top of page

                                                     Cybersecurity Myths:

​​

  1. A hacker can break into your current TCP/IP session.  Truth:  In order to attack, the hacker must use the same IP address and port number as the current TCP session. Additionally, the hacker needs to know the sequence and acknowledgment numbers in the TCP header, which will change depend on traffic load. Moreover, the hacker cannot receive any TCP packets from either party. Therefore, it is impossible for the hacker to attack an existing TCP session.

  2. Hackers can break into your system while you're surfing the internet. Truth: If your system does not have any open TCP/IP listening ports, no one can establish a new connection and gain access. Additionally, hackers cannot break in through your current TCP/IP session. A web browser operates as a client in the client-server model, designed to perform specific tasks. Typically, the client takes predefined requests from the local user (keyboard input), sends them to the server, and waits for a reply. Hackers cannot break into any client and do whatever they want.

  3. Man-in-the-middle attacks are common. Truth: The TCP/IP protocol operates on a point-to-point communication model. There is no "man in the middle" in this process.

  4. Buffer overflow attacks with malicious code are inevitable/Fileless malware attack. Truth: There are three reasons why this cannot happen:

    1. Most programs call other programs to avoid rewriting code, especially for system functions such as C runtime libraries, DLLs (.dll), or Shared Objects (.so). How could a hacker locate the actual memory address of these programs? Even more challenging, if the called program has not been loaded into memory, what could be done about it?

    2. How could malicious code gain control of the CPU? Modifying the calling stack is nearly impossible to execute successfully. Which program could be used to modify the calling stack? To alter the calling stack, the modification must occur after calling another program and before the called program returns. The timeframe for this modification is extremely limited

    3. Due to the page size of computer memory, a buffer overflow cannot extend beyond the page boundary. Additionally, the page size is typically 4k in most computer systems. To write a program that fits this 4k size, the program must be very small. This means that the code cannot perform many tasks.

  5. Internet TCP/IP Connections can be hijacked. Truth: The TCP/IP protocol makes this impossible. Each TCP session includes both partners' IP addresses. A hacker cannot alter either IP address, meaning they cannot intercept TCP packets sent to the original parties.

  6. VPNs are secure. Truth:  It is important to note that the VPN provider can track your internet activities and knows your ID and password when you log in to internet services such as online banking. However, if you are already using encryption for network traffic, such as HTTPS, no one else can access your ID and password.

  7. The hacker can gain access through backdoors.  Truth:  The Internet is based on the TCP/IP protocol. To access other Internet resources, such as servers or websites, an IP address and port number are needed. There are no backdoors in the TCP/IP protocol.

  8. A computer worm is a type of malware that can self-replicate and spread to other computers without human interaction.  Truth:  In order to self-reaplicate and spread to other computers, the worn needs to access network.  The network is based on the TCP/IP protocol.  In order to self-replicate and spread to other computers, the worm needs to access the network. The network is based on the TCP/IP protocol. In order to make a connection to other computers in the network, the other computer must first start a program that can open a listening port. Then, the worm can make a connection to the target computer.  There is no way for the worn to start a program at the remote target computer.

bottom of page