Cyberattacks/ Unethical Hacking

most of us would know about the term ‘hacking’. when we think about hacking, the first thing that usually comes to mind would be exploiting breaching defences and gaining unauthorized access to a system. they would then use that power to gain profit, introduce Trojan or similar malware into cybersecurity network.

But actually, there are different types of hacking and hackers. there is good hacking that is used to prevent and secure companies and find vulnerabilities and weaknesses to patch them up, which is done legally under speculation and authorization. there are also different types of hackers with different intentions. white hat hackers and black hat hackers have been mentioned above, and the white does ethical hacking while the black has malicious intent. another hat hacker is the grey hat, which is in between white and black.

Usually, grey-hat hackers surf the net and hack into computer systems to notify the administrator or the owner that their system/network contains one or more vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked, offering to correct the defect for a nominal fee.

common types of cyberattacks

1.phising attacks on servers

phishing attacks may impersonate other users, and send fraudulent links or trick people into revealing their usernames and passwords with phishing messages, and they can be sent by email, text or other channels. or if a site is hacked and the hackers gain access and control of the site, then they might be able to steal all the data and credentials on the website.

2.different types of attacks(unethical hacks)

DDOS attack(denial of service attack)

-this attack sends and floods a system resources with false traffic so that it cannot respond to service requests. it launches from a large number of other hosts machines that are infected with malicious software which is controlled by the attacker.

a DDOS attack sends heavy and false traffic through the internet to the victims

-cookie theft

Cookies, which are stored on websites caches or on your system when you visit certain websites, holds a wealth of information about you, passwords, creditentials, and personal and finanical data.

once stolen, cookies may be decrypted to reveal your information, or to impersonate you online.

Avoiding public networks or unprotected networks with security lesser than WPA2 is your safest bet, and using a VPN(virtual private network) to encrpyt and tunnel the connection on your phone or mobile device is also advised, and you should also clear the browser and system caches in your history, block third party cookies, so that you will have less cookies to steal.

-MITM(man in the middle attack)

unsecured network connections are exposed to this tactic, and it involves intercepting data stream between the sender and recipient. They are then able to read or modify the data being passed through the proxy connection.

th objective may be to eavesdrop and record a confidential transmission such as an exchange of login/ financial credentials, or the attacker may want to disrupt the flow of traffic by sending malicious malware to both of the systems.

tips to avoid MITM or cookie theft:

  • use a reliable and escure VPN
  • avoid the use of free Wi-fi hotspots
  • avoid going to insecure websites, malicious websites
  • avoid using apps from untrusted sources

-Trojan horse

a trojan horse is a type of malware often disguised as legitimate software. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems. a trojan horse acts like a legit application or file to deceive you to loading and executing the malware on your device.

trojan attacks can be from emails, downloads, mails, messages

once downloaded or installed, it can perform the action it was designed for. for example, when you open an email from someone, you might think its from a reowned company or someone you know, but the file you opened has gone to install malware unknowingly on your device.

-drive-by attack

in a drive-by attack, hackers look for insecure websites and plant malicious scripts into HTTP or PHP code on the pages. When the victim visits the website,, the script may install malware directly onto the computer of someone on the site, or it redirects them to a site controlled by the hackers. apps, operating systems or web browser that has security flaws or unsuccessful updates are more vulnerable to these attacks.

Solutions and how to stay safe from cyberattacks

1.avoid opening suspicious emails, suspicious files or links

if you receive an email or message telling you that you have won the lottery, or you can receive a free gift, do not open the email or attachment. as mentioned above, these emails may look like they are from a renowned company or someone you know, but they are malicious and fraudulent and it could be a phishing attack or the file could be a trojan horse.

example of a phishing email

2.download all software from authentic sources, avoid downloading files from torrent sites

when downloading applications, plugins, files, try your best to download them from the original sites or authentic sites. fishy and torrent websites may not be up to date and hackers may be able to run a drive-by attack, MITM attack, or cookie theft. and it’s also best to try not to download paid apps from third-party software, such as trying to download Minecraft for free on fraudulent or third-party websites.

