Unit 6 - Cyber Security

Cyber Security

Cyber Security

Measures taken to protect a computer, program and data against unauthorized access or attack

Malware

Malicious executable code that can run on a computer: Viruses, adware ,Pharming and Spyware are exam

Examples of Malware

Viruses, adware ,Pharming and Spyware

Virus

are small programs which aim to cause physical harm to a computer system.

Standard Virus

These hide in files / programs and replicate themselves in order to spread into other programs / files. Their aim is usually to delete or damage data.

Worm Virus

Try to replicate themselves, using more and more of the computer's resources, slowing down your computer and making it useless.

Trojan Virus

In the background of often programs which you can use, they cause harm and make changes to your computer set-up or creating a portal for other users to use and gain access.

Spyware

it is installed without the users knowledge and spies on the user activities by tracking them as the visit websites and installing a key logger that can read passwords and personal information. Personal data is then sent back to the hacker often through the use of cookies.

Pharming

-Pharming seeks to change the IP address in the DNS(Domain Name Server) to another IP address so that the user is sent to a phoney website instead of the one they intended.

Social Engineering

Manipulating people and is often used by criminals to force people to make mistakes which can compromise a network's security.

Weak and default passwords

If passwords are simple/or left as default, they will be more easily hacked, compromising the security of the system

Misconfigured access rights

Misconfigured access rights causes users to possibly have access to parts of the System that they shouldn't have access to, this can compromise the security of the system.

Removable Media

Removable media could contain malware, it may try to turn itself on when a the media is connected to the network. Once installed, it could then spread across the network, compromising the security of the network.

Unpatched/Outdated Software

Old software can create vulnerabilities in networks as the old software may not have been designed to protect against new advanced malware criminals develop.

Social Engineering- Blagging

Creating and using an invented scenario to engage a targeted victim in a manner that increase the likelihood of the victim to divulge information or perform actions that would be unlikely in ordinary circumstances.

Social Engineering - Phising

Sending emails purporting to be from reputable companies to induce people to reveal personal information.

Social Engineering - Shoulder/ Shoulder surfing

Observation on a person's private information over their shoulder.

Penetration Testing

A company will invite/employ experts to try to simulate a range of network attacks such as installing malware.

Biometric Measures

Physical features of a user are used to authenticate them on the system. This form of security is very effective in keeping systems secure as it cannot be shared easily, it can also identify the correct user out of billions.

Passwords

They're put in place to ensure that a network has no unauthorised access. It's important that they're strong so they harder to crack, they also should be changed regularly.

CAPTCHA

The system tries to combat malicious bots by challenging users to prove they're human by selecting certain images or ticking a box, both which bots cannot carry out consistently.

Email Configuration

Websites send users an email as part of a sign up process,when the link is pressed it confirms the user's identity to the website. This keeps networks secure.

Automatic Software Updates

Software patches and updates are vital. By enabling automatic software updates, when developers release a new security patch, the system will stay up to date and be protected.