The Misconception of Hacking

People will call almost anything a hack when they don't have a more practical explanation. Kernel panic (BLUE SCREEN OF DEATH) when you had 100+ tabs open? Definitely a hack. Definitely not a memory error. Wow. Many attacks. I don't blame people. Most of the population has no reason to even think about this. For any InfoSec people reading this, I'll try to give a fairly equivalent network-related example (everyone else can tune out): How many of you have actually read the entirety of DHCP's RFC related documentation or even Palo Alto's 200 page header options description and controller information? I'm going to say not a great amount. Maybe I'm wrong, but generally people only bother with what they have to know, and as much as white hats and blue teamers may care about vulnerabilities, people don't really give a ####. 

For the purpose of this post, I'm going to define hacking as purposeful intrusion/manipulation. This means that 'killer' USBs and similar malware scripts don't count. That's just being an annoying script kiddie (FIGHT ME). I guess the exception would be if it's all part of a bigger plot, but that doesn't tend to be the case. 

I have divided this post into sections of the most common attack vectors and described the general idea of what
goes on. I can't really go into detail for each section, since the post would go on forever, but I will expand later, depending on interest.

Malware

This is what makes the news, especially botnets (like Mirai) or ransomware. It seems that most people in the general population equate malware with hacking, but this isn't necessarily the case. 

Simple malware is fairly easy to make (I mean... the simpler and less obfuscated you make it, the more likely it will get caught by AVs, but that's not the point of this post). Sometimes it is pointless. For example, you can disable someone's mouse pointer with less than five lines of code or make a simple botnet from a threaded python script with automated distribution (static pinging with standard packet size, nothing big). These are pretty pointless...

The majority of the malware I come across is adware or riskware (I'll make a separate post on these later, but basically they either flood you with ads or tell you that your device is infected and make you click on some shady stuff). These are simple money-making schemes of low orchestration. I'm not very interested in these, but I guess they technically qualify as hacking.

From what I've seen, most useful malware  is used as a tool of intrusion (like RATs) or espionage, and often the malware coders are not the hackers themselves. Malware is often sold as a service. Hacking != writing malware. Some stuff is pretty admirable, though.

Social Engineering

I admire social engineers. Mostly because I am far too socially inept to be able to successfully carry out an attack in person. In a sense, I guess this is the earliest form of hacking. 

A lot of attacks rely on social engineering. Breaking modern encryption is hellish...you can go through rainbow tables or whatever...but don't try to convince me breaking encryption is in any way efficient. If there is no other option, go ahead, but most of the time you are going to have to involve some level of research and human interaction.

The spectrum of these attacks ranges from phishing to occasional doxing and phone calls that play out fake scenarios.

Reverse Engineering

This is a gray area that I can only sometimes consider hacking. This is more common with firmware and device-specific attacks. Take, for example, Red-Balloon Security's "A Monitor Darkly," which is very device specific and hardware dependent (I suggest you read up on this directly from RBS for more details, it's really cool).
OEM abuses are also common, along with undisclosed manufacturer espionage that can only be detected after reverse engineering the source.
In a sense, reverse engineering is the basis of defense (when you don't consider networks), but it is also the basis of exploits.

Have you ever heard of a zero-day (if you haven't, read up on them right now, you won't regret it)? Many of them come from detailed reverse engineering, and there is a large market for these discoveries. A single exploit can go for upwards of $100,000. Many governments and criminal organizations are eager to buy. The best of malware developers take advantage of these as well because they can help create more unpredictable (and sometimes less detectable) malware attacks.

The next post will focus on network hacking and file-less attacks. I hope this cleared up a bit of what goes on behind the scenes.