3.go incognito mode when on third-party computers(or computers that aren’t yours)

if you are using a shared computer or other’s people computer, you should go incognito mode so that your browsing history, cookies, user credentials would not be saved when another person comes to use it, as Google Chrome tends to save your credentials, cookies when you browse in a normal window.

4.use a good anti-virus software, and a good VPN

antivirus software can provide protection agaiinst viruses, malware, internet threats. and each time a usb stick is inserted into a computer, make sure to scan it. turn on the safe browsing feature of anti-virus to prevent yourself from accidentally browsing malicious sites.

you may also want to use a vpn to hide your ip address, access geographically blocked websites, change your ip address to and appear as though you’re in a different country.

some good vpns that i recommend

5.Do not re-use passwords on important accounts

Ensure that your passwords are different for emails, credentials, and logins. That way, if hackers manage to crack your password for one account, they only can get access to that account, and the others will still be secure. Try to change your passwords regularly to make it tougher for hackers to crack your password, and use 2 factor-authentication(or 2 step verification) whenever possible.

summary and points

Conclusion

As the internet advances with higher technology, it becomes vaster, and more cybercriminals are looking to steal the information on the internet. Hence, we need to stay safe when browsing and ensure that we help to do our part to protect ourselves and others to make the internet a trustworthy place for everyone to work, study, and play.

credits:

https://medium.com/all-technology-feeds/10-ways-to-stay-safe-from-cyber-attacks-6449219ceb54

https://whatismyipaddress.com/hacking-basics

https://blog.finjan.com/9-common-hacking-techniques-and-how-to-deal-with-them/

Tagged : / /

Internet safety/Cybersecurity

What is Internet Safety/Cybersecurity?

In simple terms, internet safety is defined as staying safe on the internet and protecting yourself from cyber threats or cyber harms. Cyber threats and cyber harms usually consist of protecting your personal information, protecting your identity on the internet, and unsafe communications or people that may even affect your well-being or health.

What are the risks and dangers on the internet?

The internet can be an unforgiving and treacherous place if we do not use it responsibly. Aside from the obvious risks such as grooming, cyberbullying, and scams, there are many others that are harder to spot and might be more convincing. given that now in this digital world, everyone has the ability to post whatever and do whatever they desire on the internet. Many turn to the internet instead as they remain anonymous and they are able to escape into an online world.

Here are some of the more common internet threats:

  • cyberbullying: this is basically bullying, but it takes place on the internet and on social media platforms instead.
  • scams/phishing: misleading or untruthful websites that get you to give out your private or personal information for a reason
  • grooming/cyber predators: pedophiles or sex offenders slowly manipulate you until you can be victimized and they gain your trust
  • oversharing private information on social media:this means that you share too much about personal information on the internet(such as where you live, the school you go to,e.t.c)
  • downloading dangerous malware/files:this is when you download either files or applications that contain viruses and can affect your computer

although i will not go in-depth into all of the internet threats, I want to share my experience on cyberbullying/grooming. this will be an example of how cyberbullying/grooming is like.

Blue Whale Challenge(My personal experience)

I was browsing on social media platforms when i suddenly got a message and a friend request from someone called “Jonathon Gallindo.”When i opened up the message, the person was asking me to play a game. Curious, i decided to continue to talk to him even though his profile picture and name were suspicious. When he asked me to play the “Blue Whale Challenge”,i decided to look it up on the web since i had never heard of it before.

I was shocked to find out that it was not an actual game meant for entertainment, but the objective of this game was to target young children and teenagers and make them commit suicide. It was named the blue whale challenge, as blue whales usually strand themselves at the beach or shore to die. Basically, the curator gives you 50 tasks to do over 50 days, and these are NOT normal tasks or even a game. They involve manipulating the victim slowly from a normal person to a depressed and suicidal one. The tasks include using a knife to make a cut in the victim’s arm, waking up at wee hours of the morning, or watching horror movies.

