Threats to computer systems and networks

What are the different forms of attack?

• Malware

• Social engineering, e.g. phishing, people as the ‘weak point’

• Brute-force attacks

• Denial of service attacks

• Data interception and theft

• The concept of SQL injection

What is malware?

software that has been created with malicious intent to harm a computer system

Issues caused by malware

• files being deleted, corrupted or encrypted

• internet connection becoming slow or unstable

• computer crashing or shutting down

Types of malware:

• viruses

• worms

• Trojan

• spyware

• ransomware

What is a virus and what issues does it cause?

Software that replicates itself/spreads on a user’s computer.

Issues caused:

• fills disk space

• deletes/corrupts data

• allows unauthorised access to computer

• prevents applications from running correctly

What is a worm?

Software that replicates across a network. Will spread to other drives and computers on the network.

Uses up all the bandwidth

How does a worm infect other computers?

• Worms can infect other computers from

  • Infected websites

  • Instant message services

  • Email

  • Network connection

What is Trojan and what issues does it cause?

Trojan is malware disguised as legitimate software. Once it is installed it acts like a virus.

Issues:

• deleting files

• allowing unauthorised access

What is spyware and what issues does it cause?

Spyware is software that allow a person to spy on the users’ activities. Embedded into other software such as games or programs that have been downloaded from illegitimate sources.

Issues:

• spyware can record screens and log keystrokes to gain access to passwords and more

What is ransomware and what issues does it cause?

Ransomware is a form of malware that corrupts, encrypts or locks access to data.

The user cannot access the data again without paying money to get it back/decrypted.

What is social engineering?

Using deception to manipulate users to gain personal data.

Phishing

• type of social engineering attack

• Fake emails sent to person // click on link from fake email

• Person sends personal data // gives away personal data

Pharming

• type of social engineering

• Software that redirects user to fake website // use of a fake website

• Person enters personal data // gives away personal data

What is Denial of service // DOS // DDOS and what issues does it cause?

• Multiple requests sent to a server (simultaneously) // server is flooded with requests

• More requests than the server can process // uses all of the bandwidth available

• Server cannot respond // server crashes/denies access // stops access to a network // slows access to a network

Data interception and theft

Where data is intercepted during transmission. This is done using software called a packet sniffer, which examines data packets as they are sent around a network, or across the internet. The information gathered is sent back to a hacker.

The purpose of this form of attack is to gain personal information to fraudulently gain access to accounts of innocent people. Once access has been gained, the account is either used to attack others, or money is transferred to a third party without the owners knowledge or consent.

SQL injections

• SQL injection is entering an SQL command into a web text field to manipulate the SQL query

• The goal is to insert, modify or delete data from the database

• An example of SQL injection would be a user typing in a query such as

  • SELECT UserId, Name, Password FROM Users WHERE UserId = 100 or 1=1;

  • This would return all of the User IDs, Names and passwords because 1 is always equal to 1