So, let me start by asking you, how long is your password? Does it have alphabets, numbers, or other special characters in it? If it does, then it's good. But if it's less than eight characters long, then you might want to change your passwords after watching this video. Let see why? A process of reverse engineering is usually used to crack user passwords. A computer stores a hash representation of the passwords of all its authorized users in a SAM file, that is the Security Access Management file. Hashing is a mathematical way of taking any set of characters of arbitrary length, and mapping it into a fixed number of characters. For example, the hashing algorithm will produce a hashed value of six characters for both the long and the short password shown. These six lettered hash values for both the passwords, will be stored in the SAM file. The system administrator can use this file to restore access to individuals who have forgotten their password or login credentials. But if a hacker were to get hold of the SAM file, then they would have access to all the hashed values. Note, that they still don't have your actual password, rather the hashed values. So, what can they do with it now? Well, they could try out all possible combinations of characters, and words as potential passwords, hashing it with the same hashing algorithm, and comparing the outcome with the value stored in the SAM file. If a match is found, the hacker has cracked your password. As you can tell, the post-process of checking out all possible combinations of characters is a complicated one. So, they use two primary ways of dealing with it. One, is the dictionary-based attacks, and the other is a brute-force attack. In a brute force attack, as the name suggests, a hacker will try out all possible combinations of characters or words to log into the system. It might sound like a lot of work to do, but trying out these combinations can be implemented using software program instead of doing it manually. With the computational power of modern computers, weak passwords can be cracked quite easily. That's why system administrators often limited the number of login attempts that you can have before the account gets temporary locked. That way, it restricts the possibility of a hacker being able to try out different variations of the login very successfully. The other method, is to use a dictionary based attack in which the hacker tries out all possible combinations of dictionary-based words, and that's why you should never be using the name of a city, or your name, or common English words as your login password. To prevent these types of password cracks, employees should be mandated to use non-words, alphanumeric passwords, with special characters like the question marks and exclamation marks. Having such alphanumeric values and special characters, dramatically increase the combinatorial space that a hacking software will need to try out in order to crack your password. So, if your password is long and strong, it will be very difficult for a hacking software to reverse engineer it within any reasonable amount of time. Another type of attack, is impersonation, which is used to gain unauthorized access to a computer by posing with an identity of a different trusted computer. In the world of computer networks, the identity of each machine is based on something called the Internet Protocol or the IP address. These are numbers assigned to different computers. A hacker may pose with the IP address of a trusted computer in your organization's network in order to gain access. The way it works, is that the hackers find out the IP address of trusted hosts and uses it to modify its own packet source address to appear as if those data packets are coming from the trusted host. Firewalls will mistakenly allow these packets in thinking that they are legitimate traffic. But fortunately, if your organizations have newer firewalls and routed technologies, they can offer some kind of protection against IP spoofing. Eavesdropping is another mode of cyber attack in which a hacker uses a program or a device that can listen to data traveling over the network. Surprisingly, a lot of data traffic travels across the internet as plain text, that is without any encryption, and these can include your password, email, Word documents, and so on. Softwares like Wireshark and Firesheep can be used to sniff Wi-Fi traffic to collect this information. Packet sniffing and IP spoofing that we saw earlier, can be combined to launch what is known as a Man-in-the-Middle attack. Basically, it means that the original conversation has been hijacked by a hacker who first sniffs and intercepts the data packets, and then pauses with the identity of the intended recipient. Encrypting your data traffic, for example, using SSL, or secure socket layer protocol to connect to HTTPS sites can help avoid such sniffing and spoofing attacks. So, now that we have looked at the various types of cybersecurity attacks, next we're going to look at the defense mechanisms, starting with encryption techniques.
