Effects of Computer Hacking Focused on Obtaining Data
Social engineering is the most common computer hacking method, hands-down. It sounds complicated, but all "social engineering" means is manipulating other people to gain information that gives you access to computers or networks. Think of a hacker calling up a bank, telling them they're with IT and need the administrative login password to the server to perform maintenance. It sounds silly on paper, but experienced social engineering hackers know how to persuade people to reveal information.
The most notorious social engineer ever is Kevin Mitnick. Once the most wanted hacker in the world, he spent five years in prison in the late 1990s after being convicted of computer fraud, phone fraud, and hacking networks to steal software. Mitnick claims he gained access to computers through social engineering alone. Mitnick's escapades weren't very malicious (in fact, they don't appear to have resulted in measurable damage at all, but I hesitate to go that far), and did not cost his victims large measureable amounts of money in lost productivity or repairs, but his preferred computer hacking method- social engineering, which often boils down to pretending to be somebody of importance and getting people to tell their passwords- has been adopted by malicious computer hackers worldwide to cause $billions in damage.
What are the effects of computer hacking that's focused on obtaining data?
- trade secrets may be compromised
- personal details of individuals or customers, such as address information, social security numbers, bank account data, and credit card numbers may be used for identity theft, a $50 billion problem
- keystroke loggers — software or sometimes hardware that records every key press on a computer's keyboard for the hacker to access — may reveal passwords and other important security information
Once a hacker has such access to a computer, the computer might be turned into a zombie. Sure, it sounds amusing, but the description is apt: a zombie computer is controlled by the hacker, either directly or through a program, to engage in computer hacking itself by sending spam or phishing emails.