network security - forms of attacks

what are the main types of network attacks (6)

• malware

• social engineering

• brute force attacks

• ddos attacks

• data interception

• sql injection

what does malware mean

malicious software used to harm a computer system

issues caused by malware (3)

• files being deleted, corrupted or encrypted

• internet connection becoming slow or unusable

• computer crashing or shutting down

types of malware (5)

• trojan horse

• virus

• worms

• ransomware

• spyware

what is a virus

a program that can replicate itself cause unwanted and unexpected events to occur

issues caused by viruses (3)

• corrupted files

• deleted data

• applictions prevented from running correctly

what is a worm

malware similar to a virus that can spread to other drives and computers on the network

ways worms can infect another computer through (4)

• infected website

• instant message services

• email

• network connections

what is a trojan horse

malware that is disguised as legitimate software but contains malicious code in the background

what is spyware

software that allows a person to spy on user’s activities on their devices

what can spyware do (3)

• record your screen

• log your keystrokes

• gain access to passwords

where is spyware often recieved from

spyware is often embedded into games or programmes that have been downloaded from illegitimate sources

what is ransomware (3)

• malware that locks your device and encrypts important files

• a demand for money is made for the user to gain back access

• there is no guarantee that they will get their data back though

what is social engineering

exploiting weaknesses in a computer system by targeting the people that use or have access to them

types of social engineering (3)

• fraud phone calls

• phishing

• pretexting

what are fraud phone calls

pretending to be someone else to gain access to their account or their details

what is phishing

sending fraud mails to lots of email addresses, claiming to be from a reputable company to gain access to your details

what is pretexting

a fake text message pretending to be from the government or a company to trick you into giving confidential data

what are human errors (5)

• not locking doors to server rooms

• not locking their devices

• sharing passwords

• not encrypting data

• not keeping up with software or anti-malware updated

what is a brute force attack

multiple combinations of a user's password are tried to gain unauthorised access to their accounts or devices

what is a dictionary attack

when popular words or phrases for passwords are tried to guess the password as quickly as possible

what is a denial of service attack

when an attacker repeatedly sends requests to flood a server with traffic causing it to overload the system slow it down and make it unusable

traffic comes from multiple distributed devices in a coordinated attack on a single server/network

what is a botnet

multiple internet-connected devices that have been infected with malware and can be controlled remotely by an attacker

purpose of a denial of service attack

prevents customers from accessing or using a service causing companies to lose money and damage their reputation

what is data interception

when sensitive information is intercepted when being transmitted across a network to gain unauthorised access

what is a packet sniffer

able to collect the data that is being transferred on a network

what is sql

a language used to create, access and manipulate a database

what is an sql injection

when an sql command is entered into a web text field to manipulate the SQL query to insert modify or delete data