Brute force attacks

If a hacker wants to ‘crack’ your password, they can systematically try all the different
combinations of letters, numbers and other symbols until eventually they find your password.
This is known as a brute force attack.

There 2 methods attack through Brute force

The first method is to Check if the password is one of the most common ones used (the five
most common are: 123456, password, qwerty, 111111 and abc123); since these simple
passwords are seen so many times it’s a good place for the hacker to start.

The second method is to start with a strong word list (this is a text file containing a collection of
words that can be used in a brute force attack); some programs will generate a word list
containing a million words. Nonetheless this is still a faster way of cracking a password than just
total trial and error.

Data Interception
Data interception is the unauthorized access to data during its transmission, whether through
wired or wireless communication channels.

Accessing data can be carried out using a packet sniffer, which examines the data packets that
are being sent over a network. The accessed data is sent back to the hacker. This is a common
method when wired networks are used.

Wi-Fi (wireless) data access can be carried out using wardriving or sometimes called Access
Point Mapping. Using this method, data can be accessed using a laptop or smartphone,
antenna and a GPS device together with some software outside a building or in somebody’s
house. The accessed Wi-Fi signal can then reveal personal data to the hacker, often without
the user being aware this is happening.

Encrypting data helps thwart hackers by making it difficult for them to understand intercepted
data without a decryption key. To safeguard against wardriving, using encryption protocols like
wired equivalency privacy (WEP) along with a firewall is recommended. Additionally, securing
wireless routers with complex passwords adds another layer of protection. Avoiding Wi-Fi in
public places like airports, where data encryption may be lacking, helps prevent unauthorized
access to your data by anyone within range.

Distributed Denial of Service (DDoS) attacks

A Distributed Denial of Service (DDoS) attack aims to disrupt a network or server by flooding it
with useless traffic, making it inaccessible to users. Even individuals can be targeted. In a
distributed denial of service (DDoS) the spam traffic originates from many different computers,
which makes it hard to block the attack.

Here's how it works:

When someone tries to access a website or online service, their request goes to the server
hosting that service. But if an attacker overwhelms the server with fake requests, it can't handle
real ones, denying service to genuine users.

In a DDoS attack, the spam traffic comes from many sources, making it hard to block. For
example, an attacker might flood someone's email with spam, filling their inbox and blocking
important emails.

To lessen the impact of DDoS attacks, people and organizations can use malware checkers,
firewalls, and email filters.

Signs of a DDoS attack include slow network, trouble accessing websites or services, and lots
of spam emails. Recognizing these signs can help users protect themselves.

Hacking
Hacking involves gaining unauthorized access to a computer system, often leading to identity
theft or misuse of personal information. Hackers can delete, alter, or share data illegally.
Encryption can make data unreadable to hackers, but it doesn't prevent them from causing
harm. Preventative measures include firewalls, strong and frequently changed passwords, and
anti-hacking software. Ethical hacking, authorized by companies, involves hiring hackers to test
system security and identify vulnerabilities.

Malware
Malware is harmful software that sneaks into computer systems to cause damage or steal
information.

Types of Malware
» Viruses
» Worms
» Trojan horse
» Spyware
» Adware
» Ransomware

I Viruses
Viruses are harmful programs designed to replicate and cause damage to files or computer
systems. They require an active host program or an infected operating system to run and
execute their harmful actions. Viruses can delete files, corrupt data, or disrupt system functions.
They often spread through email attachments, infected websites, or downloaded software. To
protect against viruses, it's important to take safety measures such as avoiding opening emails
from unknown sources, refraining from installing non-original software, and regularly running
up-to-date virus scanners.

II Worms
Worms are a kind of malware that can reproduce on their own. They aim to spread to other
computers and disrupt entire networks. Unlike viruses, worms don't require a host program to be
opened to cause harm. They can hide within applications, enabling them to move across
networks. Unlike viruses that target specific files, worms spread freely by exploiting security
weaknesses in networks.

Worms can spread quickly through networks, they can arrive as message attachments and only
one user opening a worm-infested email could end up infecting the whole network. Unlike
viruses, worms don't need user interaction to spread, making them particularly dangerous. For
instance, the 'I love you' worm wreaked havoc worldwide by infecting countless email users,
causing phone system overloads, and even disrupting television networks. To safeguard against
worms, it's crucial to employ robust security measures and keep antivirus software up-to-date.

III Trojan horse

A Trojan horse is a program which is often disguised as legitimate software but with malicious
instructions embedded within it. A Trojan horse replaces all or part of the legitimate software
with the intent of carrying out some harm to the user’s computer system. They need to be
executed by the end-user and therefore usually arrive as an email attachment or are
downloaded from an infected website. For example, they could be transmitted via a fake
anti-virus program that pops up on the user’s screen claiming their computer is infected and
action needs to be taken. The user will be invited to run fake anti-virus as part of a free trial.
Once the user does this, the damage is done. Once installed on the user’s computer, the Trojan
horse will give cyber criminals access to personal information on your computers, such as IP
addresses, passwords and other personal data. Spyware and ransomware are often installed on
a user’s computer via Trojan horse malware.

