Exam Study Notes on Internet Protocols and Cybersecurity

Internet Protocols and Web Access

  • HTTP protocols are used to access web resources.

  • URLs specify the locations of websites and web pages.

  • Web browsers are used to access resources.

  • TCP and IP are used for internet communication.

Digital Currency

  • Digital currency exists purely in a digital format without physical form.

  • It is an accepted form of payment for goods and services.

  • Digital currency can be transferred between accounts for transactions, enabling online banking and smartphone apps like PayPal and Apple Pay.

  • Digital currency relies on a central banking system.

  • Centralized System Example:

    • Nick (Bank X) sends money to Irina (Bank Y) via a central bank.

  • Problem with Centralization:

    • Maintaining confidentiality and security.

Cryptocurrency and Decentralization

  • Cryptocurrency addresses the issues of centralization using decentralization.

  • Decentralized System Example:

    • Nick's wallet sends cryptocurrency to Irina's wallet directly.

  • Key Features:

    • Uses cryptography to track transactions.

    • Traditional digital currencies are regulated by central banks and governments, which determine transaction rules and exchange rates.

    • Cryptocurrency has no state control; rules are set by the community.

    • Transactions are publicly available and can be tracked.

    • The cryptocurrency system operates within a blockchain network for enhanced security.

Blockchain Technology

  • Blockchain is a decentralized database storing transactions of networked members.

  • It consists of interconnected computers without a central server.

  • All transaction data is stored on all computers in the blockchain network.

  • New transactions are copied to all networked computers.

  • Data cannot be altered without the consent of all network members, reducing hacking risks.

  • Applications of Blockchain:

    • Cryptocurrency exchanges

    • Smart contracts

    • Research (pharmaceutical companies)

    • Politics

    • Education

How Blockchain Works

  • Whenever a new transaction occurse, a new block is created as shown in Figure 5.8:

    • Data: Includes sender, recipient, amount of money, etc.

    • Hash Value: Unique value generated by an algorithm (SHA 256), which acts as a fingerprint.

      • SHA 256 is SecureHashAlgorithm256bitSecure Hash Algorithm 256-bit, a cryptographic hash function used to produce a unique, fixed-size 256-bit (32-byte) hash.

    • Previous Hash Value: Points to the previous block in the chain.

      • Each block's hash includes a timestamp.

  • Creating a Chain of Blocks (Figure 5.9):

    • Block '1' is the genesis block (no previous block).

    • If block '2' is altered, its hash value changes, invalidating subsequent blocks.

  • Preventing Tampering:

    • Proof-of-work: Requires ten minutes to determine proof-of-work for each block.

    • Miners: Special network users who get commission for creating new blocks.

  • Security:

    • Attacking the blockchain requires attacking every single block simultaneously.

    • A single broken block terminates the transaction.

    • New blocks are checked for correctness by each computer in the blockchain.

    • New users receive a copy of the entire blockchain system.

Cyber Security

  • Cyber security is crucial for protecting data from accidental damage, malicious acts, and interception.

Cyber Security Threats

  • Types of Cyber Threats:

    • Brute force attacks

    • Data interception

    • Distributed Denial of Service (DDoS) attacks

    • Hacking

    • Malware

      • Viruses, worms, Trojan horse, spyware, adware, and ransomware

    • Phishing

    • Pharming

    • Social engineering

Brute Force Attacks

  • Hackers systematically try combinations of letters, numbers, and symbols to crack passwords.

  • Reducing Attempts:

    1. Check common passwords (e.g., 123456, password, qwerty).

    2. Use a strong word list.

  • Password Strength:

    • Longer passwords with varied characters are harder to crack.

Data Interception

  • Stealing data by tapping into wired or wireless communication links to compromise privacy or obtain confidential information.

  • Methods:

    • Packet sniffer: Examines data packets on a network.

    • Wardriving (Access Point Mapping): Intercepts Wi-Fi signals using a laptop/smartphone, antenna, and GPS device.

      • Encryption makes intercepted data incomprehensible without a decryption key.

      • Wired Equivalency Privacy (WEP) encryption and firewalls are recommended.

  • Precautions:

    • Avoid using Wi-Fi in public places without data encryption.

Distributed Denial of Service (DDoS) Attacks

  • Preventing users from accessing a network or internet server, temporarily disrupting services.

  • Impact:

    • Prevents access to emails, websites, and online services.

  • Method:

    • Flooding the network with useless spam traffic.

    • Overloading the server with requests, preventing legitimate requests from being serviced.

  • Protection Measures:

    • Use an up-to-date malware checker.

    • Set up a firewall.

    • Apply email filters.

  • Signs of a DDoS Attack:

    • Slow network performance.

    • Inability to access websites.

    • Large amounts of spam email.

