In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network.
By Arifa Ali, Hannah Buckley, Paul Byrne and Matthew Hastie
Ethical Hacking & Black Hat Hacking Types of Hacking/Data Theft Statistics/Examples of Attacks Skills Required to Prevent Attacks Measures to Prevent Attacks
Brief History Who is a hacker and what do Hackers do ? Hackers Techniques System Hacking, Network Hacking, Software Hacking
Someone who bypasses the systems and Passwords. Taking advantage of weaknesses left in the system by developers. This person knows computer programming Can be a Hacker Subculture Access confidential information Broadcast confidential documents e.g. Name, address, etc. Espionage
Over the internet Over Lan Locally Offline Theft Deception Ip Addresses Telephone Email
Computer Security A Computer Hacker intending to improve security. The Hero
Black Hat Hackers ( The bad guy Violates computers) White Hat Hackers (The Hero Breaks security for good reasons) Blue Hat Hacker (consults firms, system tested before launch) Grey Hacker(Mixture of white & Black offers their service to improve for a small fee) Hacktivist (Utilizes Technology) Script Kiddie (Skiddie)Kid- Child lacking knowledge, Immature Elite Hacker (The most skilled Hacker)(Masters of deception) Ethical Hacker(employee and authorised Hacker) Bots ( software tools the hackers use )
SQL Injection•SQL injection is a type of attack often usedagainst data driven applications.•It is a technique that exploits an applicationssecurity weaknesses.•Used to steal databases full of credit cardinformation, passwords, or personal details.
DDOS Attacks•Distributed Denial of Service.•Used to make a machine or network resourceinaccessible to users.•DDOS attacks usually utilise botnets.
Social Engineering•Social engineering is the art of manipulatingpeople into divulging personal and confidentialinformation.•Requires very little technical skill.•Relies heavily on human interaction to getresults.•Most often used in tandem with other exploits.
Malware and Viruses•Malicious Software.•Used by an attacker to steal data, disruptoperations or access a private network.•Used to describe many different types ofsoftware includingviruses, worms, Trojans, keyloggers, spywareand others.
Computer Virus•Any computer program that can replicate itselfand spread from one computer to anotherwithout input from its creator.•Needs to attach itself to an existing program inorder for it to work.•They are used to deliver many differentpayloads.
Computer Worm•A program similar to a virus; it can replicateitself and spread from one computer to another.•Unlike a virus a worm does not need to beattached to an existing program in order tofunction.•Always cause harm to the network, even if it isjust increased bandwidth consumption, whereasa virus will always corrupt and/or modify files ona computer.
Trojan Horse•A program that pretends to do one thing, but inreality does something else.•Used to record keystrokes input by a user•Can be used to stealusernames, passwords, credit cardinformation, personal details and so on.•Usually employ a form of social engineering.
Firewalls•Program used to monitor network traffic.•Have a set of rules that they use to filterpackets trying to enter the network.•Usually placed between a trusted network andone that is less trusted.
Antivirus Software•Used to prevent access to computer systems byunwanted programs.•Utilises many different methods to protect thecomputer.•Often search for signs of viruses on everywebsite that is visited and do regular scans ofthe computer to check for infections.
Password Cracking-Attempting to guess a password using a program. • Brute Forcing-A program that guesses a password by inputting as many randomly generated passwords using the computer’s processing power. • Dictionary Hack-A program that guesses passwords based on words in a dictionary or the program’s vocabulary. Packet Sniffing-Sniffing packets sent over the internet to gain security details over unsecured connections. Phishing-Legitimate looking sites designed to farm information inputted by the user.
Rootkit-Stealth software which inhibits use of programs executed by the user and hides (usually malicious) processes. Keyloggers-records keystrokes and can be software or hardware. Scareware-A form of software designed to scare the user into divulging information (such as credit card information) much like social engineering. IP Spoofing-Masks the IP address of a hacker and prevents them from being found
Attacks on the increase In 2010 431 million adults worldwide were victims of cyber crime Costs 114 billion pounds worldwide Costs U.K 27 billion pounds a year 10.5% of the worlds hackers are from the U.K
In Brazil 83% of the population have suffered from internet crime. America is not far behind with 73% falling victim to internet crime. Cyber crime can be down to anyone from professional criminals to teenagers
April 2011 Sony Play station network shut down due to external intrusion Password is crucial More letters, numbers and characters in a password the harder it is to crack
Spam blocker Anti Virus software Firewall protection Encryption software Caution in providing personal information Secure Shopping Avoidance of scans Monitoring of your child’s computer activities
Employ more skilled individuals • Pros: Eliminates the need on relying on a small number of people • Cons: Very costly Improve education on internet security and/or lower costs for fees Job Awareness-people are not aware certain jobs are available Higher starting wages to give potential employees an incentive