Close Menu
  • Briefing
    • Cover Story
    • Latest News
    • Counties
  • Politics
    • Society
  • Special Reports
    • Companies
    • Enterprise
    • Money
    • Technology
  • Columns
  • Dispatches from China
  • Member Content
    • Shop
  • Contact Us
    • About us
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram LinkedIn
Nairobi Business Monthly
Subscribe
  • Briefing
    • Cover Story
    • Latest News
    • Counties
  • Politics
    • Society
  • Special Reports
    • Companies
    • Enterprise
    • Money
    • Technology
  • Columns
  • Dispatches from China
  • Member Content
    • Shop
  • Contact Us
    • About us
Nairobi Business Monthly
Home»Technology»To counter hackers, think like one
Technology

To counter hackers, think like one

EditorBy Editor7th January 2015Updated:23rd September 2019No Comments5 Mins Read
Facebook Twitter WhatsApp Telegram Email
Share
Facebook Twitter WhatsApp Telegram Email

 

 

 

The Nairobi Law Monthly September Edition

 

BY PETER WANYONYI

Digital crime is on the increase, as the ubiquity of digital devices and the ease of connectivity dumps ever more devices and gullible users on the internet. Everyone and everything is getting online – from fridges to cars to eyewear to wristwatches and heart monitors. The connection of all manner of devices to the internet and to each other creates new risks– from the risk of losing data to data pirates, to the risk of being shut down by malicious hackers. 

To understand how to face these challenges and mitigate them, IT professionals have to think like the data thieves and hackers. However, this is rather geeky, and sometimes one needs to take a non-IT person, put them in the shoes of an IT professional, make them think like a hacker, and from that perspective they can then begin to appreciate the approaches a hacker uses to get at vulnerable systems. 

To beat a hacker, you have to think like one. You should, indeed, become one, at least conceptually. In this case, we define a hacker as someone who gains unauthorised access to digital resources – whether for personal satisfaction or commercial gain.

First, a hacker needs motive. Motive requires attitude. Contrary to the many self-serving so-called hacking manifestos one finds online, there are hackers who are criminal and those that do it just for interest, or even to help protect digital resources. Matters not, they are all hackers.

A hacker must learn more than one programming language, and understand them thoroughly. However, not all languages are equal. C is the most powerful programming language out there, and you cannot become a hacker without a thorough grounding in the language. 

Get hold of the many free online tutorials of C, and begin delving into them. C is not an easy language to learn, and there are slightly friendlier “improvements” on the language, such as C++. Eventually, a hacker will need to write C code.

C is not the only language one needs to understand to be a successful hacker. Other languages will also come in handy –JAVA, for example, Python, and C# are also important. With so many mobile apps available today, and many of them written using languages such as HTML5 and Flash, a would-be hacker will need to understand the structure, abilities and weaknesses of those languages.

C is incomplete without UNIX, the operating system that is the underlying platform of most of the internet. Indeed, UNIX also forms the core of the operating systems used to power most mobile devices: Android and Apple iOS. Understanding UNIX is, therefore, indispensable for a budding hacker. Almost all web servers are hosted on one or other version of UNIX, so breaking into them – or securing them, as the case may be – requires an indepth understanding of the operating system itself.

UNIX aside, the most vulnerable operating systems today are the various Windows platforms. To be able to access Windows systems online, the hacker will need a good grounding in Windows operating system internals. This is not too difficult. Add to that a good understanding of how networks are strung together – TCP/IP and UDP are protocols commonly used to connect computers and other digital devices. 

 

Vulnerabilities must be sniffed out before they can be exploited. The hacker, therefore, needs powerful sniffing tools. These are network scanning tools that help pinpoint the most vulnerable network access points and hosts – they can also be used to scan WiFi and Bluetooth networks. Finding a vulnerable network host is about 40% of the hacking job already done. 

With the would-be hacker proficient in C, having an excellent understanding of UNIX and Windows, as well as networking concepts, the stage is then set to begin experimenting. Very soon, however, the hacker runs into a brick wall: cryptography. Encryption is used to secure communications transiting the internet, and it is pointless to sniff out a host, break into it, access data and then be unable to decipher than data. 

The hacker must learn the secrets of decryption, the picking apart of powerful algorithms to get at the data hidden beneath the layers of encryption. There are thousands of free courses in cryptography online, and that is a good place to begin once the hacker has a good enough background.

Finally, you can begin hacking. It helps to begin small – find online hacking challenges, or set up your own experiments at home or at work. There are many companies that actually pay hackers to find vulnerabilities in software: these can be a handy way to begin the journey into hacking. 

As with everything else, practice makes perfect. The budding hacker must practise, hone their skills on some real targets after leaving the comfort of the experimental lab, and then grow their knowledge by attempting bigger, tougher targets.

 

The IT security professional who wants to secure IT assets against intrusion must think like a hacker, indeed, be a hacker, to keep these dangers at bay. 

The Nairobi Law Monthly September Edition
Follow on Facebook Follow on X (Twitter) Follow on WhatsApp
Share. Facebook Twitter WhatsApp Telegram
Editor

Related Posts

CEOs bracing for threat to jobs from AI

1st January 2025

Taking advantage of AI to reduce gap in tech race

27th December 2024

Arrest of Telegram’s founder highlights lack of unified approach in tackling crime

24th September 2024

Judiciary leverages automation to improve service delivery

17th September 2024
Add A Comment

Leave A Reply Cancel Reply

The Nairobi Law Monthly September Edition
Latest Posts

EU launches health initiative for East and Southern Africa

24th October 2025

Sidian Bank appoints former CS James Macharia as chairman

24th October 2025

Equity Group aligns banking with ESG and social impact goals

24th October 2025

PZ Cussons targets Gen Z, Millennials with Sh150m push

24th October 2025

IFC, AfDB and partners collaborate to tackle Africa’s off-grid gap

23rd October 2025
The Nairobi Law Monthly September Edition
Nairobi Business Monthly
Facebook X (Twitter) Instagram LinkedIn
  • About Us
  • Member Content
  • Download Magazine
  • Contact Us
  • Privacy policy
© 2025 NairobiBusinessMonthly. Designed by Okii

Type above and press Enter to search. Press Esc to cancel.