful what you download from the internet. Do not download without properly finding the legitimacy of the file.

Because new threats are smart and will not be detected by antivirus software until too late. We have seen multiple such instances of happenings.

Myth #5: My smartphone is secure

I hate to say this but your smartphone is not secure and can be exploited. How ? This will depend on what device you are using and which version you are on.

Do not fall into the trap of smartphones cannot be hacked because well they are Linux based. Technically it’s true they are Linux based but even if it is a Linux system it can still get compromised.

There are multiple vulnerabilities reported to multiple smartphone OS. So please do not make any mistake that your smartphone is safe from the prying eyes.

There are even ransomware for smartphones. And there are antivirus too.

Myth #6: Ethical hackers are superiors to unethical ones

This a rather funny misconception because the superiority regarding a skill is subjective. And it is independent to the type of “hacker”. An ethical hacker might or might not be superior to an unethical one.

It all depends on what kind of skill you possess. This is not among the common myths and misconceptions about security and hacking.

Also Read : Strandhogg 2.0: Android bug that can trick user and steal data

TECHENUM

Myth #6: There is X tool to hack X account

Well many of you might believe that there is some silver bullet tool to hack let us say Facebook, Whats App or Twitter account.

It might be tempting to lose your sense to the false claims. But please do not do that. There is no way to hack someone’s password unless you’re working in the company itself.

There might be other things such as session hijacking and such but this will only let you access their account and there are no such effective ways to do that either.

So the more you search for X hacking tools you are compromising you own security.

Myth #8: SSL makes you automatically secure

This is yet another misconception regarding SSL on a website. Yes they are there to make your browsing more secure but they are not the actual measure of security.

What does SSL really do ? SSL certificate makes sure that the connection between you and the server is secure so that nobody else can see what is being transmitted. And this is pretty much it.

Now from that we can see that the SSL certificate does not say anything much about the server. You could be connecting to a compromised server and still see everything is OK.

Now that we know what SSL does we can see that there is not really a problem with untrusted certificate as long as you can identify it is from where it says it is.

“Your connection might be insecure” is just giving a heads up that your the connection might have been compromised. Sometimes you have to take the warning seriously as you can never be too careful.

Conclusion

Here I have tried my best to clear out the common myths and misconceptions about security and hacking. With the knowledge I have collected over the years and with a bit of research.

I might be wrong about some things. If you find anything is wrong with my point feel free to comment and correct me. As passing incorrect information is very dangerous.

Also Read : Bluetooth Bug: Leaves Multiple Vendors Vulnerable

TECHENUM

Naveen Niraula

An Android developer with passion for latest technologies. Likes to learn and share the findings and techniques. Also shows keen interest in networking.

Leave a Reply