Network Threats

Hacking

Hacking

What is it?

The act of gaining unauthorised access to a computer system, possibly to disrupt the system/data or to obtain information.

What problems can it cause?

Can lead to fraud, identity theft, using information to harm/embarrass an individual. Data can be lost, changed, deleted or get into the wrong hands.

Any extra details:

Hacking is not ALWAYS malicious. ‘White hat hackers’ often gain unauthorised access to computer systems with the intent to do good or help point out security flaws in a system.

Malware

What IS malware?

Malware is the general name for any malicious program that is designed to cause inconvenience, loss or damage to programs, data or computer systems.

Examples include viruses, spyware, adware, trojans, and worms.

Virus

What is it?

= type of malware which causes physical harm to the computer system by attaching to files and replicating quickly

- A host file containing the virus needs to be opened by the user

- replicates itself by inserting virus code into other computer programs

- Once in memory, all other files copied into memory quickly become infected

What problems can it cause?

- Computer crash

- Loss or corruption of data or system files

Any extra details:

Macro viruses - attached to documents, infects the template and any new files. Less harmful, but can still cause damage.

Worm

What is it?

A type of virus that replicates itself very quickly.

Does not need to be opened first (no user intervention). Spreads through network fast.

What problems can it cause?

The worm does not usually tamper with files.

Instead, it replicates itself so fast that it uses up lots of bandwidth, system memory, and network resources, slowing down the network and the computer until they cannot be used.

Trojan

What is it?

Malware disguised as useful and legitimate software.

The malware is hidden within the useful program and is deployed once the program is installed.

Trojans cannot self-replicate.

What problems can it cause?

Used to open back doors to the system that the hacker can us repeatedly to gain access to the system and data.

Phishing

What is it?

A creator sends out a legitimate looking email, often pretending to be a well-known company, in the hope of gathering personal or financial data to exploit ⇒ often done by manipulating targets to click on a link/bogus website.

What problems can it cause?

Access to personal information can lead to fraud or theft.

Any extra details:

Harm caused by phishing is reliant on the user taking action; your data will not automatically be taken. E.g. the user might press a link or enter details into a fake website

Pharming

What is it?

Malicious code (malware) is installed on a user’s hard drive or on web server. This code seeks to change the IP address stored in the DNS for a particular website to a different IP address. This automatically redirects users to fake, but seemingly legitimate, websites without their knowledge.

What problems can it cause?

Users may enter details e.g. bank details into fake websites without knowing, which can lead to theft and fraud.

Any extra details:

Users are AUTOMATICALLY redirected.

Spyware

What is it?

Malware which gathers information, by monitoring and recording user actions. E.g. keyloggers record all key presses on a keyboard, other spyware reads cookies or monitors a monitor’s visual display.

What problems can it cause?

This allows senders of the spyware to gather information such as passwords, bank details, or habits. This information can then be used for theft and fraud, or to sell to third parties to use in advertising targeting.

DoS

What is it?

- DoS is an attempt at preventing users from accessing part of a network (a website) by using up all the web servers resources.

- Attacker uses a huge quantity of bots or computers with different IP addresses to flood the web server with useless internet traffic

- This puts the server’s CPU and memory under too much strain, and so the server cannot process all the useless data quickly enough.

- Legitimate user requests cannot be processed, the server crashes, and the service stops.

What problems can it cause?

- While the server is down, the system is more vulnerable

- There are some extremely important websites on the web; if these go down for even a second,

there can be serious consequences.

Any extra details:

Reasons to attack: revenge; political motivation; gaining advantages in gaming

The computers used to attack must have different IP addresses, so that the server does not process them all as one request

SQL Injection

What is it?

Web security vulnerability, used to attack data-driven applications by interfering with the queries made. This is done by inputting SQL specific code in query-generator forms.

What problems can it cause?

Allows an attacker to view or tamper with data that should otherwise be hidden from them.

This includes: allowing unauthorized login, retrieval of data from the database (users, passwords, credit card information and other sensitive information), deletion of the database...

Any extra details:

Can be used to cause a DoS attack.

Brute Force Attacks

What is it?

Attackers use trial and error repeatedly and extremely quickly to try and get passed security measures such as passwords. They simply try all possible combinations until the correct password is found.

What problems can it cause?

Once they have gained access to the network, the network is totally exposed and vulnerable to a host of other security threats such as malware the attacker may deploy inside the network.