But why follow the curator’s tasks and instructions? Well, if the victim does not follow what the curator instructs him or her to do, they will post highly sensitive personal information on the internet, or threaten the victim that he will kill their family or kill the victim. And this leads me back to my point on why oversharing isn’t exactly the best idea.

New age of bullying,Trolling, Grooming, and Criminal Activity

many of us do not see the dark side of the internet, and all of the dangerous threats, risks, and dangers out there. The good news is, the criminal behind this has already been arrested and sentenced to prison. However, there are many impersonators of him still looking for children to cause harm.

How to be safe on the internet(Dos and Donts)

So, here are the solutions to those cyber threats and dangers.I mentioned a couple of points before stating some of the dangers and threats of using the internet.

1.Cyberbullying

Now, many teenagers and children do not know how to respond or react whenever they are being cyberbullied. i want to share some tips and what you should and should not do when you are being cyberbullied online.

1.Never or try not to respond or retaliate. In most cases, your response is what the aggresors are trying to achieve. Eventually, it will escalate and this will affect your mental health, and you may keep trying to retaliate at the suspect, which may eventually also turn you into a cyberbully.

2.Ignore or block and report the posts/aggresors. IF they keep spamming or try to get you to respond, or post something that may shame/aggravate you, just leave them alone and block or report them.
3. Like I mentioned before, never share your personal accounts/ passwords with anyone you don’t know online or even in real life. Someone could use your accounts to impersonate you and do something negative on your account- and this could lead you to be the one responsible for it.

4. Lastly, you want to report the incident to a trusted adult or your teacher.Save the evidence of the suspect cyberbullying as proof. They will know better on what to do and eventually will find the person responsible for this.

2.Scams/Phising( tries to obtain your personal banking/credit information)

Before we know how to protect ourselves against scams or phising attempts, we need to know how to recognise them first.

Phishing is basically disguising a website or an email as a legitimate letter to the victim, and the purpose of this message is to get the victim to click on the attachment so they can enter their personal banking details. Why should the victim follow up with this? Well, for example, they threaten the victim with a specific time limit to make them more anxious to get it done faster. Here is an example of a phishing scam.

The purpose of this email is to lead you into entering your personal details for a reason. Therefore, do not follow the instructions, and to avoid these phishing scams, always check the credibility of the website before proceeding to follow the instructions. There will also be no time limit for these types of cancellations for accounts, so it is likely that this is a scam or a phishing email. So in summary, when you get these types of emails, think logically and check the source, and if it sounds too true or exaggerated to be true, don’t follow what they say.

3.grooming/ oversharing on social media

I will talk about both points here as they are similar and oversharing usually leads to predators/pedophiles messaging you and then after you are groomed and victimized.

So first of all, how do we avoid or prevent ourselves from oversharing?

  1. Do not create too many accounts on many social media platforms
  2. DO not post or share about personal details( your location, the school you go to, your number, e.g)
  3. Try not to share too much about your life( keep yourself anonymous on social media)
  4. Turn your settings to only allow your friends to see your posts
  5. Be wary of who you talk to/ accept friend request to
  6. NEVER give out any personal details/ location to anyone you don’t know in person online(you never know who they may be)
  7. Use a VPN(Virtual Private Network) which will protect your IP address and this will protect you from hackers and scammers on social media

Conclusion

And with that, I conclude my blog today with the solutions and what you can do when you face these threats or dangers. The internet may be convenient and helpful for many, but we need to stay aware and avoid or prevent falling into these threats while we are browsing. I hope that you have learnt the dangers and threats on the internet today, and also know how to protect yourself and keep yourself safe on the internet. Let’s all use the internet responsibly and safely.

Tagged : /