Quick Steps to Trace a Hacker

By CIOReview | Tuesday, August 16, 2016

When ARPANet was changed from a military safety net to a non military personnel internet, little did anybody realized that it will evolve to be an integral part of life, changing the way people lead lives, communicate, look for job, and so on. What started in the mid 90s has revolutionized life, with infinite amount of data and information flowing every second. However, with the increases data flow, chances of hackers accessing system and breaking through defenses increases. For instance, a Russian cybercrime organization known for hacking into banks and retailers have broken many PC frameworks at programming honcho Oracle Corp. All the more alarmingly, the aggressors have traded off a client bolster entryway for organizations utilizing Oracle's MICROS purpose of-offer charge card installment frameworks.

A study revealed by the digital market research giant Juniper reveals that cybercrime epidemic will project to reach $2 trillion globally by 2019.  With such ransomeware the question comes is that how can trace a hacker, or get an attacker's machine number or IP address, is there a way to find this person or his company?

How to Trace a Hacker?

To trace hacker it is necessary to find the source and destination of the data that is being sent or received, as every data sent over the internet is in the form of packets which contains the information about its source and the target location. This could be a laborious work, because the process requires more time tracking all the address of packets in order to find the source of attacks. In an article from Scientific American, Sami Saydjari, Manager, Information Assurance, Defense Advance Projects Agency (DARPA) says, “The source field can be changed (Spoofed) by an attacker to make it seem like it’s coming from some place it’s not.”

The first step to identify a hacker is to trace the IP address of the intruder. An unidentified computer that is trying to make connection can be traced back with the help of Linux commands and tools, ultimately identifying the IP address. There are other methods of identifying a hacker like using netstat or other analytic tools. Once the administrator gets the IP address, they can use the traceart command to discover the hostname of the IP address that the programmer is utilizing to access the machine. One can likewise put the IP address on the follow course device on the Princeton site. Another option is to utilize the GEOIPTool to get a harsh thought where the programmer is found.

The other method of tracing a hacker is by using Domain Name Server (DNS). DNS are machines that are connected to internet that keeps track of IP addresses and Domain Names of other PCs. A simple DNS search takes hostname and coverts it into numeric IP address and then by using the reverse DNS query method helps in determining the exact geographical location from where the hacker is operating.

For CIOs it’s been a challenging task to mitigate cyber-attacks. And as cloud technology is trending the IT market, to protect the data in cloud David Nicol, Director, Information Trust Institute, University of Illinois uses a virtual private network that connects to a proxy server before connecting the server to the internet. This helps to encrypt information sent through the Internet and also protects IP address. There is no method or technology that guarantees 100 percent security from hackers but it is better to get an effective defense mechanism which has high percent of risk evasion.