News Trending

What Is a Backdoor, and What Does It Do?

ad+1

whats-backdoor

The technology world is full of strange names, and “backdoor” is one of them. However, the implications of a backdoor on your system are more serious than a silly name would suggest.

Let’s take a look at what a backdoor is, what they do, and how they can affect you.

What Is a Backdoor?

Imagine you’re trying to get into an exclusive party. The only way to get in is to be on “the list,” and you know that some of your favorite celebrities have their name on it; unfortunately, you don’t.

You want to get in, so you look around the mansion where the party is taking place. As you’d expect, the front door is off-limits. Heavy-looking bouncers and security cameras watch the front and ensure nobody gatecrashes the party.

Fortunately, you find a way around the back of the mansion. Here, it’s much quieter; the garden is empty, there are no bouncers, and it’s dark enough that the CCTV won’t spot you.

You sneak through the garden and into a backdoor of the mansion. Now you can attend the party without being hassled by security. While you’re here, you could snap a few candid shots of your fave celebrities, listen out for gossip that the public won’t hear, or even pocket a few pieces of expensive cutlery.

This is what a backdoor is in computer science terms. It’s a way for an intruder to gain access to a system without going through the route with security on it. Because backdoors are invisible to a computer’s security system, victims may not realize their computer has one installed on it.

How Hackers Use Backdoors

Of course, if you used the back door enough times in future parties, the party organizers would catch on that someone was sneaking in. It’d only be a matter of time before someone caught you coming through the back, doubly-so if your little trick spread among eager fans.

Digital backdoors, however, can be harder to spot. Yes, a hacker can use the backdoor to do damage, but they’re also useful for spying and copying files.

When they’re used for spying, a malicious agent uses the secret entrance to gain remote access to the system. From here, they may click around and look for sensitive information without leaving a trace. They may not even need to interact with the system; they can instead watch the user go about their business and extract information that way.

A backdoor is also useful for copying data. When done right, copying data doesn’t leave a trace, allowing an attacker to harvest information that can lead to identity theft. This means someone can have a backdoor on their system that’s slowly siphoning their data.

Finally, backdoors are useful if a hacker wants to do damage. They can use a backdoor to deliver malware payloads without alerting the security system. As such, the hacker sacrifices the covert advantage of a backdoor in exchange for an easier time deploying an attack on a system.

How Do Backdoors Appear?

There are three main ways for a backdoor to come into existence; they’re discovered, created by hackers, or implemented by developers.

1. When Someone Discovers a Backdoor

Sometimes a hacker doesn’t need to do any work to create a backdoor. When a developer doesn’t take care to protect their system’s ports, a hacker can locate it and turn it into a backdoor.

Backdoors appear in all kinds of internet-connected software, but remote access tools are especially vulnerable. That’s because they’re designed to allow users to connect and take control of a system. If a hacker can find a way into the remote access software without needing credentials, they can use the tool for espionage or vandalism.

2. When Hackers Create a Backdoor

If a hacker can’t find a backdoor on a system, they may opt to create one themselves. To do this, they set up a tunnel between their computer and the victim’s, then use it to steal or upload data.

To set up the tunnel, the hacker needs to trick the victim into setting it up for them. The most effective way for a hacker to do this is to make users think it’s beneficial for them to download it.

For instance, a hacker may distribute a fake app that claims to do something useful. This app may or may not do the job that it claims to do; however, the key here is that the hacker laces it with a malicious program. When the user installs it, the malicious code sets up a tunnel to the hacker’s computer, establishing a backdoor for them to use.

3. When a Developer Installs a Backdoor

The most sinister applications of backdoors are when the developers themselves implement them. For instance, the manufacturer of a product will place backdoors inside the system that they can use at any time.

Developers create these backdoors for one of many reasons. If the product will end up on the shelves of a rival company, a company may implement backdoors to spy on its citizens. Likewise, a developer may add a hidden backdoor so that law enforcement can access and monitor the system.

Examples of Backdoors in the Real World

A good example of a developer-added backdoor is the Borland Interbase case back in 2001. Unbeknown to users of Interbase, someone could access the software over the internet on any platform by using a “master account.”

All someone needed to do was enter the username “politically” and password “correct” to gain access to any database. The developers eventually removed this backdoor.

Sometimes, however, a hacker won’t exploit a backdoor that they find or create. Instead, they’ll sell the information on the black market to interested parties. For instance, a hacker earned $1.5 million over a period of two years by selling backdoor information, some of which led to the networks of Fortune 500 companies.

Protecting Yourself From Backdoors

While they may have a funny name, backdoors are not a laughing matter. Whether a hacker creates them, or a developer sneaks one in, they can cause a lot of damage.

If you want to keep yourself safe from backdoors, check out the best computer security and antivirus tools.

Read the full article: What Is a Backdoor, and What Does It Do?



from MakeUseOf https://ift.tt/322YmUz
via IFTTT

0 comments: