Studied by 1 person
What are the forms of attacks to networks?
malware
social engineering
Brute- force attacks
Denial of service attacks
Data interception and theft
The concept of SQL injection
What is malware?
-Any kind of malicious program
-installed into a computer with the intention to cause damage and disrupt its functionality or to steal information.
What are some examples of things malware could do?
May delete data, make changes to it, or lock (encrypt) it so it is unusable and make you pay to get it unlocked (decrypted)
Name some types of malware
Viruses, worms and trojans
What is ransomware?
malware that ‘locks’ (encrypts) your data and forces you to pay money to get back in ‘unlock‘ (decrypts)
What are some key feature of malware viruses?
-has harmful affects to the computer
-has the ability to duplicate (copy) itself to other computers and hence spread (like a biological virus)
What is data interception and theft? What are the two types?
As data is conveyed over network is possible to intercept the data stream and capture usable data form it.
There are two types of data interception and theft:
1) man in the middle (MITM) attacks
2) packet sniffing
What is a man in the middle (MITM) attack?
it is a form of data interception.
It involve intercepting a devices connection to the internet. Often by luring users into using a fake Wi-Fi hotspot.
The operator of the fake Wi-Fi network can the sniff all the packets of data to gain personal information and to see which websites are being visited.
This method also allows phone number s to be captured, which can then be used in further attacks
What is a denial of service attack (DoS)?
DoS attacks are designed to bring down server or websites by overloading them with network traffic.
This prevents legitimate users for having access to the website because it uses up internet bandwidth and prevents servers from responding
what is a distributed denial of server (DDoS) attack?
This is when computer form all over the world are innocently hijacked to take part in a DoS attack, each sending only small parts of the entire data flood.
This is done by infecting the computers with malware (usually without the user knowing) - the attack is called a botnet attack
What are the compromised machines in a DDoS referred to as?
zombies or bots
What is a cyber attack?
-Unauthorised access to a computer, or a network, or data held on any digital device or network
-Theft of data form a computer or network
-Damage to a computer or network or data held there
If someone guesses your password what can they do?
They can access your:
files
data
emails
on-line accounts (e.g shops like amazon, social media, on-line bank)
If someone guesses your password what can they do with it?
look at your files and data, your emails, your social media and shopping history.
Alter or delete anything they find
Steal anything they find - information, images, videos - or share it with others
Take money from your bank; buy things at your expose
post social media or send emails in your name
What are the 3 key dangers of your password being guessed?
-Identity theft - to commit fraud
-Theft or information - to sell it on, or threaten blackmail
-Damage to important information or documents
What is a strong password?
A password which is not easily guesses by human or discovered by password-cracking software.
What is a Brute-force attack?
A method of cracking passwords by trying all possible combinations of characters until the correct one is found, to gain entry into a computer or network.
What method do some cracking software’s use?
They use a dictionary. It tries each word on the dictionary in turn until it finds the right one. This is why you should never have a single word as your password
What is a critical factor of password strength?
Length
What things should you password include to be strong and resist a strong attack?
-No short password (8 or more characters is best)
-A password should contain:
Upper and lower case letters
And
Digits 0-9
And
Symbols such as $%&*
-It should not contain easily identifiable words or number like:
your name
your age
your birthdays
What does SQL stand for?
Structure Query Language
What is SQL ?
A programming language largely used in database systems.
It is the language used to build ‘database queries’
It can be used for copying, deleting or adding new data
What is a database?
A computer-based structured collection of information
When user data is submitted using a webform, the program code ‘behind’ the webpage processes the inputs and submits them to the database system on the website.
What is the SQL injection?
It involves SQL commands into a web form instead of legitimate data, in order to try to gain control over a website database server.
Instead of entering legitimate data the hacker could try entering SQL programming statements that seek:
get further information about the database
get unauthorised information from the database
alter or delete part or all of the database
What is a web form?
A collection of information that appears on a web page
What is the computer misuse act?
The law which one can be prosecuted under for committing crimes such as hacking.
