Computer Misuse Flashcards
What is hacking era 1
The joy of programming, enjoys the detail and stretching their capabilities, as opposed to most users who prefer to learn only the minimum
What is hacking era 2
The rise of hackings dark side
What is hacking era 3
hacking as a destructive criminal tool, a computer expert whobreaks into computer systems and/or accesses data which would otherwise be unavailable to them
What are the different levels of skills for hackers
Master
Journeyman
Apprentice
Define an apprentice
- They have a basic understanding of how to use attack toolkits.
- They are responsible for the highest volume of attacks, but their attacks are the easiest to defend against.
Define a journeyman
They have the ability to modify attack toolkits. * These attacks are more targeted and are harder to defend against.
Define a master
They have the ability to create new attack toolkits. * Their attacks are hard to defend against and are often zero-day vulnerabilities.
What are the hacker types
white hat
Black hat
gray hat
New
blue hat
red hat
green hat
Define a black hat hacker
people who try to break into systems and/or networds to exploit them for malicious reasons
Define a gray hat hacker
are between black hat and white-hat definition. They move between the two, but they don’t use their skill for personal gain
Define white hat hackers
they are ethical hackers who find vulnerabilities in systems to help strengthen the security of these systems
Define blue hat hackers
to test to systems to see levels of security
Define red hat hackers
those that fight against black hat hackers
Define green hat hackers
new-comers, those at apprentice levels
What is an interruption attack
a hacker disrupts the service being provided and is degraded or unavailable to authorised users
What is an interuption attack
often called Denial of Serivce, Dos, an attempt to make a computer resource unavaliable
What are some example of interruption attack
e.g. DOS - overloading server, vandilising, redirectiing requests to invalid destinations
theft
What is an interception attack
In an interception attack, an unauthorized individual gains access to confidential or private information.
interception attacks are attacks against network confidentiality.
Performed by snooping on network traffic to try to obtain data such as passwords, credit card numbers or other types of sensitive information that may be transmitted in clear text.
What are examples of interception attacks
○ Eavesdropping on communication.
○ Wiretapping telecommunications networks.
○ copying of files or programs.
○ Obtaining copies of messages for later replay
What is a modification attack
where an unauthorised individual not only gains access to, but tampers with information, resources, or services
What are examples of modification attack
○ Modifying the contents of messages in the network.
○ Changing information stored in data files.
○ Altering programs so they perform differently.
○ Reconfiguring system hardware or network topologies.
○ Also called “man in the middle” attacks.
What is a fabrication attack
This is where an individual inserts counterfeit information, resources, or services into the network. Fabrication attacks are attacks against the authentication access control, and authorisation capabilities of the network.
What forms do fabrication attacks come in
○ Inserting messages into the network using the identity of another individual.
○ Replaying previously intercepted messages.
○ Spoofing a web site or other network service.
○ Taking the address of another host or service, essentially becoming that host or service.
○ Also called “masquerading” attacks.
Define a computer virus
a piece of software attached to genuine files (i.e., host file), designed to replicate itself and perform malicious actions (e.g., delete files) when activated.
Define a computer worm
A computer worm is a standalone piece of software that performs malicious actions and can replicate itself, without the need of a host file to work.
Define a backdoor
A backdoor is a malware that allows access to a particular system at a future time by bypassing normal layers of security measures.
Define a Trojan horse
is a program that looks like a genuine application but includes a component that performs malicious actions (e.g., sending spam, installing a virus, creating a backdoor)
Define randsomware
a malware that encrypts files on a computer and then displays a message demanding payment for the key to decrypt the files.
What is social engineering
is the manipulation of people releasing sensitive information or performing a task that often weakens security measured
What is phishing
is a type of fraud that an attacker sends a message to trick a victim into revealing sensitive information or performing a task.
What is hacktivism
hacking for politically or socially motivated purpose
What is cyberwarfare
involves hacking a nation-state or international organisation aiming to damage its computers, information networks and other vital systems
What are the 3 main features of the Computer Misue Act
- Unauthorised access
- Ulterior intent
- Unauthorised modification
What is the Regulation of Investigatory Powers Act 2000
An individual believed to have cryptographic keys may face up to two years imprisonment for refusing to hand them over to the police.
