Forms of Attack and Operating System

Passive Attack

Passive Attack

Where someone monitors data travelling on a network and intercepts any sensitive information they find.

Network Monitoring Hardware and Software

Tools such as packet sniffers used in passive attacks.

Detection of Passive Attacks

Passive attacks are hard to detect as the hacker is quietly listening.

Defence Against Passive Attacks

The best defence against passive attacks is data encryption.

Active Attack

When someone attacks a network with malware or other planned attacks.

Detection of Active Attacks

Active attacks are more easily detected.

Defence Against Active Attacks

The main defence against them is a firewall.

Insider Attack

Someone within an organisation exploits their network access to steal information.

Brute Force Attack

Type of active attack used to gain information by cracking passwords through trial and error.

Automated Software in Brute Force Attacks

Brute force attacks use automated software to produce hundreds of likely password combinations.

Password Attempts in Brute Force Attacks

Hackers may try lots of passwords against one username or vice versa.

Measures Against Brute Force Attacks

Simple measures like locking accounts after a certain number of failed attempts and using strong passwords will reduce the risk of a brute force attack.

Denial of Service Attack

Where a hacker tries to stop users from accessing a part of a network or website.

Flooding in DoS Attacks

Most DoS attacks involve flooding the network with useless traffic, making the network extremely slow or completely inaccessible.

Malware

Software that can harm devices.

Installation of Malware

Malware (malicious software) is installed on someone's device without their knowledge or consent.

Actions of Malware

Typical actions of malware include deleting or modifying files, locking files, spyware, and rootkits.

Ransomware

A type of malware that encrypts all files on a computer and demands a large sum of money be paid in exchange for a decryption key.

Spyware

Malware that secretly monitors user actions.

Rootkits

Malware that alters permissions, giving malware and hackers administrator-level access to devices.

Viruses

Malware that attacks by copying themselves to certain files and spreads when users copy infected files and activate them by opening infected files.

Worms

Malware similar to viruses that self-replicate without any user help, spreading very quickly by exploiting weaknesses in network security.

Trojans

Malware disguised as legitimate software.

Trojans

Unlike viruses and worms, Trojans don't replicate themselves - users install them not realising they have a hidden purpose.

Social Engineering

A way of gaining sensitive information or illegal access to networks by influencing people, usually the employees of large companies.

Phishing

Phishing is when criminals send emails or texts to people claiming to be from a well-known business, e.g. the bank or online retailer.

SQL Injections

SQL injections are pieces of SQL typed into a website's input box which then reveal sensitive information.

Structured Query Language (SQL)

SQL stands for Structured Query Language - it's one of the main coding languages used to access information in databases.

Preventing Network Vulnerabilities

Regularly test the network to find and fix security weaknesses and investigate any problems.

Penetration Testing

Penetration testing is when organisations employ specialists to stimulate potential attacks on their network.

Physical Security

Physical security protects the physical parts of a network from either intentional or unintentional damage.

Passwords

Passwords help prevent unauthorised users accessing the network.

User Access Levels

User access levels control which parts of the network different groups of users can access.

Anti-malware

Anti-malware software is designed to find and stop malware from damaging a network and the devices on it.

Encryption

Encryption is when data is translated into a code which only someone with the correct key can access.

Cipher Text

Encrypted text is called cipher text, while non-encrypted data is called plain text.

Plain Text

Non-encrypted data is called plain text.

Anti-phishing features

Many email programs, browsers and firewalls have anti-phishing features that will reduce the number of phishing emails received.

Input Validation

If the website's SQL code does not have strong enough input validation, then someone may be able to enter a piece of SQL code which allows them to access other people's account information.

Firewalls

Firewalls examine all data entering and leaving the network and block any potential threats.

Malicious Software

Malicious software attacks are prevented and destroyed by installing anti-malware and firewall software.

Locks and Passcodes

Locks and passcodes restrict access to certain areas, e.g. server rooms.

Surveillance Equipment

Surveillance equipment, e.g. cameras or motion sensors, is used to deter intruders.

Strong Passwords

Passwords should be many characters long, use a combination of letters, numbers and symbols - and be changed regularly.

Educating Employees

The best way for companies to prevent social engineering attacks is by educating employees on the risks and what to look out for.