Security Fundamentals

Individual & Organisational Response to Attacks

Now what do I do?

Knowing that you've hacked, is all very well, but it's only half the problem. The next step is knowing what to do to restore your system's security and recover any stolen money.

The next section looks at any legal protection you might have.

Unwanted Toolbars

1. Unwanted browser toolbars

Today's browsers provide options that allow users to choose which toolbars they want to make active, so when these unwanted toolbars appear:-

  • Remove it from within the 'plug-ins', 'extensions' options.
  • Uninstall unrecognised programs in the program list.
  • As a last resort, if all else fails, reset the browser back to its default settings. - not ideal, as all your plug-ins and extensions will have to be re-installed.

Minimise the chances of unwanted toolbars appearing by keeping the browser up to date and reading license agreements carefully before installing software.

2. Redirected internet searches

This can be unbelievably and disproportionately annoying, especially when you're expecting results from your favourite search engine. This often happens in conjunction with the appearance of unwanted toolbars, when the software hijacks your chosen search engine.

The solution is the same as getting rid of unwanted toolbars with the addition re-selecting your preferred search engine in the options/settings list.

Redirected Searches
Fake Warning

3. Fake virus warnings or security alerts

You need to know what legitimate warning from anti-virus program looks like, so you can recognise a 'fake' one when it appears. As soon as it does so:-

  1. Switch off the device as soon as possible.
  2. Start the device in Safe Mode, No Networking.
  3. Attempt to uninstall the software or restore the system to a previous unaffected state.
  4. Restart the device as normal and see that the fake anti-virus warnings are gone.
  5. Finally do a full virus scan to find and remove anything left behind.

4. Increased number of Random Pop-ups

Getting repeated pop-ups on sites that you don't normally get them is annoying and is generally accompanied by unwanted toolbars, redirected searches and the installation of unwanted software.

The first step involves removing the bogus toolbars, the redirected searches and the unwanted software. If this doesn't solve the problem, there a number of free adware removal programs available. But be careful and do your research. Installing free programs, is probably how the problem started in the first place and check your license agreement.

Random pop ups
Failed Log In

5. Online Passwords change without warning

This is a serious breach of security and can go undiscovered for a long period of time, especially if you don't use the affected services on a regular basis. Sometimes the breach goes unrecognised because the user assumes that its a case of forgotten password. But once discovered:-

  1. Notify all your contacts to limit the damage.
  2. Inform the online service of your compromised account. Experienced services can quickly restore control to your account. A few have even automated the system with 'My friend’s been hacked!' button which starts the process.
  3. If you've used the same password on other accounts changes those ASAP.
  4. Take extreme care clicking on links in emails. The only exception should be from sites where you've clicked on the 'forgot password' link.

Finally as a bit of extra security consider just using sites that offer two factor authentication.

6. Unexpected Software installs

A bit troublesome to track-down, but help is at hand. There are many free software programs available that will reveal all installed programs, where they are located, their associated dependencies and when they start.

These programs allows you to selectively and systematically disable them. By rebooting the device each time allows you to check if the problem is solved and you haven't suffered a loss of functionality. Then it's matter of repeating as necessary until the problem is solved.

Software Installs

7. Mouse moves independently

If your device comes alive and the mouse is observed flicking about do:-

  1. Take a moment to see what the hacker is interested in. Try to take some photo's as documentary evidence of hacker at work.
  2. Switch the device off and disconnect it from the network.
  3. Cae experts in an effort to track back to the hacker who has remote control of your device.
  4. ll in th
  5. Use a known good computer to change all user-names and passwords.
  6. Notify banks and monitor your financial transactions.
  7. Notify the police which you will have to do, if you've suffered a financial loss in order to stand a chance of recovering lost money.
  8. A clean restore is the only solution at the end, but a copy of the system will have to be retained for forensic investigation.

8. Contact from suppliers concerning non-payment

The effects from this type of attack can have far reaching consequences that go far beyond the inconvenience of re-building your computer. It can affect your reputation with credit agencies and can prevent you from obtaining credit to buying cars to houses.

  1. Consider how your account was compromised and follow the recommended steps
  2. Change all user-names and passwords for all accounts, not just the responsible.
  3. Contact the police to begin an official investigation.
  4. Monitor your bank account and credit history very carefully.
  5. Follow all advice given by police, creditors and credit rating agencies.

9. Bank account missing money

The good news:If you've used a credit card, then most banks will replace the stolen money. Just make sure they are notified at the earliest opportunity, then they may be able to stop the current transaction and prevent any future ones.

The bad news: There's been some cases where courts have decided that its the owners responsibility to make sure that they are not hacked and so should bear the loss. In these situations its down to the goodwill of the financial institution whether they will replace the stolen money.

To reduce the risk:-

  1. In your account, turn on transaction alerts. These are automatically trigger text alerts to you when something unusual is happening.
  2. Set thresholds on transaction amounts. Then you'll get alerted if the threshold is exceeded or the money is transferred to a foreign country.

One problem exists though, when the hackers are in the account stealing all your money, they frequently reset the alerts and other settings. So make sure the bank or financial institution alerts you anytime your contact information or alerting choices are changed.

10. Vital security software is immobilised

An ideal solution is to perform a complete 'restore' of your system, to return it to the factory settings. This is because you don't know exactly happened and discovering what's been changed is like hunting for a needle in haystack.

This problem here, is that all your software needs to be re-installed and all your personal settings recreated: a major piece of work in itself.

A tempting alternative is to research possible causes on the internet and look for methods to restore your lost functionality and restarting your device in safe mode to investigate whether it has worked. This is a trial error approach that can take equally as long as a full restore, but you could be lucky and it might work on the first attempt. It's impossible to know in advance.

Placeholder image
Tasks
Content for Accordion Panel 1
Placeholder image
Content for Accordion Panel 2
Content for Accordion Panel 3
You should be able to:-
  • Make the distinction between Data and Information.
  • Provide examples of where data becomes information.
  • Provide examples of personal data.

If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.

Cyber Security

  • Security Fundamentals
  • Data Security
  • Digital Forensics
  • Ethical Hacking
Supporting courses by the SQA Logo
css badge
html badgee