FIT4004 Lecture 10: Week 10 Notes
Week 10 - Security Quality Assurance
Ways a system can be exploited:
●Security is different to other quality properties.
●Security of a system depends on the context in which it is used.
●Even systems with no important information on them are useful to hackers.
○Bad guy creates a fake website and registers for an ad broker that pays
per click → creates a bot that clicks the ad many times → $$$$$$
○Bad guy could upload a fake “track” to spotify and use hacked computers
to listen → $$$$$
●Personal information is valuable, and a well-developed criminal marketplace
exists to steal and exploit it.
○Ransomware - malicious software encrypts all the files on your system
and you need to pay $$$ to get the key to decrypt
○Things like ebay accounts with lots of transactions are valuable because
they can make scams more credible
●Corporate information can be even more valuable in the right (wrong) hands.
●Hackers work for a variety of reasons, including notoriety, financial, and
●political/ideological reasons.
●Security breaches can have serious financial and personal consequences, so
getting security right is important.
How do hackers exploit system?
●Pushing through unlocked doors
●Social engineering
●Physical infrastructure
●Unsecured passwords, password is "1...2...3...4...5"
●Buffer overflows and their variants
●Command injection, Cross-site scripting (XSS), Cryptanalysis
Pushing through unlocked doors
●In many cases, systems are left unsecured with no restrictions on access. Eg.:
○Webcams
■Websites like insecam.org or Shodan where you can see a list of
publicly viewable cameras.
●Might not always be a big deal - watching japanese cows in
a paddock (ok) but in some cases, eg watching people get
intoxicated at a bar (not ok)
○Wifi routers
■Routers where passwords haven’t been changed from their
defaults → free wifi networks for bad guys to do their hacking
through
Social Engineering
Social engineering: All "non-technical" measures for gaining unauthorised access to an IT
system. Basic example:
●Email where scammers promise a large gain in return for a small advance fee to
fuel the transaction
●Install malware on USB then leave it lying around for an unsuspecting individual
to plug in and BAM bad guys are in.
More advanced techniques:
●Phishing: contacting users (usually through email) and requesting authentication
details
○Eg. User is sent an email from a bank, informing them that because of a
problem, they have to re-enter their username and password.
→ user is taken to a mock website that looks just like the banks and voila
your money is GONE
●Spear-phishing: more targeted version of phishing. Aimed at fewer people and
will often contain personal information in the email making it more credible.
○Eg. Email might come from somebody known in the IT department
requesting a password change
○Using spear-phishing techniques to target high-ranking individuals known
as whaling
Physical infrastructure
Gaining physical access to devices on which material is located. Examples:
●Hacker taking hard drives out of the servers you took to the recycling center
●Hacker taking the employee’s laptop which has work files and login credentials
saved on browser cache
Can’t really protect against these types of risks other than through educating humans to
not leave their equipment lying around.
Password is "1...2...3...4...5"
Easily guessable passwords are quite common.
●Eg. EFTPOS terminals in germany use widely known default passcodes →
attackers can buy a machine, set it the id to the business, then refund to a credit
card using the machine
Buffer overflows and their variants
When memory allocation is not properly handled and can be exploited. Exploiting buffer
overflow required detailed understanding of assembly code. Example:
●Back in the day, you could overwrite the stack with executable code, and change
where the function returns to when it finishes executing so that it runs your
malicious code
Command injection
A vulnerability that can easily be introduced in web applications written in interpreted
languages. Example:
In the above example, typing echo “You’ve been pwnd, sux0r” is an easy way to
manipulate the program to do what you want.
SQL Injection
Document Summary
Security is different to other quality properties. Security of a system depends on the context in which it is used. Even systems with no important information on them are useful to hackers. Bad guy creates a fake website and registers for an ad broker that pays per click creates a bot that clicks the ad many times 102441024410244 Bad guy could upload a fake (cid:522)track(cid:523) to spotify and use hacked computers to listen 1024410244$ Personal information is valuable, and a well-developed criminal marketplace exists to steal and exploit it. Ransomware - malicious software encrypts all the files on your system and you need to pay 10244$ to get the key to decrypt. Things like ebay accounts with lots of transactions are valuable because they can make scams more credible. Corporate information can be even more valuable in the right wrong) hands. Hackers work for a variety of reasons, including notoriety, financial, and.