Network Security Threats

Contents
  1. Hackers & Unauthorised Access
  2. Ethical Hacking
  3. Penetration Testing

1. Hackers & Unauthorised Access

Hacking is the act of gaining unauthorised access to a computer. A hacker will break in by circumventing security, they may know someones password, or they may have found weaknesses in software that allow them to access the computer.

Once a hacker has access to a computer they will be able to access the data on it as if they were an authorised user.

Hacking may take place remotely or even directly on the computer.

The most common form of hacking is someone simply logging onto a computer with someone elses username and password. This is why it is important to have a strong password that no one else knows.


2. Ethical Hacking

Not all hackers are malicious, some hackers can be ethical, and work to help organisations defend themselves from malicious hackers. These ethical hackers may be employed to break into an test the security features of a computer system. They report any issues they find so that they can be addressed.

This is called penetration testing

We use a coloured hat system for identifying what kind of hacker someone is.

  • White hat hackers are ethical hackers and carry out their activities with permission (authorised access)
  • Grey hat hackers are ethical hackers but will hack systsems without permission. They may hack a system to bring attention to a security problem, or for a "bug bounty".
  • Black hat hackers are malicious hackers

3. Penetration Testing

A penetration test (or Pen Test) is carried out by a professional security specialist hired by a company to attack their computer system in a similar manner to a real hacker.

After the penetration test the professional will generate a report highlighting areas of weakness so that the company can improve their security.