Internet

Threats
by: Michelle A. Caina
Hacking
Is the act of compromising digital
devices and networks through
unauthorized access to an account or
computer system
Hacking is not always a malicious act,
but it is most commonly associated
with illegal activity and data theft by
cyber criminals.
Refers to the misuse of devices like
computers, smartphones, tablets,
and networks to cause damage to or
corrupt systems, gather information
on users, steal data and documents,
or disrupt data-related activity.
 Hackers
A hacker is an individual who uses
computer, networking or other skills
to overcome a technical problem.
The term also may refer to anyone
who uses their abilities to gain
unauthorized access to systems or
networks in order to commit crimes.
A hacker may, for example, steal
information to hurt people via
identity theft or bring down a system
and, often, hold it hostage in order to
collect a ransom.
There are typically four key
drivers that lead to bad actors
hacking websites or systems:
(1) financial gain through the theft of
credit card details or by defrauding
financial services,
(2) corporate espionage,
(3) to gain notoriety or respect for their
hacking talents, and
(4) state-sponsored hacking that aims to
steal business information and national
intelligence.
Types of Hackers
Black hat hackers are the "bad guys" of
the hacking scene.
They go out of their way to discover
vulnerabilities in computer systems and
software to exploit them for financial
gain or for more malicious purposes,
such as to gain reputation, carry out
corporate espionage, or as part of a
nation-state hacking campaign.
These individuals’ actions can inflict
serious damage on both computer
users and the organizations they work
for.
They can steal sensitive personal
information, compromise computer
and financial systems, and alter or take
down the functionality of websites and
critical networks.
White hat hackers can be seen as the
“good guys” who attempt to prevent the
success of black hat hackers through
proactive hacking.
They use their technical skills to break
into systems to assess and test the
level of network security, also known as
ethical hacking.
This helps expose vulnerabilities in
systems before black hat hackers can
detect and exploit them.
The techniques white hat hackers use
are similar to or even identical to those
of black hat hackers, but these
individuals are hired by organizations
to test and discover potential holes in
their security defenses.
Grey hat hackers sit somewhere
between the good and the bad guys.
Unlike black hat hackers, they
attempt to violate standards and
principles but without intending to
do harm or gain financially.
Their actions are typically carried out
for the common good.
For example, they may exploit a
vulnerability to raise awareness that
it exists, but unlike white hat hackers,
they do so publicly.
This alerts malicious actors to the
existence of the vulnerability.
Common Hacking
Techniques
 Malware
Malware, or “malicious software,” is
an umbrella term that describes
any malicious program or code that
is harmful to systems.
Malware seeks to invade, damage,
or disable computers, computer
systems, networks, tablets, and
mobile devices, often by taking
partial control over a device’s
operations. Like the human flu, it
interferes with normal functioning.
Malicious software that infects your
computer, such as computer
viruses, worms, Trojan horses,
spyware, and adware.
 Intimidate you with scareware,
What it can which is usually a pop-up message
do: that tells you your computer has a
security problem or other false
information.
Reformat the hard drive of your
computer causing you to lose all
your information.
Steal, encrypt, or delete your
data.
Send emails on your behalf.
Take control of your computer
and all the software running on
it.
How can I tell
if I have a Your computer slows down.
malware Your screen is inundated with annoying
ads.
infection? Your system crashes.
You notice a mysterious loss of disk
space.
There’s a weird increase in your
system’s Internet activity.
Your browser settings change.
Your antivirus product stops working
You lose access to your files or your
entire computer.
 Pharming
A portmanteau of the words
"phishing" and "farming", is an online
scam similar to phishing, where a
website's traffic is manipulated, and
confidential information is stolen.
It is the criminal act of producing a
fake website and then redirecting
users to it.
 Redirect internet users trying to
What it can reach a specific website to a
do: different, fake site
Convince you that the site is real
and legitimate by spoofing or
looking almost identical to the
actual site down to the smallest
details.
You may enter your personal
information and unknowingly
give it to someone with
malicious intent.
 Phishing
Is a fraudulent practice where
cybercriminals send you emails that
appear to come from reputable
organizations.
