ECM 1407 Computer Misuse: Hacking

Question 1

The definition of a Hacker:

Answer 1

A person who enjoys exploring the details of programmable systems and how to stretch their capabilities as opposed to most users, who prefer to learn only the minimum necessary.

Question 2

The 3 eras of hacking

Answer 2

Era 1: The joy of programming
Era 2: Dark Side
Era3: a destructive and criminal tool

Question 3

Skill level and hacker types:

Answer 3

• Master
  ○ The ability to create new attack toolkits
  ○ Hard to defend against with zero-delay vulnerabilities
• Journeyman
  ○ Has the ability to modify attack toolkits
  ○ Attacks are more targeted and harder to defend against
• Apprentice
  ○ Has basic understanding of how to use attack toolkits.
  ○ Responsible for the highest volume of attacks, but their attacks are the easiest to defend against.

Question 4

The different shades of hacker:

Answer 4

• Black-hat hackers
  ○ People who try to break into systems/networks to exploit them for malicious reasons.
• Gray-hat hackers
  ○ They don’t use their capabilities for personal gain, but rather unofficially breach a system/network for the purpose of either practise or notifying the affected corporation
• White-hat hackers
  - Ethical hackers who find vulnerability in systems to help strengthen the security of these systems. They are employed by companies for this.

Question 5

What are some factors contributing to security vulnerability?

Answer 5

• Inherent complexity of computer systems
• Impossibility of bug-free software
• Human nature and social engineering
• Interconnectivity

Question 6

What is a computer virus?

Answer 6

A piece of software attached to genuine files (i.e., host file) designed to replicate itself and perform malicious actions (e.g., delete files) when activated.

Question 7

What is a computer worm?

Answer 7

A standalone piece of software that performs malicious actions and can replicate itself without the need of a host file to work

Question 8

What is a backdoor?

Answer 8

A malware that allows access to a particular system at a future time by bypassing normal layers of security measures

Question 9

What is a trojan horse?

Answer 9

A program that looks like a genuine application but includes a component that performs malicious actions (e.g., sending spam, installing viruses, creating a backdoor)

Question 10

What is ransomware?

Answer 10

A ransomware is a malware that encrypts files on a computer and then displays a message demanding payment for the key to decrypt the files.

Question 11

Define social engineering

Answer 11

Social engineering is the manipulation of people into releasing sensitive information on performing a task that often weakens security measures

Question 12

Define phishing

Answer 12

Phishing is a type of fraud in which an attacker sends a message to trick a victim into revealing sensitive information or performing a task

Question 13

Define hacktivism

Answer 13

Hacking for politically or socially motivated purposes

Question 14

Hacktivism examples

Answer 14

• Anonymous group has taken offline 40 sites that traded images of child sexual abuse
• Syrian Defense Ministry website hacked also by anonymouse
• Hackers cracked emails of pro-kremlin activists and officials
• The Sony Playstation network was taken offline by “LulzSec”