Hacking is the act of gaining unauthorised access to a computer. A hacker will break in by circumventing security, they may know someones password, or they may have found weaknesses in software that allow them to access the computer.
Once a hacker has access to a computer they will be able to access the data on it as if they were an authorised user.
Hacking may take place remotely or even directly on the computer.
The most common form of hacking is someone simply logging onto a computer with someone elses username and password. This is why it is important to have a strong password that no one else knows.
Not all hackers are malicious, some hackers can be ethical, and work to help organisations defend themselves from malicious hackers. These ethical hackers may be employed to break into an test the security features of a computer system. They report any issues they find so that they can be addressed.
This is called penetration testing
We use a coloured hat system for identifying what kind of hacker someone is.
Malware is Malicious Software that causes damage. Once on a computer they can delete files , change files, copy files, and even encrypt files.
There are many types of malware and one piece of malware can be categorised in many ways:
Malware can get infect a computer in numerous different ways including from the user downloading unknown files, downloading e-mail attachments, opening files from external storage, or from other computers on the network. Viruses could also be installed intentionally as well as accidentally.
Anti-malware software (AKA Antivirus) scans a computers files and any incoming files. The files are compared to a database of virus signatures. If the file matches a signature in the database then it is identified as a virus. Anti-malware software must be kept up to date so that new viruses can be identified.
Sometimes called Man in the Middle attack or Passive attack, the attacker monitors data being sent over a network. The data being sent can be read and it may contain passwords, sensitive information, credit card details etc. Usually the attacker does not modify the data so the victims don’t realise it is happening.
Data interception cannot be prevented however the risks can be mitigated by using encryption to stop the data from being read.
A computer and network could have every possible protection but the most difficult vulnerability to fix is us (humans). Social Engineering is convincing a user to compromise the security of a computer or network For example: Tricking a user to use a USB Flash drive which has a virus or calling someone up to trick them into giving them remote access to a computer. There are four types of Social Engineering: Phishing, Pre-texting, Baiting and Quid Pro Quo
Phishing is an example of Social Engineering where the attacker sends out e-mails pretending to be a trustworthy company or person. The e-mail will try to convince the user to click a link and this may lead to a page with a virus download or a website which attempts to trick the user into giving up personal information.
With Pre-texting, an attacker will manipulate a victim by telling them a story as to why they need to divulge information. The story is used to help the attacker gain the victims trust. Examples:
Baiting is where a hacker will use a false promise to entice a user into giving up information or into installing malware. For example: Leaving USB drives outside buildings in the hope that one will be taken inside and plugged into a computer
An attacker will offer an exchange often information in exchange for money. Usually the attacker will not pay the victim - remember if an offer seems too good to be true it probably is!
The best way to defend against Social Engineering within an organisation is through the use of an Acceptable Use Policy (AUP). The AUP is a document which contains a set of common rules and procedures. Typically within an organisation everyone using IT equipment have to agree to and abide by the AUP.