Fake emails, text messages and
websites created to look like they're
from authentic companies.
They're sent by criminals to steal
personal and financial information
from you.
This is also known as “spoofing”.
 Trick you into giving them
What it can information by asking you to
do: update, validate or confirm your
account.
It is often presented in a manner
than seems official and
intimidating, to encourage you to
take action.
Provides cyber criminals with your
username and passwords so that
they can access your accounts
(your online bank account,
shopping accounts, etc.) and steal
your credit card numbers
Ransomware
Ransomware is a type of malware
that restricts access to your
computer or your files.
Displays a message that demands
payment in order for the restriction
to be removed.
The two most common means of
infection appear to be phishing
emails that contain malicious
attachments and website pop-up
advertisements.
 There are two common types of
ransomware:
What it can 1. Lockscreen ransomware: displays
an image that prevents you from
do: accessing your computer
2. Encryption ransomware: encrypts
files on your system's hard drive and
sometimes on shared network drives,
USB drives, external hard drives, and
even some cloud storage drives,
preventing you from opening them
Ransomware will display a
notification stating that your
computer or data have been locked
and demanding a payment be made
for you to regain access. Sometimes
the notification states that
authorities have detected illegal
activity on your computer, and that
the payment is a fine to avoid
prosecution.
 Do not pay the ransom. These
What you threats are meant to scare and
intimidate you, and they do not
can do: come from a law enforcement
agency. Even if you submit
payment, there is no
guaranteethat you will regain
access to your system.
Contact a reputable computer
technician or specialist to find out
whether your computer can be
repaired and your data retrieved.
In order to lessen the impact of a
ransomware infection, be sure to
regularly back-up your data with a
removable external storage drive.
 Spam
Is a digital junk mail — unsolicited
communications sent in bulk over
the internet or through any
electronic messaging system.
Spamming is the act of sending
these messages, and a person who
engages in the practice is a
spammer.
 Annoy you with unwanted junk
What it can mail.
Create a burden for
do: communications service
providers and businesses to
filter electronic messages.
Phish for your information by
tricking you into following links
or entering details with too-
good-to-be-true offers and
promotions.
Provide a vehicle for malware,
scams, fraud and threats to
your privacy.
 Spyware
(Spyware & Adware)
Spyware and adware are often used
by third parties to infiltrate your
computer.
What it is:
Software that collects personal
information about you without you
knowing.
They often come in the form of a
‘free' download and are installed
automatically with or without your
consent.
These are difficult to remove and
can infect your computer with
 Collect information about you
What it can without you knowing about it
and give it to third parties.
do: Send your usernames,
passwords, surfing habits, list
of applications you've
downloaded, settings, and even
the version of your operating
system to third parties.
Change the way your computer
runs without your knowledge.
Take you to unwanted sites or
inundate you with
uncontrollable pop-up ads.
 Spyware
Spyware is malicious software that
runs secretly on a computer and
reports back to a remote user.
Rather than simply disrupting a
device’s operations, spyware targets
sensitive information and can grant
remote access to predators.
Spyware is often used to steal financial
or personal information.
A specific type of spyware is a
keylogger, which records your
keystrokes to reveal passwords and
personal information.
 Adware
Adware is malicious software used to
collect data on your computer usage
and provide appropriate
advertisements to you.
Adware can redirect your browser to
unsafe sites, and it can even contain
Trojan horses and spyware.
Additionally, significant levels of
adware can slow down your system
noticeably.
Trojan Horses
Is one of the most dangerous malware
types.
It usually represents itself as something
useful in order to trick you.
Once it’s on your system, the attackers
behind the Trojan gain unauthorized
access to the affected computer.
From there, Trojans can be used to steal
financial information or install other forms
of malware, often ransomware.Disguised
as helpful software programs
Unlike normal viruses and worms, Trojan
viruses are not designed to self-replicate.
What it can
Delete your files.
do: Use your computer to hack
other computers.
Watch you through your web
cam.
Log your keystrokes (such as a
credit card number you entered
in an online purchase).
Record usernames, passwords
and other personal information
 Viruses
Is a malicious piece of computer code
designed to spread from device to device.
