Z is for …

Zero Day

The time taken between a vulnerability existing and a patch being released to fix it can be several weeks, months or even years. An exploit written to take advantage of this gap is known as a Zero Day.

The bad guys are particularly interested in carrying out attacks against systems with vulnerabilities but no patches, for obvious reasons: it’s very difficult to defend agaisnt them.

Depending on the level of access the zero day can provide, or the damage a bad actor can cause with it, will have an effect on the value of each zero day attack on the Dark Web. Some may sell for “only” a few thousands of pounds, but some can fetch well into five figures, if not more.

A very famous attack carried out using zero days is explained in the film of the same name. It tells the story of an attempt to disrupt the Iranian nuclear programme some years ago, and is well worth watching.

Y is for …

Yottabyte

You may not be too familiar with this term, but you will be within the next year or so I think.

Disk space is measured in bytes, and each term used is a multiple of 1000 of the previous one. So we have:

  • Bytes
  • Kilobytes (1000 bytes)
  • Megabytes (1000 kB)
  • Gigabytes (1000 Mb)
  • Terabytes (1000 Gb)
  • Petabytes (1000 Tb)
  • Exabytes (1000 Pb)
  • Zettabytes (1000 Eb)
  • Yottabytes (1000 Zb)

This is a huge amount of storage. When I started in IT (in the late 80s) a 40 Mb hard drive was huge. Less than 30 years later and we’re talking about something 6 with 18 zeros (Ie 6 000 000 000 000 000 000) bigger!

Interestingly, the name comes from the Star Wars character, Yoda.

X is for …

X-rated

It’s well known that the internet hosts a wide variety of pornography sites, from the legal on the surface web to the illegal on the dark web.

But what of other adult only material, which is also x-rated and may be illegal. Sites showing gore, mutilation, torture and worse? Again, they’re split between the legal and illegal, and hosted on the surface and dark webs.

Many companies use a technology called content filtering to prevent access to this sort of material. Automated tools trawl the surface web and categorise the websites they come across. Companies block access to certain categories, to help protect their employees.

You can usually do something similar at home. Service providers often allow you to add parental controls, which prevent access to sites showing adult material. Some antimalware providers also have add-ons for web browsers which can alert on or block access to potentially adult rated material.

W is for …

Whaling

When people launching spear phishing attacks against senior members of staff, this is known as whaling (because they’re after the big fish). That’s the only real difference in the terms, though the types of attack may differ slightly.

Whales are more likely to be the target for mandate fraud, where an email purporting to be from eg the Chief Executive of an organisation goes to the Finance Director, or Finance team, asking them to make an urgent payment to a particular bank account.

White Hat

Ethical hackers, ie those who carry out lawful penetration tests with written permission from a client, are often called white hats. This is because they’re the good guys: hackers who attack without permission are black hats. The name comes from 50s and 60s films set in the Wild West, where the colour of the cowboy’s hat told you whether they were good or bad.

WiFi

Wireless connections to computers often use WiFi (rather than Bluetooth). Good practice dictates that the WiFi connections should be encrypted, using WPA2 encryption. WEP and WPA are both weak encryption prpotocols and should not be used.

Worm

A worm is a form of malware which replicates iteself in order to infect the computer it is on and any others it can find.

V is for …

VPN

A virtual private network (VPN) is a form of network connection between two points which is encrypted. This helps protect the network traffic from being intercepted by others, and helps to keep the message secure.

It’s a really good idea to use a VPN if you’re away from home eg in cafes or using other public WiFi connections. There are quite a few available, for mobile phones as well as for laptops etc, they’re quite easy to find, and there are free as well as paid for versions on the market.

Virus

A computer virus is a form of malware which can carry different payloads. Just like a virus which infects people, a computer virus is designed to infect devices by a number of different methods. Using antivirus software, and keeping the software updated, as well as regularly applying patches, is a good way of reducing the risk of infection.

Vishing

Vishing is a form of phishing which is done over the phone (voice phishing) rather than by email. It’s often used in conjunction with phishing to add credibility to the email which was sent, and to try to improve the chances of the target being successfully socially engineered.

Vulnerabilities

Almost all software has faults in it, which may take some time to discover. These faults are called vulnerabilities, and they are fixed when patches are issued.

Vulnerability scan

A vulnerability scan is similar to a penetration test, but doesn’t go into as much detail. It’s the equivalent of a burglar trying the doors and windows on a house to see if they’re open – and then not going into the house (which would be a penetration test).

All it does is identify how an application, website or other system is vulnerable, but it doesn’t tell you what you could do if you exploited the vulnerability.

T is for …

Tailgating

Tailgating is very easy to spot. It’s when you follow someone through a barrier without swiping your entry card, adding your pin number etc. You might have seen someone do this in a car park or elsewhere, following another vehicle in without paying: it’s the same principle.

Trojan

Taking its name from the Trojan Horse of ancient Greek tales, a Trojan is a form of malware in which the malicious code is hidden inside what looks like an innocuous application or other piece of code.

Two Factor Authentication / 2FA

2FA is becoming increasingly common, and is a really good idea for any accounts you may have where you have to enter bank or credit card details. Single (one) factor authentication is usually something your username and password.

With two factor, you’re normally asked either for your fingerprint (on iPhones for example), or you may be sent a code to your registered phone, which you need to enter after your password (PayPal operates like this). It’s really just an extra layer of security, based on something you know (eg your password) and something you have (a fingerprint or code from a mobile devices.