Hacking

  • Gaining illegal access to a computer system without permission, leading to:

    • Identity theft

    • Data deletion

    • Data corruption

  • Prevention:

    • Firewalls

    • User names and strong passwords

    • Anti-hacking software

    • Intrusion-detection software

  • Ethical Hacking:

    • Authorized hacking to test security measures.

Malware

  • One of the biggest risks to the integrity and security of data on a computer system.

Viruses

  • Programs or program code that replicate to delete/corrupt files or cause malfunctions.

  • Mechanism:

    • Requires an active host program or infected operating system to run.

  • Dissemination:

    • Email attachments

    • Infected websites

    • Infected software downloads

  • Protection:

    • Avoid suspicious emails and non-original software.

    • Run an up-to-date virus scanner.

Worms

  • Stand-alone malware that self-replicates to spread to other computers and corrupt networks.

  • Mechanism:

    • Does not need an active host program to cause damage.

    • Relies on security failures within networks to spread.

  • Dissemination:

    • Message attachments.

  • Protection:

    • Same safeguards as viruses with an up-to-date anti-virus program.

  • Examples:

    • 'I love you' worm.

Trojan Horse

  • A program disguised as legitimate software but contains malicious instructions.

  • Mechanism:

    • Replaces part or all of legitimate software to harm the user's system.

  • Dissemination:

    • Email attachments

    • Infected website downloads

  • Exploitation:

    • Gives cyber criminals access to personal information like IP addresses and passwords.

    • Often installs spyware and ransomware.

  • Vulnerability:

    • Relies on tricking end-users, making firewalls often useless.

Spyware

  • Software that gathers user information by monitoring computer activities.

  • Purpose:

    • Monitors and captures web browsing, other activities, and personal data like bank account numbers and passwords.

  • Detection and Removal:

    • Anti-spyware software.

  • Implication:

    • Finding spyware indicates a security weakness that other malware can exploit.

Adware

  • Attempts to flood users with unwanted advertising.

  • Forms:

    • Redirects browser to promotional websites.

    • Appears as pop-ups.

    • appear in browsers toolbar and Redirects search requests.

  • Effects:

    • Highlights security weaknesses.

    • Hard to remove. (defeat most anti malware softwares)

    • Can hijack browsers and create won default search requests.

Ransomware

  • Encrypts data on a user's computer and holds it hostage until ransom is paid.

  • Mechanism:

    • Restricts access to the computer and encrypts data.

  • Dissemination:

    • Trojan horse

    • Social engineering

  • Prevention & Recovery:

    • Avoiding phishing emails.

    • Regular backups of key files.

Phishing

  • Cybercriminals send legitimate-looking emails to trick users into revealing personal data or visiting fake websites.

  • Key Points

    • Recipient must initiate some act before any harm can occur

    • If suspicious emails are deleted or not opened, then phishing attacks won't cause any problems.

  • Prevention:

    • Security awareness training.

    • Avoid clicking email links.

    • Use anti-phishing toolbars.

    • Look for https or the green padlock in the address bar.

    • Regular checks of online accounts.

    • Keep browsers up-to-date.

    • Be wary of pop-ups.

  • Spear Phishing:

    • Targeting specific individuals or companies for sensitive financial information or industrial espionage.

Pharming

  • Malicious code installed on a user's computer or an infected website redirects the user's browser to a fake website without their knowledge.

  • Mechanism:

    • DNS cache poisoning changes real IP addresses to those of fake websites.

  • Mitigation:

    • Use anti-virus software.

    • Check website spelling.

    • Look for https or the green padlock.

Social Engineering

  • Cybercriminals manipulate people into breaking security procedures.

  • Types:

    • Instant messaging (malicious links).

    • Scareware (fake anti-virus pop-ups).

    • Emails/phishing scams.

    • Baiting (malware-infected memory sticks).

    • Phone calls (claiming device compromise).

  • Exploitation of Human Emotions:

    • Fear

    • Curiosity

    • Empathy and trust

  • Attack Stages

    1. The victims are identified and attack method is decided.

    2. The victim is being targeted via email, phone call, or Trojan horse.

    3. The attack on the victim is now executed allowing the cybercriminal to obtain the information or to cause the disruption decided on at Stage 1.

    4. When the cybercriminal has decided they have what they wanted they try to remove all traces of the malware to cover their tracks.

Keeping Data Safe from Security Threats

Access Levels

  • Different levels of access for different people within computer systems, controlled via user accounts.

  • Social Networks Access Levels:

    1. Public Access

    2. Friends

    3. Custom

    4. Data Owner

Anti-malware

  • Anti-virus and anti-spyware software.

Anti-spyware

  • Detects and removes spyware.

