In an age of social media and cloud computing, the rise of the internet-connected home and the rapid proliferation of hacking tools are making it easier to infiltrate systems and disrupt their operation.
And hackers have come a long way from the days of dial-up modem internet connections, when a few dedicated computers were all you needed to access files, read emails or browse the web.
The rise of hackers in the US and around the world has given them a greater understanding of the workings of networks, and a greater capacity to bypass security measures.
But the rise in sophistication of the cybercriminal and the rise to power of cybercriminals have created a new breed: hackers who can infiltrate a target system without even leaving the home, with the help of a computer-savvy operator.
This is a challenge to the security of corporate networks, as well as to governments.
But it also raises questions about the role of the US government, which has long been the primary defender of networks against hackers.
In the wake of the Paris attacks in November 2015, US President Donald Trump called for a ban on new hacking tools, but he did not explicitly target a specific group.
“The president is a big fan of hacking and hacking means a lot,” said Kevin Walsh, a professor of computer science at the University of Pennsylvania who has written extensively on computer security and cybersecurity.
“You can’t just say, ‘Oh, I’ll ban this’.
You have to think about the consequences of what you do.”
US government officials have long used hacking as a tool to investigate and punish those who break the law.
But a number of recent cases highlight how far the US has fallen behind its international competitors in tackling cybercrime.
On January 23, a former contractor at the US military’s Joint Improvised Explosive Device Defeat Organization (JIEDDO) was convicted of attempting to use a military hacking tool to target government computers in Saudi Arabia.
On March 13, a computer hacker working for the UK’s National Crime Agency was convicted for hacking into an Iranian nuclear research facility in an effort to steal documents.
And in November, a US citizen, accused of breaking into US nuclear plants, was convicted in federal court in Washington.
In all, 19 people have been charged with cybercrimes, including a former JIEDDO contractor, since the programme was launched in 2013.
The government has also launched a programme to track cyberattacks against the US, but there is no firm data on how many have been successfully prevented.
Cybersecurity researcher Kevin Walsh is one of those who has been tracking the attacks.
His research has focused on exploiting the flaws in the open source software that underpin many of the hacking tools used by cybercrims.
A key problem is that hackers tend to build tools on the open web, so they have little or no knowledge of how to build a secure system.
This makes it easy for a malicious actor to hack into a target computer, he said.
“If you’re using a piece of software that’s open source and you can build your own tool, it’s possible for someone to take advantage of that.”
A hacker’s toolkit A hacker has two options to compromise a target: they can download the program, which is then uploaded to a central server, or they can steal a target’s credentials from the target.
In either case, the attacker has the power to run arbitrary code on the target computer.
There are two main types of attacks a hacker can take: remote code execution (RCE) and remote code disclosure (RCDC).
A RCE attack involves the attacker gaining root access to the target’s computer and infecting it with malware.
In a RCE operation, the hacker will gain root access through a process called a privilege escalation exploit.
This allows the attacker to gain full control of the target system, including administrative privileges and data.
Once in control of a target, the malicious code is installed on the victim computer.
Remote code disclosure involves the hacker sending commands to the victim’s computer through a protocol known as a HTTP POST request, which means the victim is tricked into accepting the command.
The malicious code can then be downloaded and executed by the attacker.
“Remote code disclosure is a very common technique that’s used to launch an attack,” Walsh said.
RCE exploits vulnerabilities in web browsers to download and execute malware.
A RCDC attack, on the other hand, involves the victim connecting to the computer via a remote connection.
The attacker can take control of an administrative command prompt (ACP) and execute arbitrary code that is sent to the system.
Both types of attack are very hard to detect and usually take only a few minutes to execute, Walsh said, making them easy targets for hackers.
The attacks against US government systems are a case in point.
In October, a security researcher known as “The Shadow” successfully launched an attack against the Office of Personnel Management, stealing passwords, credit card information and personal information for more than 1.5 million current and former government employees.
The attack was