S is for …

Smishing

This is very similar in concept to phishing, but instead of email being used to deliver malicious code or links to malicious website, SMS text messages are used. The messages often look as though they’ve come from someone you know and / or trust, but they have typically been spoofed to make you think they are legitimate.

As with phishing, if you are in any doubt at all that the message has come from the person you think it has, contact them by another means eg phone them, access their website etc.

Social engineering

This is a broad term, but generally speaking it is the art of persuading someone to provide you with information, or access to something, which they shouldn’t really. It takes many forms, and just as with hacking there are people who do social engineering for good (eg red team members) and those who do it for nefarious purposes (eg con men).

Again in general terms, the good guys will only use techniques that only leave you feeling good about the experience, will not try to manipulate or coerce you into doing somehting you don’t want to. The bad guys will have no qualms about trying everything to bend you to their will.

Spam

This is the catch-all phrase used for unwanted email, much of which may contain viruses or malicious links. In many ways its the electronic version of junk mail (aka direct marketing) which most of us experience.  Over 45% of all email sent globally currently is spam, though in 2014 that figure was over 70%.

When you consider there are over 235 billion emails sent every day, it is clear this is a huge volume of spam, and it is therefore unsurprising that some of it makes it into your mailbox, irrespective of what anti-spam tools you are using.

Spear phishing

Spear phishing is a form of phishing (and whaling), and is different because the emails are directed at specific targets. Information about the target is normally found through Open Source Intelligence gathering, and an email is then crafted to take advantage of that information.

For example, if someone did some research on me and found that I was a fan of London Irish rugby and the band Coldplay, they could create an email designed specifically for me which could perhaps give me the opportunity to get 50% discount on tickets to see Coldplay or 75% off a hospitality package at the rugby. If I was a genuine fan of either I might be tempted by those offers, and might click on any link in the message or open an attachment.

Spoofing

There are software packages available which allow a person to mimic another person’s phone number, and there are also techniques which allow them to send email which looks as though it has come from someone else. This practice is called spoofing.

Imagine you have been receiving text messages from your bank, and one day you get another message (in the same message stream) which asks you to click on a link to update your details. This could be a spoofing attack. One way to check is to contact your bank by phone, in person or on their website.

Next, imagine you get an email from your boss, and it looks genuine. It may be formatted the same as your company email address, and may follow the same naming convention eg mary.brown@acme.corp, but the mail has come from outside your organisation and again it has malicious links or attachments in it. Many organisations protect against this by adding some text to the subject line of an email eg the phrase [EXT] or [external] if it has come from outside the organisation. This is a simple and obvious visual clue.

Stuxnet

Stuxnet was shrouded in secrecy but is now very well known. It was a sophisticated piece of code which targeted a specific make of industrial control system, and was used in an effort to cripple the Iranian nuclear programme. It featured a number of zero day exploits which targeted vulnerabilities in the centrifuges used in a specific power plant, causing them to spin out of control while in the control room everything looked normal. The intent was to prevent the Iranians from developing a nuclear weapons capability.

It is an infamous and ingenious piece of code. For more information, you may want to see the documentary made about it, called Zero Days.

Switch

This is a network device which helps segment a local area network into separate networks. It differs from a router in that it only knows one path from one network to another, whereas a router can search among multiple possible routes and determine the best path for network traffic to take.

 

R is for …

Red Team

Just as penetration testers try to get access to an organisation electronically, red teams try to get physical access to the organisation. They use a combination of Open Source Intelligence gathering and social engineering to get access.

These teams are typically engaged by senior management to test processes such as visitor registration, tailgating, signing in, staff challenging non-wearers of passes etc.

Remote access

As the name suggests, this is the process of providing access to systems from a remote location. For example, many people are given access to their work systems when not in the office. This uses remote access tools including VPNs and Two Factor Authentication, or a combination of multiple tools. It means you don’t physically have to be in the office to access your work systems.

RAT

A Remote Access Trojan (RAT) is a piece of malware which enables attackers to gain control of a target machine from a remote location. When attackers use phishing techniques, the first step after a link is created is often to implement a RAT. This enables an attacker to get access to the device and carry on their attack using other tools.

Router

A router is a network device which examines network traffic and forwards it to the most appropriate part of the network.

 

Q is for …

Quantum computing

You probably know by now that typical computers function by using 1s and 0s, using binary maths. The transistors in them are either off (0) or on (1), with data being held as binary digits (bits).

In quantum computing, quantum mechanics form the basis of the machine. Rather than bits and bytes, quantum computers use quantum digits (qubits). I have to confess that I don’t understand the maths involved, but the two things to bear in mind are these:

  • There are more than just 1s and 0s: qubits can be in multiple states at the same time
  • Viewing the state of a qubit changes it
  • What these mean is that quantum computers have the potential to be incredibly fast, but it’s difficult to make use of their multiple states because looking at their state changes them.
  • Some organisations eg IBM have built small prototype quantum computers, but the technology is in its infancy. It will probably be several years before this sort of processing becomes commercially available.
  • When they are finally built, processing speeds will be massively increased, which also means that existing cryptography techniques will be at risk because even brute force attacks will be able to be carried out so much faster. A new form of quantum cryptography will have to be developed and implemented.