Security Fundamentals

Common Vulnerabilities

Leaving the door open ...

With growing cyber-crime, keeping digital devices secure is becoming increasing important. But users don't appear to be taking their cyber hygiene seriously.

Numerous surveys reveal that hackers take advantage of a number of common vulnerabilities in digital devices to attack and gain access to data and personal information. Many of these vulnerabilities are the result of lack of awareness or knowledge of owners as to what they can do to increase their security and how hackers work.

vulnerabilities
weak password

Believe it or not, people still use password as their password!

1. Missing, default or weak Passwords

Users forget to set passwords or pin (personal identification numbers) to authenticate users to that hackers can gain direct entry to the device.

It's also quite common for users to keep to the default passwords that come with the device. If it's a password its often 'password' or 'admin'. Default pin numbers are often left at 1234 or 0000.

Users sometimes use obvious passwords, their pet's names, favourite football team, the name of someone in their family etc. These can be easy to guess, especially if you are known by a hacker

2. Lack of care entering or recording passwords

Allowing yourself to be overlooked when entering passwords or pin numbers, what they call 'shoulder surfing', is perhaps the easiest way for hackers to gain access to data and personal information.

Leaving passwords written down close to devices is another common way of compromising security. Sometimes on a sticky note stuck to the computer monitor. Or on the inside of a drawer or shelf.

Placeholder image

Writing down and leaving passwords nearby!

log-in dialog

Using static log in procedures

3. Weak Authentication Procedure

Authentication is the procedure by which users log into devices to prove to the device that they are, who they say they are. Mostly authentication involves users entering a user-name or email address. These two separate pieces of information are compared to a database and if they match, then the user is authenticated and allowed access.

This type of authentication is vulnerable to brute force attacks and eavesdropping. Two factor authentication offers a much higher level of security, especially in the exchange of financial or sensitive information. Two factor authentication requires an additional step to the typical user-name/password combination. Users might be asked to verify themselves through an additional email, respond by entering a separate pin or code number which is sent to you by text message or asked to enter specific letters from a secret phrase.

The key feature in the two factor authentication process is that its dynamic. It's different each time you log in to authenticate yourself.

4. Leaving wireless networks unsecured

Failing to encrypt wireless networks or leaving modem/router passwords with their default passwords creates a major gap in security. All data transmitted over an 'open' network can be intercepted.

Open networks are often detected by 'war-driving' or war walking around areas with scanners to pick up open networks. Maps of network connections can be made, revealing their network names, whether they are secure, their IP addresses and the type of security used

wifi scanning

Scanning for open WiFi networks

old operating system

A very old version of Windows

5. Failing to update the operating system

Users rarely update their operating system missing out on all the security patches and updates that are regularly released.

Operating systems, the program which make digital devices useful are incredibly complicated pieces of software. People are always finding bugs and loopholes in operating systems, especially as new hacking software and techniques develop to exploit these gaps in security.

6. Using 'old' or out of date software

Older software frequently contain loopholes in security which haven't been blocked through updates or security patches. They can also send information across networks without the user being aware of it.

Old Software
windows defender warning

7. Failure to activate security software

Users either fail to activate or install security software because they are unaware of the risks or because it slows their device down or shortens their battery life.

8. Failure to limit internet connections

Computer devices connect to other devices and the internet through communications ports. Without control of these ports through the use of a 'firewall' gateways are left for possible intruders.

open ports
computer tampering

Tampering describes changing the hardware or more likely hacking the software.

9. Tampering ('jail-breaking' or 'rooting')

Users make unauthorised changes to their devices perhaps to user different carriers, adapt the operating system or to permit the installation of 'cheaper' software.

10. The User

No matter what software or hardware controls are in place, no system can be 100% secure. Because at the heart of it, is the user and all users make mistakes, get tired, forget things, mislay passwords, get fed-up, get angry: all the usual emotions that make us human and vulnerable to exploitation

Exploiting users or psychologically manipulating users to let hackers gain entry is called social engineering. Specific methods of social engineering are covered in the following page but nearly all appeal to the following categories described by the acronym MICE.

