Network Security Threats

$Passive attack$ → someone monitors data travelling on a network and intercepts any sensitive data they find. They use network monitoring hardware and software such as packet sniffers. Hard to detect as the hacker is listening quietly. Defence = data encryption
$Active attack$ → someone attacks a network with malware. More easily detected. Defence = firewall
$Insider attack$ → someone within a network exploits their network access to steal information
$Brute force attack$ → trying to crack passwords through trial and error. Using automated software to produce hundreds of likely password combinations (words and number sequences. Defence = limited number of password attempts, strong passwords
$Denial of service$ → flooding the network with useless traffic to slow or stop people accessing it

$Deleting$ or $modifying$ files
$Scareware$ → telling the user their computer is infected with viruses to scare them into paying for a solution to their problem
$Locking files$ → ransomware encrypts all the files on the computer. The user will have to pay the hacker for the key to decrypt them
$Spyware$ → secretly monitoring user actions eg. key loggers and sends it to the hacker
$Rootkits$ → alter permissions giving hackers administrator level access
$Opening backdoors$ → creating holes in someones security which can be used for future attacks

Viruses $attach$ themselves to certain files eg. .exe files. Users $spread$ them by $copying$ or $sharing$ infected files and activate them by opening infected files
Worms are like viruses but can $self replicate$ meaning they $spread very quickly$
Trojans are $malware disguised as legitimate software$ . Trojans don’t replicate themselves.

$Via phone$ → $pretending$ to be a $network administrator$ , then persuades them to give their $confidential information$ such as their login details or sensitive company data
$Phishing$ → sending emails or texts $pretending$ to be from a $well known business$ . They contain links to $spoof versions$ of a company website where they $request sensitive information$ eg. bank details, log in details. Sent to thousands of people. $Easily detected$ eg. poor grammar, strange email address, not signed up on that email

One of the $main coding languages is SQL$ which is used to $access information in databases$
SQL injection is where pieces of SQL are $typed into a websites input box$ which then $reveal sensitive information$
If the website does not have strong enough input validation then someone may be able to access other people’s accounts through SQL injection
eg. SELECT name, address, account number WHERE pin = 12345 → SELECT name, address, account number WHERE pin = 12345 OR 1=1 (1 is always equal to one so the website displays everyone’s information)
If a website’s SQL code is insecure, this can be an easy way for hackers to get past a website’s firewall

Penetration testing → organisations employs specialists to simulate potential attacks and identify any possible weaknesses
Physical security → protecting the physical parts of a network from either intentional or unintentional damage. Can be locks and passcodes on server rooms or surveillance equipment such as cameras and motion sensors to deter intruders
Passwords → preventing unauthorised users accessing the network. Should be strong → long, combination of letters, symbols and numbers and changed regularly
User access levels → controlling which parts of the network groups of users can access. eg. business managers have higher access level to sensitive data and might have write access. This helps to limit the number of people that can access important data, preventing insider attacks
Anti-Malware software → designed to find and stop malware from doing damage to a network. Eg. Antivirus programs which isolate and destroy viruses. Firewalls are used to block unauthorised access. They examine all data entering and leaving the network to block any potential threats
Encryption → data translated into a code which only someone with the correct key can access. Encrypted text is called cipher text compared to plain text. Encryption is essential for sending data over a network securely.