9.2: Cyber Attacks
SQL (Structured Query Language) is a programming language used for manipulating data in databases.
A SQL injection is when a malicious SQL query (command) is entered into a data input box on a website.
If the website is insecure then the SQL query can trick the website into giving unauthorised access to the website’s database.
An SQL injection can be used to view and edit the contents of a database or even gain administrator privileges.
' or 1 = 1
A DoS (Denial of Service) attack is when a computer repeatedly sends requests to a server to overload the system. A server overload will slow the system and may take websites offline temporarily.
A DDoS (Distributed Denial of Service) attack is a coordinated attack using a botnet of infected systems to overload a server with requests. A botnet is a large group of devices controlled and used maliciously by an attacker.
Aside from guessing, hackers use two common methods to break a password:
This uses a file containing every word in the dictionary and cycles through them all. This method is relatively easy to program but will only break the simplest passwords.
Brute Force Attack
Every possible combination is tested in order from start to finish. This is not a quick method but it should break the password eventually and can be sped up if multiple computer systems are used at the same time.
IP Address Spoofing
An attacker changes the IP address of a legitimate host so any visitors to the URL are instead taken to a spoofed (fake) web page.
This web page is used to record any inputted data (such as usernames and passwords) and send it back to the attacker. The spoofed web page can also be used to install malware.
Buffer Overflow Attack
A buffer is a temporary storage location.
A buffer overflow attack causes a program to try to store more data in a buffer than it can hold which can lead to adjacent memory locations being overwritten.
An attacker can use the buffer overflow to insert malicious code to change data or steal confidential data.
The biggest weakness in online security is often not the systems in place but carelessness or mistakes made by humans.
Social engineering means to trick others into revealing their personal data by posing as a trusted source. For example, impersonating an IT technician via email and asking to send a username and password.
Humans can accidentally compromise data by downloading malicious files or being unsafe online, like using the same password for multiple different accounts.
Attackers can access unauthorised information in person by shoulder surfing and watching them as they enter sensitive data such as a PIN or password.
9.2 - Cyber Attacks:
1. Describe what an SQL injection is and how an attacker would use it. 
2a. Describe what a DoS attack is and its impact. 
2b. Describe how a DDoS attack is different to a DoS attack. 
3. Describe the two main types of password-based attacks. 
4. Describe IP spoofing and its purpose. 
5. Explain how a buffer overflow attack works and why an attacker would use it. 
6. Describe three ways that human weakness may lead to data loss or corruption.