Coincidentally by using methods that fall into one or more the following categories, is the same approach used to recruit hacktivists to a cause or to persuade someone to be a spy.

  • Money. Appeal to someone's greed and give them money in exchange for passwords or other information that would be useful for gaining access.
  • Ideology. Appeal to someone's political belief and show that they would helping themselves and you by providing information.
  • Compulsion. Use threats and blackmail to force them to do what you want to do.
  • Ego. Appeal to someone's vanity and idea of them-self by pointing out how important they are, how they know things others don't and the secret power they have.
weakest link
Tasks
1. The last kind words
  1. In your notebook, in the section called Security Fundamentals, add a new page called Vulnerabilities, create a list of top ten vulnerabilities.
  2. Now its time to checkout passwords:-
    1. People are reluctant to change their passwords. Go to 500 Worst Passwords. See if any of your passwords are in the list.
    2. Time to checkout your password strength. Go to Password Meter. Try out your passwords. Which was strongest and which was weakest?
    3. Under a heading Strong Password Rules, create a short list of rules to follow to create strong passwords.
2. Getting Password Lists

One way of gaining entry is to try 'words' from a list as a possible passwords. The longer the list of words, the more likely the correct password is likely to lie in the list. This kind of attack is called a dictionary or brute force attack, where a hacking program just continue to work through a list of words until the correct password is found.

Believe or not people go around building up word-lists for password hacker programs. Some even make lists of word-lists. These lists can be off different sizes. Shorter lists take less time to work through than long ones and hackers will often use shorter ones first

We are going to get ready for doing some hacking later by grabbing some word lists.

  1. In your network folder. Create a folder called Password Lists
  2. Complete a search for password lists in your browser just to see how many hits you get.
  3. Go to Top 100,000 Passwords. Wait a bit, it is after 100,000 words
    1. Scroll down the list a short bit. You will notice its mostly recognisable words
    2. Save the file by right clicking, choose Save as .... Navigate to your folder and click save.
  4. Go to DazzlePod. Com.
    1. A text file will open a 'word' list. Scroll down and you notice its mostly symbols and then numbers.
    2. Save this word list in your password lists folder. Right click in the browser window choose Save as ..., navigate to your folder click save.
    3. To make the file useful, comments have to be delete from the start. In the Password Lists, right click on the file icon, choose Edit with Notepad++. Highlight all lines from 1-16 beginning with the # symbol. Delete and save the file. Close Notepad and the file is ready for use.
  5. For contrast go to WeakPass.com Make a note of this link in your notebook. This a list of password lists. Nice to have.

There are larger lists Crack Station has a password list containing almost 1.5 Billion words. It's a 15Gb file so it's not something you want to download on a whim.

Wardriving Drilldown

How can you not like a subject that includes descriptive actions like Wardriving?

Wardriving reveals Wifi routers in a neighbourhood, like the one opposite. It shows the WiFi service set identifier (SSID) - the WiFi network name. It is possible to drill down to discover the security protocols used, channels and the number of clients: all useful information in hacking the network.

  1. Look at several of the War Driving Examples
  2. Copy some of the images to your notebook.
Warmap
You should be able to:-
  • Provide examples of common vulnerabilities left in digital devices suitable for a hacker to exploit.
  • Understand that the weakest link in any system, is the user. They're the ones that forget to change passwords, fail keep systems up-to date or choose appropriate settings.
  • Understand the acronym MICE and how it could be used to manipulate users into revealing information that would allow hackers into systems.

If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.

Cyber Security

  • Security Fundamentals
  • Data Security
  • Digital Forensics
  • Ethical Hacking
Supporting courses by the SQA Logo
css badge
html badgee