Threats to Computer Systems and Networks

Key Words:

network policies - a set of rules by which users of the network must adhere to, to ensure appropriate working behaviours.

user access levels - setting up different groups of users and giving them different degrees of system access.

penetration testing - employing an individual/group permission to try and hack the system in order to reveal weaknesses, which can then be improved by the company.

Malware:

• any software which can harm a computer or user.

• different types:

  • viruses

  • spyware

  • adware

  • pharming

Viruses:

• small programs that aim to cause physical harm to a computer system.

  • Standard Virus:

    • hides in files/programs and replicates themselves in order to spread into other files/programs. Their aim is usually to delete or damage data.

  • Worms Virus:

    • does not necessarily damage data, simply tries to replicate themselves using more and more of the computer’s resources, slowing down your computer and making it useless.

  • Trojan Virus:

    • often programs(such as games) which you can use. But in the background, they will cause harm, like deleting your files, making annoying changes to your computer setup or creating a portal for other users to use in order to gain access to your system.

Spyware:

• aim is to spy on the user and send back as much information about them as possible(passwords, usernames, visited websites, purchases made etc.)

• a common piece of spyware is a key logger. It quietly runs in the background recording every key you hit.

• the reason for collecting this data is so that “senders“ of spyware can use this information to steal your identification or sell your information to third parties.

Adware:

• does not physically delete or corrupt a system’s data.

• aim is to download and display unwanted adverts and collect marketing information about your online habits.

• tries to direct you to unwanted websites by changing your default homepage.

Pharming:

• a DNS server enables us to “look up” the IP addresses of computers that are hosting websites so that we can then visit that website.

• seeks to change the IP address stored in the DNS (or cached on our computer) to another IP address so that the user is sent to a phoney website instead of the intended one.

Other types of malware:

Scareware:

• a pop-up telling you that you have a virus - it advertises purchasable software hoping that you will pass over your money.

Ransomware:

• seeks to lock your computer, making it useless.

• demands that you pay a sum of money in order for you to get your computer working again.

Rootkits:

• contains a set of tools which once installed, allowing a criminal to access your computer at an administrator level, allowing them to do pretty much what they like.

Phishing:

• seeks to acquired sensitive information about a user such as their usernames, passwords, bank details etc.

• done in the form of direct electronic communications e.g. emails and phone calls.

• tries to impersonate legitimate companies to ask you to give away sensitive information.

People:

• people are often the main reason why networks succumb to attacks and a loss of data.

• social engineering is an act of manipulating people and is often used by criminals to force people to make mistakes which can compromise a network’s security.

Brute Force Attacks:

• where criminals will use trial and error to hack an account by trying thousands of different possible passwords against a particular username.

• they will repeatedly try to “login“ with one password after another.

• can easily be reduced by ensuring that a system locks an account if more than three unsuccessful password attempts have been made.

• also reduced by ensuring that all users have complex passwords as these are less likely to be tried.

Denial of Service (DoS)

• seeks to bring down websites by using the web server’s resources.

• done by acquiring multiple computers, often through malware, to repeatedly try to access or login to a website.

• this sudden traffic increase puts the web server under extreme pressure and server CPU and memory will be under so much strain that it will crash.

• criminals might ask for money to stop the attack

• they might also use the attack as a punishment for websites they deem unethical.

Data interception and theft:

• use specialist hardware and software to secretly monitor network traffic and intercept data packets believed to contain sensitive data.

• “packet sniffers“ are used to sniff out those packets, decode them and steal information inside such as passwords, bank details etc.

SQL injections:

• stands for “Structured Query Language“

• used to lookup data in a database.

• when you type your username and password into the input box and press enter, it is added to an SQL statement.