Teach Any Computer Science Class
We have put together a full GCSE Computer Science curriculum that will give you all the teaching materials you need to teach any topic.
Whether you're a brand new Computer Science teacher, or you've been teaching ICT for years, our resources will save you hours and hours of lesson preparation every single week.View the Lessons →
Computer hacking is a complicated term. Computer hacking could be programming, and it could be doing something fun and really productive and useful to society.
Malicious hacking is usually defined as the act of trying to break into another machine or system to gain access to data that you don’t have the right to. While access control is a means to prevent unauthorized access, there are ways around it that hackers find. Imagine there’s a server on the Internet that has valuable data such as passwords, credit card numbers or private information about people or government secrets on it, for example. Without proper security measures, all kinds of information could be exposed which could be interesting, dangerous, humiliating, threatening and more for individuals, businesses and governments.
Hacks work in a multitude of ways so there’s no real way to talk about a general-purpose hack. In many cases, however, what hackers try and do is exploit vulnerabilities in software running on a particular machine. If there’s no connection between this machine and the Internet, there’s no way to hack it without getting physical access to it. If you have physical access to a machine, you can do almost anything. One of the first things that companies that specialize in computer security do is a security audit to see if they can get access to a company’s server room. This is because if it’s easy to get access to the server room through forging access cards or tricking people, then all other computer security measures become irrelevant and a company can find itself in deep trouble.
As a rule, machines that hackers are interested in are valuable because of the data on them such as credit card information and transaction data. To gain access, the first thing a hacker might do is to find the services that are running on it. That’s where tools like Nmap come into play because it allows the user to figure out what ports are open going into the machine as well as get information about the service that’s running on that port. Then the hacker will try to break that protocol or exploit a bug in the protocol by initiating a series of interactions with the machine that are designed to expose flaws in the software that is running the protocol. These bugs are really common which is why software also need to be regularly updated and patched. When people are motivated and malicious, they will go through the software with a fine-toothed comb to find bugs and try different tactics to attack the software and find their way in. The goal is to find something wrong in the protocol that allows the user to either gain access to the machine or find some other way of receiving information. This is how Internet-based hacks are launched.
Malware is a blanket term that describes software that is malicious in some way and includes other terms like viruses, worms and trojans.
A virus is different from a worm. A virus is something that does something bad to your computer but it requires human interaction to propagate so this might be something that is propagated, for example, because it piggybacks on a program and you decide to share this program with somebody else through a USB drive or email (think of suspicious email attachments). The virus then propagates just because you’ve sent it on to somebody else.
A worm, on the other hand, does not require human interaction. It can self-propagate from computer to computer based on how many computers can be affected by the worm. As a result, worms can actually be some of the most dangerous types of malware out there just because they can exploit some common security flaw across a large number of computers and spread rapidly. There are a number of worms that have been developed in recent times that are conspicuous and highly problematic.
One of the more interesting ones in recent times is the Stuxnet worm alleged to have been created by a state, organization or government and is designed to infect a variety of machines including mission critical machines that operate nuclear facilities, for example. The malware doesn’t cause significant damage to most people’s computers unless the computer is susceptible to the attack that the worm uses. By propagating through numerous computers, it then reaches machines that perform useful and important tasks in the creation of nuclear materials. The worm then causes these machines to break down which is potentially highly dangerous. The theory that it was created and/or funded by something larger than an individual person is based on the worm’s very advanced and sophisticated nature.
Some worms infect machines and self-update by downloading new software. It continues to propagate and lie dormant until enough machines are infected and the controller, the person who has designed the worm, is ready to launch the attack. An attack can be, for example, a denial of service attack or a distributed denial of service attack where thousands of emails are sent per minute from millions of machines.