  • Methods

    • Rules; the software looks for features associated with spyware to identify any potential security issues

    • File Structures; this includes certain file structures associated with potential spyware which allows them to be identified by the software

  • Features:

    • Detects and removes installed spyware.

    • Prevents spyware downloads.

    • Encrypts files and keyboard strokes.

    • Blocks access to webcam and microphone.

    • Scans for stolen personal information.

Authentication

  • Proving user identity.

  • Factors:

    • Something you know (password).

    • Something you have (mobile phone).

    • Something unique to you (biometrics).

Passwords and User Names

  • Restricts access to data or systems; should be strong and changed frequently.

  • Protection Measures:

    • Run anti-spyware software.

    • Change passwords regularly.

    • Use strong passwords.

      • Strong passwords should contain at least one capital letter, one numerical value, and one other keyboard character (such as @, *, &, etc.).

Biometrics

  • Using unique human characteristics to identify users.

  • Examples:

    • Fingerprint scans

    • Retina scans

    • Face recognition

    • Voice recognition

Fingerprint Scans

  • Compares fingerprint images against stored images.

  • Benefits:

    • Improve security

    • Difficult to replicate

    • Can't be lost or stolen

    • Can't be misplaced

  • Drawbacks:

    • Expensive to install

    • Affected by injuries

    • Potential privacy concerns

Retina Scans

  • Uses infrared light to scan blood vessel patterns in the retina.

  • Accuracy:

    • 1 in 10 million.

  • Table 5.3 shows a comparison of the benefits and drawbacks of the four common biometric techniques

Biometric Applications

  • Retina Scanner Example:

    • Scanned data sent to a microprocessor via an ADC (analogue-digital converter).

    • Microprocessor compares with database data.

    • Signal sent to unlock door via DAC (digital-analogue converter) and actuator if data matches.

Two-Step Verification

  • Requires two methods of authentication.

  • Example:

    • User logs in with username and password.

    • A one-time pass code is sent to the user’s mobile phone.

    • User enters the pass code to complete authentication.

Automatic Software Updates

  • Keeps software up-to-date with security patches and performance improvements.

  • Potential Issues:

    • Disruptions following installation.

Checking the Spelling and Tone of Communication and URLs

  • There are three actions you always you should take before opening emails or activating any links:

    • Check the spelling, a professional organisation will not send out emails which contain spelling or major grammatical errors

    • Carefully check the tone used in the email message; if it is rushing you into doing something or if the language used seems inappropriate or incorrect, then it could be a phishing email or worse.

  • Look out for:

    1. The email address itself; no legitimate company will use an email address such as: @gmail.com. Must check the part of the address after the '@' symbol

    2. The tone of the email and bad spelling of words is a clear indication of a potential scam.

    3. Suspicious Links; destination addresses should match the rest of the email. Check the destination to be sure is a secure website

    4. Other plain spelling mistakes

    5. misspellings of domain names intentionally to fool you known as typo squatting eg gougle ,amozon

Firewalls

  • Software or hardware that filters information between a user's computer and an external network.

  • Tasks:

    • Examine traffic between the user's computer and a public network.

    • Check data against criteria.

    • Block traffic and warn the user.

    • Log traffic.

    • Prevent access to undesirable sites.

    • Prevent viruses or hackers from entering the user's computer.

    • Warn the user if software is trying to access an external data source.

  • Limitations:

    • Cannot prevent individuals on internal networks from bypassing the firewall.

    • Cannot control employee misconduct or carelessness.

    • Users can disable the firewall.

Proxy Servers

  • Acts as an intermediary between the user and a web server.

  • Features:

    • Filters internet traffic.

    • Keeps user IP addresses secret.

    • Allows or denies access to web servers.

    • Blocks requests from certain IP addresses.

    • Prevents direct access to web servers.

    • Protects against hacking and DoS attacks.

    • Speeds up access to websites using a cache.

    • Can also act as firewalls.

Privacy Settings

  • Controls on web browsers, social networks, and other websites that limit access to a user's personal profile.

  • Refer To:

    • 'Do not track' settings.

    • Checks for saved payment methods.

    • Safer browsing alerts.

    • Web browser privacy options.

    • Website advertising opt-outs.

    • App location data settings.

Secure Sockets Layer (SSL)

  • A type of protocol (a set of rules) that allows data to be sent and received securely over the internet.

  • SSL encrypts data between the user's computer and the web server.

  • Indication:

    • https or a padlock icon in the status bar.

  • Use Cases:

    • Online banking and all online financial transactions

    • Online shopping/commerce

    • When sending software out to a restricted list of users

    • Sending and receiving emails

    • Using cloud storage facilities

    • Intranets and extranets (as well as the internet)

    • Voice over Internet Protocols (VOIP) when carrying out video chatting and/or audio chatting over the internet

    • Used in instant messaging

    • When making use of a social networking site.