Professor Explains How to Track a Computer Hacker

“A typical footprint is the IP address of the computer. If you hack into a computer, there will be a record that shows what device actually connected with this computer. But an amateur hacker is easily caught, especially if they don’t remove the footprint,” says Professor of Cybersecurity Wenliang “Kevin” Du of the College of Engineering and Computer Science.

Wenliang “Kevin” Du

Professor Du is available for media inquiries regarding the hacking of the Houston Astros’ database. Reports indicate that it wasn’t very difficult to link the St. Louis Cardinals due to the footprint left by the hacker.

“The FBI has all the resources to track an IP address and can require an Internet service provider to release information about the person on the other end. Tracing the IP address back to the original computer is quite easy, but the question is whether the hacker is using their computer or hacking into someone else’s computer and using that device for the actual crime. That needs to be brought to court and additional evidence will still need to convince the judge. Professional hackers often comprise a computer belonging to others or those in another country. They also use public Wi-Fi or dial-in from public phone booth. These make tracking back to the hacker much more difficult. For example, if a computer in another country is used, the FBI then needs to obtain access to the computers used in the hacking, and that often requires international cooperation with law agencies in those countries, which can sometimes be difficult to obtain. ”

Professor Du is a cybersecurity researcher educator and has taught a course on hacking at Syracuse University. He can be reached at wedu@syr.edu or 315-443-9180. 

Du has developed more than 30 open source labs for educators to teach cybersecurity topics. Some of these labs include teaching students how to hack in order to learn how to prevent attacks. More than 250 educators in 26 countries have used the labs in their classes.