Internet security powerpoint

By Arifa Ali, Hannah Buckley, Paul Byrne and Matthew Hastie

Internet Security

Ethical Hacking & Black Hat HackingTypes of Hacking/Data TheftStatistics/Examples of AttacksSkills Required to Prevent AttacksMeasures to Prevent Attacks

Introduction

Brief History Who is a hacker and what do Hackers do ? Hackers Techniques System Hacking, Network Hacking, Software Hacking

Outline

Someone who bypasses the systems and Passwords.Taking advantage of weaknesses left in the system by

developers.This person knows computer programmingCan be a Hacker SubcultureAccess confidential informationBroadcast confidential documents e.g. Name, address,

etc.Espionage

Who is a Hacker and what can they do ?

Over the internetOver Lan LocallyOfflineTheftDeceptionIp AddressesTelephoneEmail

Methods of Hacking

Malicious Hackers

Villain

Violates Computer Security

Black Hat Cracker

Computer Security

A Computer Hacker intending to improve security.

The Hero

White Hat Hacker

List of Hackers

Black Hat Hackers ( The bad guy Violates computers)

White Hat Hackers (The Hero Breaks security for good reasons)

Blue Hat Hacker (consults firms, system tested before launch)

Grey Hacker(Mixture of white & Black offers their service to improve for a small fee)

Hacktivist (Utilizes Technology)

Script Kiddie (Skiddie)Kid- Child lacking knowledge, Immature

Elite Hacker (The most skilled Hacker)(Masters of deception)

Ethical Hacker(employee and authorised Hacker)

Bots ( software tools the hackers use )

SQL Injection

•SQL injection is a type of attack often used against data driven applications. •It is a technique that exploits an applications security weaknesses.•Used to steal databases full of credit card information, passwords, or personal details.

DDOS Attacks

•Distributed Denial of Service.•Used to make a machine or network resource inaccessible to users.•DDOS attacks usually utilise botnets.

Social Engineering

•Social engineering is the art of manipulating people into divulging personal and confidential information. •Requires very little technical skill.•Relies heavily on human interaction to get results.•Most often used in tandem with other exploits.

Malware and Viruses

•Malicious Software.•Used by an attacker to steal data, disrupt operations or access a private network.•Used to describe many different types of software including viruses, worms, Trojans, keyloggers, spyware and others.

Computer Virus

•Any computer program that can replicate itself and spread from one computer to another without input from its creator.•Needs to attach itself to an existing program in order for it to work.•They are used to deliver many different payloads.

Computer Worm

•A program similar to a virus; it can replicate itself and spread from one computer to another.•Unlike a virus a worm does not need to be attached to an existing program in order to function.•Always cause harm to the network, even if it is just increased bandwidth consumption, whereas a virus will always corrupt and/or modify files on a computer.

Trojan Horse

•A program that pretends to do one thing, but in reality does something else.•Used to record keystrokes input by a user•Can be used to steal usernames, passwords, credit card information, personal details and so on.•Usually employ a form of social engineering.

Firewalls

•Program used to monitor network traffic. •Have a set of rules that they use to filter packets trying to enter the network.•Usually placed between a trusted network and one that is less trusted.

Antivirus Software

•Used to prevent access to computer systems by unwanted programs.•Utilises many different methods to protect the computer.•Often search for signs of viruses on every website that is visited and do regular scans of the computer to check for infections.

Password Cracking-Attempting to guess a password using a program.• Brute Forcing-A program that guesses a password by

inputting as many randomly generated passwords using the computer’s processing power.

• Dictionary Hack-A program that guesses passwords based on words in a dictionary or the program’s vocabulary.

Packet Sniffing-Sniffing packets sent over the internet to gain security details over unsecured connections.

Phishing-Legitimate looking sites designed to farm information inputted by the user.

Types of Hacking/Data Theft

Rootkit-Stealth software which inhibits use of programs executed by the user and hides (usually malicious) processes.

Keyloggers-records keystrokes and can be software or hardware.

Scareware-A form of software designed to scare the user into divulging information (such as credit card information) much like social engineering.

IP Spoofing-Masks the IP address of a hacker and prevents them from being found

Types of Hacking/Data Theft

StatisticsAttacks on the increaseIn 2010 431 million adults worldwide were victims of

cyber crimeCosts 114 billion pounds worldwideCosts U.K 27 billion pounds a year10.5% of the worlds hackers are from the U.K

StatisticsIn Brazil 83% of the population have suffered from

internet crime.

America is not far behind with 73% falling victim to internet crime.

Cyber crime can be down to anyone from professional criminals to teenagers

Annual Damage Costs

StatisticsApril 2011 Sony Play station network shut down due to

external intrusion

Password is crucial

More letters, numbers and characters in a password the harder it is to crack

Yearly amount of internet fraud

Skills to prevent cyber crimeSpam blockerAnti Virus softwareFirewall protectionEncryption softwareCaution in providing personal informationSecure ShoppingAvoidance of scansMonitoring of your child’s computer activities

Employ more skilled individuals• Pros: Eliminates the need on relying on a small number of

people• Cons: Very costly

Improve education on internet security and/or lower costs for fees

Job Awareness-people are not aware certain jobs are available

Higher starting wages to give potential employees an incentive

Measures to reduce shortage of skills

Any Questions?

Conclusion