What is social engineering? Give an example
Where a hacker seeks to gain access to or get data from a network by relying on computer user’s ignorance of the cyber - dangers or carelessness
Spec definition: Exploiting weaknesses in a computer system by targeting people that use or have access to them
Give an example of social engineering
For example; someone could ask to put in a memory stick into your computer with your login in as their login isn’t working. Someone might fall for it and let them. This memory could install a virus into their computer, or they could install a keylogger.
What is a keylogger?
This is a type of malware that can be installed which records each keystroke made at the keyboard and periodically send the information to the hacker. That could include login details or passwords.
What is Phishing?
Phishing uses social engineering - its about trying to deceive someone in order to get them to release information the hacker wants
What does phishing include?
It involves carefully worded email and very carefully built website
How does phishing work?
-The intended victim receives an email which includes a weblink
-the wording of the email is intended to make the recipient believe it is very important to follow the link - perhaps it an urgent message from their bank, or internet provider/ online store.
-the link takes them to a website that looks exactly like the website of their bank/ internet provider/ online store.
-They are prompted to log in as usual
-The fake website ‘harvests’ the details they type in
-And the hacker s now have their login credentials to use s they wish
Is phishing becoming more common?
Yes
What other threat technologies could a phishing attack include?
The website the phishing email take you to may offer a free download of some tempting or urgently needed software like:
a game
an anti-virus program
an ‘ad-blocker’
and its a free download… however what you downloaded isn’t what you thought it was
Name some phishing statistics
it is the most common form of cyber- crime.
an average of $136 is lost per phishing attack
can also be used to deliver ransomware
millennials and gen-z internet users are most likely to fall victim to phishing attacks
What are ‘physical’ threats?
computer equipment can be stolen or damaged
an intruder can steal or damage computers, laptops, servers ect
What types of devices are likely to be stolen or broken?
portable devices such as laptops, tablets ect
What are some physical security precautions that must take place?
look after you hardware
An organisation must:
make users aware of the dangers that a follow from a lost of devices
have clear policies for equipment
warn users of the need to take care of any potable devices when away from the office
the following requirement is standard practice is many organisations
What is the National Cyber Security Centre
An organisation which provides advice on all aspects of cyber security to large and small organisations and to general public
What are the 6 software and hardware techniques which can be used to protect from cyber attacks?
Anti-malware software
Firewall
Penetration testing
Regular software updates
Data input validation and sanitising
Encryption
anti-malware software? Give 2 examples of what it does
it protects a computer from malware
It can be used to scan an external hard drive/ SSD or memory stick before you try and copy ant files form it
It can monitor the activity of your computer to detect any active malware activity
What does anti-malware software do?
IT should automatically scans any files you download to check they are not harmful
Scans for viruses/ spyware/malware
Stops the download of viruses
What can anti-virus software protect from?
It protect your computer from spyware, root kicks, worms, trojan ect
What is a firewall?
A firewall is a network security system to prevent unauthorised access to or from a private network
In what type of network are firewalls commonly found?
In a LAN, which is protected by a firewall implemented as a separate specialist hardware device
What are the 3 purposes of a firewall?
-scans incoming traffic and blocks traffic that is unauthorised
-firewalls can inspect both sending IP addresses and file data contained within an IP packet
Can stand alone computers be protected from hacker by a fire wall?
Yes
What does a penetration tester do?
They aim to discover how resilient a network is against an attack, and offer advice on how to improve it
How can penetration testers used to prevent cyber attacks?
It involves authorised specialists who prove the network for potential weaknesses and attempt to access system and data in he same way.
They will write a report on what they find including recommendations for steps to be taken to improve security not the network
Why are regular software update useful for protecting against a cyber attack?
Updates may add new features or improve usability but very often they are for security reasons.
Software updates are very often to fix such security weaknesses. Failures to update leaves a computer at risk.
How does data input validation help protect against cyber attacks?
It ensures that all inputs by the user are acceptable
It is the programmers responsibility to write ‘validation routines’ into their code to void the effect of invalid data entry
What is SQL injection?
