APNIC Logo

Printer friendly version

Hacking

What is hacking?

Hacking is an attempt to gain access your system. Hackers may be looking for personal information, such as passwords or credit cards numbers; they may be trying to make use of your Internet connection to transmit their own material; or they may just be searching at random to see what they can find.

Can I stop hackers getting into my system?

There are many technologies out there, such as firewalls, monitoring software, and security analysis tools that you can use to prevent and detect network intrusions. Your ISP may be able to give you advice on what would suit your needs.

What can I do if I am being hacked?

The first step is to report the activity to the hacker's ISP. Most ISPs realize it is bad for their reputation to have this activity on their networks and should be able to take action against the hacker. If the ISP does not respond to your complaint, then you may need to contact law enforcement agencies either in your jurisdiction or the jurisdiction where the problem originates.

How do I find the hacker's ISP?

If you are using monitoring software, it should provide you with the IP address of the hacker.

The software may even search a whois database to find the organization the hacker's IP address is allocated to. Unfortunately, many of these tools give incomplete search results. If your software refers you to APNIC, you will need to search for the problem IP address in the APNIC Whois Database (equally, a reference to AfriNIC, LACNIC, or RIPE NCC must be followed up in these respective whois databases).

You can manually search the whois databases of the five Regional Internet Registries (RIRs). For information on how to use the database, refer to: Using the APNIC Whois Database to find the spammer/hacker's network.

How do I complain to the hacker's ISP?

Use the APNIC Whois Database to obtain email addresses for the administrative (admin-c) and technical contacts (tech-c) as the ISP. Email your complaint to these contacts for them to investigate.

Remember that the people you are writing to at this stage are unlikely to be involved in the attacks on your system, so be firm but polite.

In your complaint, include as much relevant information as possible to make it easier for the ISP to locate and deal with the abuser. If your firewall software has generated a log file of the attack, you should include that. If not, try to at least include the:

  • IP address that attempted the network instrusion
  • Date
  • Time
  • Time zone

Should I try and retaliate by trying to hack the hacker?

APNIC strongly discourages launching a counter attack. In many cases, hackers may work by disguising their location or hijacking the systems of others. By retaliating you may simply do more damage to another innocent party. Depending on the applicable laws, you may also be committing a criminal offence or exposing yourself to litigation.

Preventing hackers

For more detailed advice on how best to deal with the attacks to your network, you could visit CERT. You may find the following two articles on the Internet security helpful:

Back to top of page