IV Spyware
Spyware is a type of software that secretly monitors a user's computer activities and sends the
gathered information to cybercriminals. Its main goal is to capture sensitive data like bank
account details and passwords. Anti-spyware tools can detect and remove it. Spyware poses a
significant threat as it exploits system vulnerabilities, often entering through social engineering
tactics. Finding spyware should raise concerns about the security of the system, as it indicates
potential vulnerabilities that more dangerous malware could exploit.

V Adware
Adware is a type of malware. At its least dangerous it will attempt to flood
an end-user with unwanted advertising. For example, it could redirect a user’s
browser to a website that contains promotional advertising, it could appear in
the form of pop-ups, or it could appear in the browser’s toolbar and redirect
search requests.
Although it is not necessarily harmful, but adware can:
» highlight weaknesses in a user’s security defences
» be hard to remove – it defeats most anti-malware software since it can be difficult to determine
whether or not it is harmful
» hijack a browser and create its own default search requests.

VI Ransomware
Ransomware is a type of malware that locks your computer and encrypts your data, demanding
payment for its release. It's like your computer being held hostage until you pay up. This
malicious software can be installed through tricks like phishing emails or disguised downloads.
Once it's activated, it either encrypts your files immediately or waits to see how much money
you might pay. Prevention includes avoiding suspicious emails, but once it strikes, it's tough to
undo the damage. The best defense is regular backups of important files to avoid being forced
to pay the ransom.

Phishing
Phishing is a type of cybercrime where criminals send deceptive emails to users. These emails
seem legitimate and often pretend to be from trusted sources like banks or service providers.
They contain links or attachments that, when clicked or opened, lead users to fake websites or
prompt them to share personal information like bank details. The crucial point is that the
recipient must take some action for the phishing scam to succeed. By being cautious and
avoiding opening or deleting suspicious emails, users can protect themselves from falling victim
to phishing attacks.

To prevent phishing attacks, it's essential to stay informed about new scams and undergo
regular security training. Avoid clicking on email links unless sure of their safety, especially
those with generic greetings. Use anti-phishing toolbars on browsers and look for HTTPS or the
green padlock symbol in the address bar. Regularly check online accounts and update
passwords. Keep browsers updated and utilize both desktop and network firewalls for enhanced
security. Beware of pop-ups and use the browser's blocking feature; avoid clicking "cancel" and
instead close pop-ups using the small "x" in the corner to mitigate risks of phishing or pharming.

Pharming
Pharming is malicious code installed on a user’s computer or on an infected website. The code
redirects the user’s browser to a fake website without the user’s knowledge. Unlike phishing, the
user doesn’t actually need to take any action for it to be initiated. The creator of the malicious
code can gain personal data, such as bank details, from the user. Often the website appears to
come from a trusted source and can lead to fraud and identity theft. for example, a hacker;
redirection from a legitimate website to the fake website can be done using DNS cache
poisoning.

DNS cache poisoning.

Every time a user types in a URL, their browser contacts the DNS server; the IP address of the
website will then be sent back to their browser. However, DNS cache poisoning changes the
real IP address values to those of the fake website; consequently, the user’s computer will
connect to the fake website.

Pharming poses a significant risk, but measures can be taken to mitigate it. Anti-virus software
helps detect unauthorized website alterations, while modern browsers offer alerts for pharming
and phishing attempts. Verifying website spelling and checking for HTTPS or the green padlock
symbol in the address bar add further layers of defense against pharming attacks.

Social engineering
Social engineering is a tactic employed by cybercriminals to manipulate people into
compromising their security. It involves exploiting human emotions like fear, curiosity, and trust
to trick individuals into breaking security protocols. There are five common types of social
engineering threats:

Instant Messaging: Cybercriminals embed malicious links in instant messages, exploiting

users' curiosity to click on them.

Scareware: This involves fake anti-virus pop-up messages that instill fear in users, prompting
them to download malicious software.

Emails/Phishing Scams: Cybercriminals send seemingly genuine emails with malicious links,
preying on users' trust in well-known companies.

Baiting: Malware-infected devices like memory sticks are strategically left where they can be
found. Users, driven by curiosity, plug them into their computers, unwittingly downloading
malware.

Phone Calls: Cybercriminals pose as IT professionals and manipulate users into downloading
software, exploiting their fear of device compromise.

Social engineering relies on exploiting human emotions:

Fear: Users are panicked into taking immediate action without logical reasoning, making them
susceptible to cyber threats.

Curiosity: Users may willingly divulge sensitive information or download malware out of
curiosity, without considering the consequences.
Empathy and Trust: Users trust seemingly genuine sources like emails or phone calls from
reputable companies, making them vulnerable to exploitation.

PROCESS

Identification and Information Gathering: Cybercriminals identify and gather information

about their victims to plan their attack.

Targeting: Victims are targeted through various means like email, phone calls, or malware.

Execution: The attack is carried out, allowing cybercriminals to obtain information or cause
disruptions.

Cover-up: Once the desired information is obtained, cybercriminals attempt to remove all traces
of malware to conceal their actions.

In essence, social engineering relies on manipulating human behavior rather than hacking into
systems, emphasizing the importance of user awareness and education in cybersecurity.