Joseph Owen.  Aims:  To look at types of hackers  To look at different types of attacks  How to protect your network  Objectives  You will know.

Slides:



Advertisements
Similar presentations
By Andy Scott, Michael Murray and Adam Kanopa
Advertisements

UNIT 20 The ex-hacker.
ETHICAL HACKING.
Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
Protection from Internet Theft By James Seegars. What Is Hacking? Definition – A)To change or alter(Computer Program) – B) To gain access to (a computer.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Prepared by: Nahed Al-Salah
1 UNIT 20 The ex-hacker Lecturer: Ghadah Aldehim.
The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.
Security strategy. What is security strategy? How an organisation plans to protect and respond to security attacks on their information technology assets.
Web server security Dr Jim Briggs WEBP security1.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Hacking By: Caleb Herring Katie Edom. What is Computer Hacking Computer Hacking is defined as one who uses programming skills to access, legally.
By Carlos G. Coca.  Originally a person who was skilled at programming language who was able to create/alter web content.  Now: “A person who illegally.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Issues Raised by ICT.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Security. Introduction to Security Why do we need security? What happens if data is lost? –Wrong business decisions through lack of information –Long-term.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Cyber Crime & Security Raghunath M D BSNL Mobile Services,
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
Cyber Crimes.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
I.T Security Advice for Dummies By Kirsty Pollard Kirsty Pollard Campsmount Academy.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
All Input is Evil (Part 1) Introduction Will not cover everything Healthy level of paranoia Use my DVD Swap Shop application (week 2)
Security. Security Flaws Errors that can be exploited by attackers Constantly exploited.
Encryption and Hacking By Steph Garrihy. What is Encryption? Encryption is when data is scrambled by software using a preset key so that anyone viewing.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
Topic 5: Basic Security.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
CHAPTER 2 Laws of Security. Introduction Laws of security enable user make the judgment about the security of a system. Some of the “laws” are not really.
Computer Security By Duncan Hall.
Network Security.  With an increasing amount of people getting connected to networks, the security threats that cause massive harm are increasing also.
ICT and the Law Mr Conti. Did you see anything wrong with that? Most people wouldn’t want that sort of information posted in a public place. Why? Because.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
IT Ess I v.4x Chapter 1 Cisco Discovery Semester 1 Chapter 8 JEOPADY Q&A by SMBender, Template by K. Martin.
Information Systems Design and Development Security Risks Computing Science.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
By Collin Donaldson Man in the Middle Attack: Password Sniffing and Cracking.
Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Cyber crimes is the most popular news we come across daily In good olden days there were no development in the usage of computers as we have now As.
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Technical Implementation: Security Risks
Security Risks Todays Lesson Security Risks Security Precautions
Unit 3 Section 6.4: Internet Security
Instructor Materials Chapter 7 Network Security
Big Picture How many ways can a system be attacked? What can we do about it?
Teaching Computing to GCSE
– Communication Technology in a Changing World
Malware, Phishing and Network Policies
ISNE101 Dr. Ken Cosh Week 13.
Faculty of Science IT Department By Raz Dara MA.
Computer Security By: Muhammed Anwar.
Test 3 review FTP & Cybersecurity
G061 - Network Security.
Unit 6.10 – L3 Internet Security
Presentation transcript:

Joseph Owen

 Aims:  To look at types of hackers  To look at different types of attacks  How to protect your network  Objectives  You will know 3 types of hackers  You will know 6 types of attacks  You will know how to protect your networks against these types of attacks

 The best way to protect your website, is to know how others try and attack it  Nothing in this lecture will teach you any details about using the attacks  Any attempt to attack/gain access to networks is illegal under the Computer Misuse Act, 1990

 1. Unauthorised access to computer material  2. Unauthorised access with intent to commit of facilitate commission of further offences  3. Unauthorised acts with intent to impair, or with recklessness as to impairing, operation of computer, etc.  3a. Making, supplying or obtaining articles for use in offence under section 1 or 3 

