HACKING (DATSE)

 

Hacking, a Hausance shi ne ‘datse’ ko ‘dandatsa’ ko ‘kutse’. A takaice, ‘datse’ shi ne ‘kwacewa’ ko yi ma wani ‘kutse’ a ‘shafin yanar gizo’. 

Kwana biyun nan, ‘kutse-kutse’ da ‘datse-datse’ sun yawaita. Hakan ya sa na ga bukatar sake bude ajinmu na #FasaharZamani domin kara sanin wasu abubuwa a takaice.  

Akwai hanyoyi mabambanta da ‘yan datse ke bi wajen kwace mana shafukanmu. Yawanci masu karbewa mutane shafukan 'social media' kamar  Whatsapp, Facebook, Instagram, Twitter da sauransu, ba ma wasu manyan ‘hackers’ ba ne. Suna amfani da wasu ‘yan dabaru ne kawai. 

Manyan ‘hackers’ kuwa, kwararru ne sosai, wadanda kafin su kwace ma shafinka; ba su bukatar samun wani abu daga bayananka. A takaice, MAYU ne, ba yadda ka iya da su. Misalansu su ne; Script Kiddies, Hacktivist, Cyberheist (SMBs), da Insiders. 

Wasu na amfani da ‘softwares’ irin su BurpSuite, Hoverwatch, Hashcat, Sboxr, TwitterHack da sauransu. Wasu kuma na amfani ‘cookies’ daga ‘browser(s)’ na wayoyinmu, wasu kuma ‘Keylogging’, wasu kuma na amfani da dababar nan ta ‘social engineering’.  

ME YA SA AKE KWACE MANA SHAFUKANMU?

Da yawan mutane suna da irin wannan tambayar; amma kamar yadda Dr. Chanel Suggs na Jami'ar Fasahar Zamani ta Duchess ya zayyana, masu datse na yin datse ne saboda neman kudi (misali, Hushpuppi), ko yada wata manufar siyasa, ko leken asiri, ko neman shuhura, ko kuma don nishadi. 

Akwai kuma yaran da suke koyon 'datse', da su kan sawa kansu gasa (competition) na kwace shafukan mutane. Wanda ya kwace mafi yawa shi ne ‘gwani.’ 

HANYOYIN DA AKE BI WAJEN KWACE MANA SHAFUKANMU

HANYA TA FARKO:  Dictionary Attacker 

Irin wannan ‘yan datsen, suna kokarin cankar ‘passoword’ mafi sauki da mutane ke amfani da shi a ‘social platforms’, ma’ana ‘easy-guess password.’

Kamar yadda NCSC, Splashdata da NordPass suka bincika, yawancin wadanda ake yiwa ‘kutse’ da ‘datse’ a shafukan yanar gizo, masu amfani da ‘easy-guess password’ ne. A bincikensu, sun samu kusan shafuka 275,699,516 ne ke amfani da ‘password’ mai saukin canka (easy-guess). 

Misalinsu, daga ciki akwai masu amfani da:

• Lambar waya (mis. 08012345678)

• Suna (mis. aliyu123)

• Suna gari (mis. ‘hadejia’)

• 123456

• 123456789

• qwerty

• password

• password123

• abc123

• xxxx… da sauransu

TSOKACI: 

1. Dole ka maida ‘passoword’ dinka na musamma, ka tsaurara shi, ta yadda ba bu wanda zai iya canka. 

2. Kar ka amintarwa da kowa ‘password’ dinka, password tamkar ‘al’aurarka’ ne. 

3. In ka tashi hada ‘passowrd’ ka yi amfani da kanana da manyan bakake (GHjkl), lambobi (0123456789), tare da alamomi (@#%”+$/*:=?). Misali: Upg@yh18-?.

HANYA TA BIYU:  Honeypots 

Ba kasa fai ake samun su a yankinmu ba, amma ban ce babu ba. Su ‘Honeypots’ suna amfani da ‘hotspot’ (free-WiFi)’. Da zarar ka ga Free Wi-Fi (babu password) ka yi hada (connecting) da wayarka, nan da nan za su kwashe duk wasu bayanan cikin computer ko wayarka; har da password da ka yi amfani da shi a ‘social platforms’, ko ‘bank apps.’ 

Masu amfani da ‘honeypots’ sukan dana tarkonsu a ma’aikatu kamar asibiti, banki, manyan makarantu, ko hotel, ko wasu wuraren cin abin ci… kai ka yi zaton kamar wuraren aikin ne suka bude ‘free Wi-Fi’. Amma tarko ne.