A subset of malware, these self-copying
threats are usually designed to damage a
device or steal data.
A virus is malicious software attached to a
document or file that supports macros to
execute its code and spread from host to
host.
Once downloaded, the virus will lay dormant
until the file is opened and in use.
Viruses are designed to disrupt a system’s
ability to operate.
As a result, viruses can cause significant
operational issues and data loss.
Just visiting a site can start an automatic
download of a virus.
 Send spam.
Provide criminals with access to
What it can your computer and contact lists.
do: Scan and find personal
information like passwords on
your computer.
Hijack your web browser.
Disable your security settings.
Display unwanted ads.
When a program is running, the
virus attached to it could
infiltrate your hard drive and
also spread to USB keys and
external hard drives.
Any attachment you create using
this program and send to
someone else could also infect
them with the virus.
 Harm your computer by
damaging programs, deleting
What it can files, or reformatting the hard
do: drive.
Others simply replicate
themselves or flood a network
with traffic, making it impossible
to perform any internet activity.
Even less harmful computer
viruses can significantly disrupt
your system’s performance,
sapping computer memory and
causing frequent computer
crashes.
 Here are a few things to check for:
How will you It takes longer than usual for your
computer to start up
know if your It restarts on its own or doesn't start up at
all.
computer is It takes a long time to launch a program.
Files and data have disappeared.
infected? Your system and programs crash
constantly.
The homepage you set on your web
browser is different (note that this could
be caused by Adware that has been
installed on your computer).
Web pages are slow to load.
Your computer screen looks distorted.
Programs are running without your
control.
If you suspect a problem, make sure your
security software is up to date and run it
to check for infection.
If nothing is found, or if you are unsure of
what to do, seek technical help.
Wi-Fi Eavesdropping
Also known as an “evil twin” attack,
hackers perform Wi-Fi eavesdropping is
a type of man-in-the-middle attack that
tricks unsuspecting victims into
connecting to a malicious Wi-Fi network.
To perform Wi-Fi eavesdropping, a
hacker sets up a Wi-Fi hotspot near a
location where people usually connect
to a public Wi-Fi network.
This can be a hotel, a restaurant or your
local Starbucks. The hacker then names
the hotspot after the actual public
network that people use in that location
(thus the name “evil twin”).
What it can
do: Potentially access your
computer with the right
equipment.
Steal your personal information
including logins and passwords.
 Worms
A computer worm is a type of malware that
spreads copies of itself from computer to
computer.
A worm can replicate itself without any human
interaction, and it does not need to attach
itself to a software program in order to cause
damage.
A worm, unlike a virus, goes to work on its own
without attaching itself to files or programs.
It lives in your computer memory, doesn't
damage or alter the hard drive and propagates
by sending itself to other computers in a
network – whether within a company or the
Internet itself.
 Worms can be transmitted via software
vulnerabilities.
What it can Or computer worms could arrive as
attachments in spam emails or instant
do: messages (IMs).
Once opened, these files could provide a link
to a malicious website or automatically
download the computer worm.
Once it’s installed, the worm silently goes to
work and infects the machine without the
user’s knowledge.
Worms can modify and delete files, and they
can even inject additional malicious software
onto a computer.
Sometimes a computer worm’s purpose is
only to make copies of itself over and over —
depleting system resources, such as hard
drive space or bandwidth, by overloading a
shared network. In addition to wreaking havoc
on a computer’s resources, worms can also
steal data, install a backdoor, and allow a
hacker to gain control over a computer and its
system settings.
 Devices Most
Vulnerable To
Hacking

Smart Devices
Webcams
Routers
Email
Jailbroken Phones
Prevention from
Getting Hacked Software Update
Use Unique Passwords for
Different Accounts
HTTPS Encryption
Avoid Clicking on Ads or
Strange Links
Change the Default Username
and Password on Your Router
and Smart Devices
Protect Yourself
Against Hacking Download from First-party
Sources
Install Antivirus Software
Use a VPN
Do Not Login as an Admin by
Default
Use a Password Manager
Use Two-factor Authentication
Brush Up on Anti-phishing
Techniques
 Thank You!
DON'T HESITATE TO ASK ANY QUESTIONS!