1.4 Malware and protection Flashcards
What is malware
Any software that has been created with malicious intent to cause harm to a computer system
Virus
A program which can replicate itself on a user’s computer. It contains code that will cause unwanted and unexpected events to occur
Examples of issues a user may experience are:
* Corrupt files
* Delete data
* Prevent applications from running correctly
Worms
Worms are very similar to viruses, with the main difference being that they will spread to other drives and computers on the network
Worms can infect other computers from:
* Infected websites
* Instant message services
* Email
* Network connection
Trojan
Trojans disguise themselves as legitimate software but contain malicious code in the background
Spyware
Software which will allow a person to spy on the users’ activities on their devices
This form of software will be embedded into other software such as games or programs that have been downloaded from illegitimate sources
Spyware can record your screen, log your keystrokes to gain access to passwords and more
Ransomware
A form of malware that locks your computer or device and encrypts your documents and other important files
Often a demand is made for money to receive the password that will allow the user to decrypt the files
There is no guarantee paying the ransom will result in the user getting their data back
What is social engineering
Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them
Phishing
Sending fraudulent emails to a large number of email addresses, claiming to be from a reputable company or trusted source to try and gain access to your details, often by coaxing the user to click on a login button
Brute force attack
A brute force attack works by an attacker repeatedly trying multiple combinations of a user’s password to try and gain unauthorised access to their accounts or devices
A second form of this attack, commonly used for passwords is a dictionary attack
This method tries popular words or phrases for passwords to guess the password as quickly as possible
DoS / DDoS
A Denial of Service Attack (DoS attack) occurs when an attacker repeatedly sends requests to a server to flood the server with traffic, causing it to overload the system
The server will slow down to the point of becoming unusable
DDoS:
This works in a s similar way to a DoS attack, with the main difference being that the traffic comes from multiple distributed devices in a coordinated attack on a single server/network
Purpose of a DoS attack
A DoS attack will prevent customers from accessing or using a service
This will result in companies losing money and not being able to carry out their daily duties
A DoS attack can cause damage to a company’s reputation
SQL injection
SQL injection is entering an SQL command into a web text field to manipulate the SQL query
The goal is to insert, modify or delete data from the database
Penetration testing
Penetration testing is a method of preventing vulnerabilities whereby a company employ people to try and hack their network and databases
Protects against SQL injection + brute force attack
Anti-Malware software
Anti-malware software is a term used to describe a combination of different software to prevent computers from being susceptible to viruses and other malicious software
How does anti-malware software work
Anti-malware scans through email attachments, websites and downloaded files to search for issues
Anti-malware software has a list of known malware signatures to block immediately if they try to access your device in any way
Anti-malware will also perform checks for updates to ensure the database of known issues is up to date
Protects against any malware
User access levels
Administrators: Unrestricted - Can access all areas of the network
Teaching Staff: Partially restricted - Can access all student data but cannot access other staff members’ data
Students: Restricted - Can only access their own data and files
What do firewalls do
- Separate a trusted network from an untrusted network (normally the Internet)
- Data is sent around a network in small packets of information
- These packets are checked to see where they are coming from and going to (incoming and outgoing packets)
- Packets that don’t match filtering rules are dropped
- This is known as a packet filter
How do firewalls help and disadvantages
- Prevents unauthorised access (hacking)
- Can block certain malicious computers by filtering packets from a certain IP (Internet Protocol) address
- Can prevent access to certain ports on the network.This is known as port blocking
- Malicious or inappropriate websites can be blocked
- Dedicated hardware firewalls are expensive
- Software firewalls may slow down a computer
