Break-ins are unauthorized access to one or more systems in which the attacker masquerades as a legitimate user, usually (but not always) by entering the correct username and password. When authenticated as a user, the attacker can do virtually anything that the legitimate user can do, including read email messages in the user's email queue, send messages, access the home directory and any subdirectories and files therein, and so on. In most break-ins, however, the intruder's goal is not simply to reach another user's account. The goal instead is often to gain shell access, meaning access to a command shell such as /bin/sh or /bin/tsh in UNIX or cmd.exe in Windows systems. With access to a shell, intruders can run programs or scripts that can expand the intruder's access to the system and/or network, usually by escalating the privilege level, as you will see shortly.

Too often, unfortunately, senior-level managers trivialize break-ins, thinking they are caused by pimply-faced teenagers who cannot really cause any damage. Sometimes this preconception is true, but a large body of evidence strongly indicates that break-ins are performed by a wide range of perpetrators, often even by members of an organized crime ring or a country's intelligence agency. Break-ins can result in theft of valuable data and/or software. Break-ins to systems of several vendors, for example, have resulted in theft of source code for operating systems and other products. Additionally, a break-in can result in compromise of integrity. Consider, for example, the break-in to a U.S. government laboratory once in which the intruders changed the value of pi in a critical scientific application to 3.8!

Even if data or programs are not stolen or altered, break-ins can result in sizeable loss. A break-in into a single system in a National Aeronautics and Space Administration (NASA) site once disrupted space flight operations for several weeks. The victim machine, operated by the Missions Operation Directorate (MOD), was critical in controlling functions for manned space flights. This machine had to be carefully inspected, restored, and tested before NASA officials approved it for use in operations again. The financial cost was high; the delay substantially ran up the cost of the launch.