Difference Between Ethical Hacking and Hacking [Updated]

What is Hacking

Computer Hacking refers to breaking into someone’s system for personal or commercial gains. Hackers also called Pirates, use various tools to cause damage to information and assets.

What is Ethical Hacking

Ethical Hacking refers to the methodology adopted to find loopholes in Information systems. The same tools are used by both hackers and Ethical Hackers. The only difference is that hackers use tools to steal or destroy information whereas Ethical Hackers use the same tools to safeguard systems from “hackers with malicious intent”.Ethical Hacking is legal and hacking is done with permission from the client.

Types of Hackers

Blackhat Hackers

People who break into systems with malicious intent are also called Pirates. They can be further classified into the following categories.

Phreakers. Pirates who do Piracy through Telephone Network.

Crackers. People who use software patches to remove the security of original software.

Carders. These Pirates attack electronic cards like ATMs or credit cards to obtain user information.

Script Kiddies. Young Pirates use a software program to sabotage computer systems just for fun.

White Hat Hackers

People who use hacking tools to prevent information systems and assets from bad-intent of hacking. They are also called Ethical hackers

Grey Hat Hackers

This category of hackers falls in between good and bad hackers. For example, certain white Hat hackers at some time back were Black Hat  Hackers and vice-versa

Categories of Hacking

1) Windows Hacking
2) Database Hacking
3) Web Hacking
4) Network Hacking

Windows Hacking

Hackers can attack windows in many ways. The most common of them are:

1) Corrupt the Windows Registry.
2) Hack the Administrator user account.
3) Change the appearance of the desktop.

So it is advisable to take a backup of your windows registry from time to time. Steps are:

Go to the Run tab Type Regedit press Enter and a new screen showing registry configuration will appear. Now go to File and select the export option to save the file where you want.

In case, the user account “Admin” is hacked, you can use the following software tools to recover your admin password.

1) ERD Commander
2) Dream Pack PL
3) Admin Hack

One can download this software for respective windows versions and make a bootable CD to recover the admin password.

To protect administrator passwords from being hacked, one should deploy strict security policies in operating systems. In windows operating systems, Go to Control Panel Look for administrative tools then Security Policy, and disallow any password changes.

Other methods of Hacking

•  Phishing. It is a technique used by hackers to hack the passwords of emails or e-commerce websites. People usually fall prey to phishing emails they get in their inboxes. The emails appear to be legitimate and trustworthy and fall prey to them. The hacker asks users to log in from their mail IDs and then redirected to his website where they collect user login information.
•  Botnets. Sometimes hackers do not carry out hacking manually rather they make use of robots. The robots do the hacker’s job automatically
•  Keyloggers. This is a new technique adopted by hackers to steal information. Also called hardware key logger, a device is installed on one of the ports of the motherboard. Whatever user types from the keyboard are recorded.

What to do if been hacked?

• Cut Off your Internet connection. If you suspect that you are being hacked, the first thing to do is to cut off the internet from your system in order to stop further intrusion.
• Turn On Firewall. Sometimes we turn off the windows firewall in order to install some software. From a security point of view, we should always turn on firewalls. A hardware firewall is another good option to install. It acts as an isolator between the external Networks and your internal systems.
• Contact your Internet Service Provider. It is a good practice to contact your ISP in the case of hacking because they have their own policy and guidelines for any malicious intrusion.