Hacking for Dummies
Keystroke logging is essentially hardware or software that records the keys struck on a keyboard, and typically the person is unaware of the malicious software. Key loggers may obtain sensitive information such as passwords and credit card information.
Targets the computer’s software so that keyloggers wouldn’t be stopped by HTTPS encryption because that only protects data in transit between computers and this method of keylogging attacks the computer’s software.
Consists of physical access to the targeted computer. Some methods include:
- firmware-based- physical access is required to load software into the BIOS to record keyboard events when they are processed.
- acoustic keyloggers- monitoring the sound of someone typing on the computer. (acoustic cryptanalysis- deciphering the different sounds that each keystroke makes)
- physical evidence- used on keypads for ATMs; fingerprints on the keys are used to decrypt the pin. finding the four numbers a passcode would reduce the possibility of finding the passcode from 10,000 to 24.
HOW DO YOU KNOW IF YOU’RE BEING KEYLOGGED?
Anti keyloggers is a program created to detect keylogging software on your computer. It compares files from a database of keyloggers to look for similarities which might signal the presence of a keylogger.
- Ways to avoid getting keylogged include: using one-time passwords, on-screen keyboards, automatic form-filler programs, macro recorders, speech recognition, etc.
- Students in a US school used hardware keylogging to change their grades
- An email-based attack targeted employees from companies by claiming their bank transactions had errors.
A hacker would seek to make a network service or machine unavailable by flooding severs with superfluous requests to overwhelm the system. It essentially blocks a group of people of entering a website or program because the server would be down.
DISTRIBUTED DENIAL-OF-SERVICE ATTACK
Attacks the victim using different sources making it impossible to stop the attack by blocking one source.
HOW DO YOU KNOW IF YOU’RE BEING ATTACKED?
- unusually slow network connection
- a generous increase of spam emails
- inability to access any website
WAYS TO DEFEND:
- Contact your ISP provider
- use firewalls and routers
- 24,000 computers located in over 30 countries in a botnet attempted a DDOS attack on at least five Russian banks.
- Several organizations associated with the Rio Olympics suffered DDOS attacks that lasted several months starting in September 2015.