TSOKACI: 

A kiyaye amfani da Free Wi-Fi da ba a san tushensa ba, domin wasu ana yi mana tarko da su ne.

HANYA TA UKU:  Social Engineering

Wannan kusan ya yi yawa ma sosai a yau, ‘social engineering’ dabara ake yiwa mutum in ana son ya bada ‘password’ dinsa da kansa ‘phishing attack.’ 

Misali, ‘social engineer(s)’ za su kira ka a waya, su yi ma albishir da cewa, kana cikin wadanda suka yi nasarar samun wani ‘tallafi’, ko ‘kyautar recharge card’, ko a za saka ka cikin wani ‘online meeting’.  

Kana cikin murnar nan, za su ce ma, “akwai wani ‘code’ zai shigo wayarka yanzu, in ya shigo ka fada musu, saboda yanzu za a saka ka a cikin list.” Da zarar ka fada musu, za su canja ‘password’ da duk wani ‘login details/credentials’ na shafunka, su kuma kwamushe ma shafinka baki daya. 

TSOKACI:  

Da zarar wani ya kira da nufin ba ka wata ‘bonanza’, ‘tallafi’, ‘free recharge card’ ko ‘online meeting’ ya ce ka bashi wasu lambobi, kar ka bashi. Don da zarar ka ba shi zai kwamushe ma ‘shafinka.’

HANYA TA HUDU: Cookie Hijacking

Broswers irin su Google Chrome, Safari, Firefox, Opera suna da wani tsari na adana ‘login detail’ na duk wani ‘password’ da ka yi amfani da shi a kan wannan ‘broswers’ din wato ‘AUTOFILL.’ Suna amfani da ‘MAIL’ da ke kan wayarka a matsayin ‘PROFILE’ a kan ita ‘browser’ din. 

Saboda haka, idan ya kasance ka bawa wani ‘login details’na email dinka, ko kuma, ka bar ‘lambar wayarka’ a matsayin ‘passoword’ ko ‘easy-guess password’ na ‘email’ dinka; za su iya amfani da su, su ga duk wani ‘username’ da ‘password’ da aka yi ‘AUTOFILL’ a kan wadancan ‘browsers’ din. 

TSOKACI: 

1. Email dinka kusan shi ne kofar shiga duk wani ‘social platform’ naka, saboda haka, tsare shi, tamkar tsare saura ‘social handles’ naka ne. Ka sanya masa ‘tsauttsauran password.’ 

2. Kar ka amintarwa da kowa ‘email’ dinka, kowaye ne.  Email dinka, sirrinka ne. Ya kasance kai kadai ne ke iya shiga, tare da amfani da shi. 

HANYA TA BIYAR:  Keylogging

Keylogger ana amfani da ‘spyware’ (software na leken asiri) ne, yawanci suna samun bayananka ne ta hanyar nade su, misali a yayin da ka yi amfani da wani ‘keyboard’. Tunda da ‘keyboard’ za ka yi amfani wajen shigar da bayananka domin samun damar shiga shafukanka. 

Keylogger zai nade ‘username’ da ‘password’, tare da turawa ‘madatsin’ bayaninka. 

TSOKACI:

A kula da ire-iren softwares da ake daukowa a wajen Playstore. Akwai wadanda na leken asirinka ne (spyware). Ko, ta hanyar shiga wasu ‘website’.

TA YA ZAN KARE SHAFUKANA DAGA ‘YAN DANDATSA (HACKERS)?

1. Ka kirkiri karfaffar ‘password’, [misali: yi amfani da manya da kananan baki, lambobi da kuma alamomi].

2. Ka yi amfani da ‘two-factor authentication’ ta yadda ba mai ‘login’ ma shafi ba tare da tabbatarwarka ba.

3. Ka kiyaye shiga kowanne shafi da aka ma tallar cike tallafi, balle har ka iya ba su wasu bayananka.

4. Kiyaye ‘email’ dinka, tamkar kiyaye duk ‘shafukanka’ ne. Ba kowa ake amintarwa da ‘email’ ba.

5. Ka rika lura da adadin na'urorin da aka shigar da bayanan shafukanka. 

6. Kar rika shigar da bayanan shafukanka kan kowacce computer ko wayoyin wasu mutanen.

7. Ka gama da addu’a, don akwai wadanda ba su bukatar wani bayani daga gare ka, saboda sun gagara, za su iya kwamushe ma shafi a kowanne lokaci. 

Allah Ya kare mu, ya bamu ikon kiyayewa, amin. 

©️ Aliyu M. Ahmad

19th Ramadan, 1443H

20th April, 2022CE