1.4.1 Common System Threats Flashcards
Why are networks attacked?
Personal, business and financial information is extremely valuable and traded between criminals around the world.
Stolen usernames and passwords allow criminals to access bank account and private info.
What is malware short for?
Malicious software
What is Malware?
A piece of software designed to break security and damage a system
What are the different types of malware?
Virus
Worm
Trojan
Spyware
Adware
Ransomware
Pharming
What is a virus?
A program hidden within another program or file, designed to cause damage to file systems
What is a worm?
A malicious program that acts independently and can replicate itself to spread between multiple connected systems.
Trojan
Installed by a user thinking its a legitimate piece of software when it will actually cause damage or provide access for criminals
Spyware
Secretly passes info onto a criminal without the user’s knowledge, often packed with free software
Adware
Displays targeted advertising and redirects search requests without permission
Ransomware
Limits or denies a user to access their system until a ransom is paid to unlock it
Pharming
The redirecting of a user’s website – by modifying their domain name server (DNS) entries – to a fraudulent site without their permission
What are computer users seen as withing any sytem?
Weak point
How does phishing pretend to be trusted organisations or contacts?
uses email, Text messages and phone calls to impersonate. Details gained can be used to access and steal from online accounts.
How have organisations tried to prevent phishing?
Agreed never to add click links within messages or contact users directly to confirm their personal info.
What is shouldering?
Technique of watching a user at an ATM and recording their PIN details
What is blagging?
carried out face to face and uses believable scenarios to trick people into giving up personal info
What is a brute force attack?
Repeatdly tries different usernames and passwords to access a system
What does DoS stand for?
denial of service
What is a denial of service attack?
tries to flood a website or network with data traffic to bring it to a halt. Such attacks are often used to demand a ransom or a change in policy.
What is data interception and theft?
method of intercepting and decoding a message containing sensitive info before it reaches it destination.
What is a SQL injection?
uses the same Structured Query Language used to manage large databases to attack them. Commands written in this language are used instead of usernames and passwords to access and steal private info.