 Due to the threat of attack, many companies employ a team to protect their network  Quite often this team know how to get into the network, then close the hole behind them  You could make very good money doing so  You sign documents to say what you are doing, and declare you will not use your skills for the wrong reasons

 Quite often major companies will not report attacks  If a bank was target successfully and it made the news  People would worry about their savings etc…  They would take their money elsewhere

 Otherwise known as ethical hackers  The hacking they undertake is legal and/or permitted by the company  Used to reinforce systems, and stop other hackers  This does not include, hacking for ‘the greater good’

 Unlike white hat, grey hat hackers are breaking the law  They general feel they are doing so for good  They do not hack for personal gain, but the gain of others, although they can sometimes request a fee for fixing defects  This could include, other hackers, companies, small firms, government etc…

 100% illegal  Hacking for personal gain, including financial, blackmail etc…  They can hack into networks to steal, replace or destroy data  Could often be a team of hackers, who may not even know each other, working anonymously

 Script kiddie  Someone who uses existing scripts to attempt to hack  Hacktivist  A form of electronic protests  Blue hat  Used in the beta stage of software development

 The first recorded computer virus  Written by Bob Thomas in 1971  It used an open port to enter the computer, display a message and self replicate to other computers on the network  I’m the creeper, catch me if you can!

 DOS/Ddos  Packet sniffing  Man in the middle  Password cracking  SQL injection  Social engineering

 Where data packets are sent in massive quantities to an IP address to put a strain on the web server  This stops legitimate users being able to access the site due to the ‘high traffic’  Distributed (DDoS) is where ‘zombie’ computers are led by master computers DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

The zombie computers may be legitimate users who are unaware their machine is being used in an attack Due to the nature of the web this can be spread worldwide

 A server side firewall, preventing the packets reaching your server  Discuss with your ISP, as they may provide solutions and/or protection against attacks  DDoS mitigation services, where you can pay a fee for someone to reroute the packets to a dummy server DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 A device will sit in the network intercepting packets  This could be between router and computer  Between you and you ISP  Can either be:  Filtered, configured to take certain information such as passwords  Unfiltered, takes everything it can  Software was initially used legally to detect network faults DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

ComputerRouter ISP

ComputerRouter ISP Sniffer

ComputerRouter ISP Sniffer

 Use higher levels of encryption  Use HTTPS channels to reduce the risk of data leaks  Use a variety of passwords for different applications/devices  This will limit the damage if they successfully gain data DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 Network eavesdropping  A machine inserts itself into a network and starts conversations with the computers or servers, tricking them into thinking that they are the other party  Works in real time, so no suspicion caused DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

Party 1Party 2 Party 1MITM Party 2 Expected Reality

 Encryption that the MITM will not be able to decipher  HTTPS  Security certificates  As you can see, similar to stopping packet sniffers DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 This attack can have many variations:  Password Guessing  Brute Force  Dictionary attacks  Password resetting  Hash decrypting  Many people reuse the same passwords for many logins so results can be catastrophic DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 Use secure passwords   Don’t reuse passwords  Update passwords  Never disclose your passwords DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 Using SQL (Structured Querying Language) to fool data input fields  Most online forms have a database running in the background  Instead of putting your name in a form, enter code to retrieve information DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 The most common form of attack  Tricking the user into giving away their details  A rich relative from Nigeria  The ‘bank’ needing your details  Very effective on the non computer literate DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 Never give away information regarding your accounts  Never give away personal information (might be used for security questions)  Educate your friends/family/staff about the dangers DDoS – Packet Sniffing – Man in the middle – Password Cracking – SQL injection – Social Engineering

 Root kit  Software to undermine the computer system  Key loggers  Records the keys pressed on a keyboard and sends them to the attacker  Trojan horse  Pretends to be legitimate software, but it is really a virus

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.