What to expect
The topic of network security, from the first internet “worm” to sophisticated state-sponsored cyberattacks and everything in between.
When Mary Queen of Scots plotted with Babington to assassinate her sister Queen Elizabeth I she replaced letters and common words with symbols in her messages to him (see Figure 10.2). Sadly for her the Queen’s cryptanalyst (code-breaker) Walsingham knew about frequency analysis and was able to decipher the messages. Despite a distraught Mary proclaiming, “I would never make shipwreck of my soul by conspiring the destruction of my dearest sister”, the decrypted messages and Babington’s confession ensured a guilty verdict and Mary paid the ultimate price in 1587.
Keeping secrets is as old as writing messages. Caesar is said to have encrypted his messages by shifting each letter down the alphabet by a known shift key. The recipient would reverse the operation, only needing to know the key. An encryption method that changes each letter for another letter or symbol is called a substitution cipher and these are easily broken by frequency analysis first documented by Persian scholar Al-Kindi (circa 801-873).
More elaborate encryption methods were invented in the 20th century. The Nazis used electromechanical machines called Enigma and Lorenz which were broken by expert mathematicians working with machines and early computers at UK’s Bletchley Park code-breaking centre. Modern encryption uses mathematical methods to ensure that computers cannot brute-force the key.
Before the internet came the telephone network, and students wishing to place free long-distance calls in the 1970s developed phone-hacking techniques called phreaking. The “ph” prefix persists today in terms like phishing (deceptive emails) and pharming (redirecting web requests to a malicious site).
Passwords are the most common means of authentication, but a weak password can easily be brute-forced by trying all possible combinations. Passwords can be guessed or spotted while shoulder-surfing. A second layer of protection is added by two-factor authentication or 2FA. Typically, 2FA requires a code delivered by text message or a biometric indicator such as fingerprint or face recognition.
Attacks on the network include distributed denial of service (DDoS) and hacking attempts. Firewalls at the network perimeter will keep out unwanted network traffic, and websites should be hardened against SQL Injection attacks.
Malicious software rose to prominence in the 1990s. Malware consists of viruses, trojans and worms. Anti-virus software can protect against malware, but other security measures such as patching software, firewalls and user training are vital.
Social Engineering is often called “hacking the human” and includes phishing, pretexting and shoulder-surfing. Educating your users is important and this should be a part of your network security policy.
Finally, defensive design means designing systems to be secure in the first place is important, and this can include secure network design, code reviews, testing and anticipating misuse.
Resources mentioned in the chapter:
NCCE resources for this topic including concept map and full teaching materials are here:
Klez, Mydoom viruses etc. https://www.hp.com/us-en/shop/tech-takes/top-ten-worst-computer-viruses-in-history
Cloudflare lava lamps – the story https://blog.cloudflare.com/lavarand-in-production-the-nitty-gritty-technical-details/
Hacking a car through the stereo: https://www.computerworld.com/article/2748225/with-hacking–music-can-take-control-of-your-car.html
SQL Injection resources
Physical Computing ideas
If you have a networked Raspberry Pi you can create a web server with a page that is vulnerable to SQL Injection using these tutorials:
- Setting up a web server on a Raspberry Pi – Raspberry Pi Documentation
- SQL Injection Tutorial: Learn with Example (guru99.com)
Project work – competitions