PCS Digital Awareness Series. Stay Cyber Safe: The Hacker’s arsenal and how to avoid falling victimPosted on June 12, 2018
What tools do Hackers use to carry out Cybercrime?
You may read a lot in the news about “Hackers”. But the articles rarely touch upon what hackers actually do. In this article we go through what weapons hackers use and how to defend from them.
A botnet is the name of a group of connected computers, used to carry out a repetitive task. They’re not necessarily bad, they are only a threat when used for cybercrime.
A hacker will use a botnet to crawl the internet for insecure computers and will then install malware which connects an unsecure computer to the botnet. Once this is complete, the hacker will have complete control of your computer.
Once the botnet has gained access to your computer, it may use it to send millions of spam emails, generate fake internet traffic or even carry out DDoS (distributed denial-of-service) attacks which can take down websites.
A Trojan Horse is a type of malicious program that misleads the user with the regard to the program’s true intent. The name is taken from the Greek story of the wooden horse that was presented as a gift but was a means to infiltrate the city of Troy.
Trojan Horses are a method often employed by cybercriminals, although they can be utilized by government security agencies as well.
For example, Tiny Banker Trojan is a piece of software that was found in thousands of computers in Turkey. It had the potential to steal bank details, including passwords, and could even trick the user into making a bank transfer into a different account than intended.
The best way to avoid Trojan Horses is to only open files from reliable sources, make sure you do a virus scan often. Make sure your browser is updated, as some older browsers allow Trojan Horses to browse the internet by proxy (for malicious reasons).
Ransomware is a type of malware that uses some sort of leverage, for example publishing a user’s private data or locking access to a computer, to convince the user to pay the ransom.
WannaCry is a particularly infamous ransomware attack that had a global impact. It spread through the servers of connected computers, locking the computers and demand a ransom of $300 One of the most significant impacts was on National Health Service hospitals. Lives were put at risk because the entire computing system of the NHS was compromised. Ambulances were diverted, and GP surgeries were disrupted.
Ransomware can be avoided by ensuring that your operating system is updated – Windows XP is particularly vulnerable to malware – and running regular virus scans. If you are targeted by ransomware, do not pay the ransom, as often it does not save your data and it encourages the hackers to continue.
Phishing is when cybercriminals attempt to gather sensitive data – such as usernames, passwords and bank card details. One of the most frequent methods of phishing is email spoofing, you’ve most likely encountered this before. For example, it may appear to be an email from PayPal or your bank, asking for card details. Of course, you should never send any important information online.
Another type of phishing is link manipulation or spoofing. This includes the hacker creating a website that purposefully misspells the website, so if a user mistypes the URL they will connect to the false website, possibly entering secure details and allowing the hacker to access their bank account.
The easiest way to avoid phishing is to make sure any website you use is secure, as we discussed in the previous article. Additionally, check that any emails from your bank or from payment services are using a genuine email. To be safe, simply never send sensitive information online, or use two-factor authentication.
A keylogger is pretty much what as it sounds. It can be hardware or software-based and is usually installed with the user knowing, that records the keys pressed on the keyboard.
This means that if you were to type crucial information, bank details, for example, the hacker would have access to them. It can even be installed on smartphones.
A keylogger can be installed manually, normally in the form of a USB adaptor, or can be downloaded unintentionally in the form of malware.
To protect yourself from keyloggers, you should never enter any important information on public computers that are compromised. At home, regularly run a virus scan and never download anything if you do not trust the source.
PCS can help
Here at PCS, we specialise in creating bespoke websites tailored to the individual needs of each OPCC. Our in-house specialist team of designers and developers code each website by hand, ensuring your website offers the best in quality and cyber security for both your department and visitors browsing your website.
Why not contact us today to discuss your requirements and book a no-obligation website demonstration? Call today on 01926 298999 or alternatively use our online questionnaire system: http://publicsector.agency/service/websites-branding/