It involves entering SQL commands into a web form instead of legitimate data, in order to gain control over a website database server.
It is the programmer’s responsibility to write relevant ‘sanitising routines’ into their code to protect against malicious input
What could happen if erroneous (incorrect) inputs are made (into an SQL database)?
The program could crash or the program might give wrong or meaningless results
What is data sanitation help guard against SQL injection malicious?
We guard against this type of ‘malicious’ user input by writing our program to detect and reject it.
The programmer writes code that ‘sanitises’ the user input - it checks for malicious input and rejects it.
Essentially what do data validation and Sanitising do?
It limits what a user can enter into the software. BUT they have different aims:
What are the differences between data validation and sanitation?
Validation of user input tries to make sure the input is usable by the program, that it will not cause it to crash or output incorrect or meaningless results
Sanitation of user inputs tries to make sure the input does not contain line of malicious code which could allow a hacker to gain entry to a system
What is encryption?
To scramble data in such a way that only the owner of the data or it intended recipient can ‘unscramble’ it (decryption)
When can data be encrypted?
When saved or when transmitted
What is plain text?
The message you want to encrypt
What is cypher text?
The message after you have encrypted it
What is the decryption key?
The plain text is converted into cypher test using the encryption algorithm
What are two things encryption helps with? (Two uses)
1) ensuring that data being transmitted over a network is encrypted, in case of data interception
2) ensuring data is stored, in case of data theft
What are some ways to avoid human error to protect form cyber attacks?
1) User training
2) acceptable user policy
3) Authentication
4) Strong passwords
5) Two-factor authentication
6) Biometric authentication
7) Access control
8) Physical security
How does user training help protect against cyber attacks
All users of computers in an organisation must b trained to understand cyber threats and how it avoid harm.
Users must understand the seriousness of cyber attacks:
The organisation could face serious disruption, or even not be able to operate at all
They could lose that amounts of money
They could lose customers through loss of reputation
How does acceptable user policy help protect against cyber attacks?
A document that state clearly what use of the computer system network is and it snot permitted.
All users must follow it
What is user authentication?
The process of checking the identity of a user before letting them use the network/ system / app
What is a common way of authentication?
finger prints
face recognition
logins and passwords (strong passwords)
How does enforcing strong passwords help prevent against a cyber attack?
Networks managers should set up their network system to that users cannot set weak passwords
There should be system-enforced requirements for passwords
What is a two-factor authentication?
It is a two step authentication, which is a security system that requires two distinct forms of identification in order to access something.
Commonly you for login with user name and password then you use a one-time PIN sent then and there to your phone
What is biometric authentication?
A security system that users one or more unique features to the individuals body to guarantee they are who they are
What are common biometric authenticator?
fingerprints
voice recognition
handwriting
face recognition
eye-scanners
Give an example for why biometric authentication won’t always work?
-finger prints for examples won’t work well if hands are wet - so no good in a swimming pool
-face recognition is not so successful where hats/ masks/ helmets/ glasses are worn
What is access control?
It is all about controlling who ca do what on a network
Who can access data
Who can edit/ delete data
Who can use what system/ software/ database
Not everyone should be able to do everything
What are the levels of access control?
1) Ready only - can open and view files only
2) read-write - can open and make changes
3) read-write-delete - can also delete the file
4) no access at all - hidden, invisible to the user
What is physical security?
Refers to keeping computer equipment safe from theft or physical damage.
Its all about protecting hardware, such as:
fixed items: desktop computers, servers, switches etc
Portable items: laptops. tablets. phones; as well as removable hard drives and memory sticks
How can physical security ONSITE be used to protect against cyber attacks?
-lock rooms with computer equipment in when not in use
-lock the server room; only authorised personal are allowed the key or keycode
-control access to building: key-cards, receptionists ect
-buildings/ rooms should have a intrusion detection
What physical security OFF SITE must be used to protect against cyber attacks?
keep portable devices safe:
-they must not be left where they can be interfered with or stoleN by members of of the public
Note 
Flashcard (108)