4.1 Network Threats Flashcards
What is malware?
Malicous executable programs that run on a computer
Give examples of Malware
Viruses, worms, trojans, ransomware
What are viruses?
Code that infect computers
• They replicate their code in other programs
• They infect other computers
• They harm the computer by deleting, corrupting or modifying files
What are worms?
A worm replicates itself in order to soread to other computers
• They might cause no damage to the attacked computers
• They slow down networks and computers
What are Trojans?
Negative program code which causes damage, , takes control, or provides access to computers
What is ransomware?
Software that:
• Holds a computer hostage by locking or encrypting access to it
• If the data is encrypted, a cyber security specialist won’t be able to recover the data unless a backup is available
• Once a ransom is paid to the attacker, the computer might be restored
What are ways hackers can exploit technical vulnerabilities?
- Unpatched software - if software updates and security updates are not installed then the software will be vulnerable
- Out of date anti malware - if software such as antivirus , isn’t regularly updated then it won’t be able to detect the latest viruses
What is social engineering?
The ability to obtain confidential information by asking people for it
What is Shoulder Surfing?
The ability to get information or passwords by observing as someone types them in.
• CCTV
• Looking over someone’s shoulder
What is phishing?
Phishing is a type of social engineering technique where, emails, texts or phone calls are sent to users commonly pretending to be banks or websites. They try to steal information such as • Usernames • Passwords • Credit card details • Other personal information
Features of phishing attacks
Greetings aren't personlised Sender's address is often a variation of a genuine address Forged link and is not the exact link Request your personal details Rushed Poor spelling and grammar
Denial of Service
A hadker will use or infect a computer so that:
• it sends many requests to the server (flood)
• the server can’t respond fast enough so it slows down or goes offline
Distributed Denial of Service
Many computers are making requests to the server, not just one
Man in the middle attack
- A man in the middle attack (MITM) allows the attacker to intercept communications between the user and server. The attacker can then:
- eavesdrop to find passwords and personal information
- add different information to a web page or other communication such as email.
- Connecting to uncrypted Wi-Fi makes it easy to perform a MITM attack
Why shouldn’t you use a found free USB stick?
• It may contain malware that can steal data from your device
Data theft
Stealing private data
Threats from digital decices
- Data loss
- ‘Back doors’ to devices
- Frauds
Reeucing threats on mobile devices
- Use a strong password
- Make sure data is encrypted
- Do not follow special links
- Delete information before discarding
Brute Force Attacks
- A hacker will try every combination of password untill the correct password is found
- A computer program is designed to do this 1 million times a second
SQL
- Structured Query Language
* Database query language
SQL injection
• Using web forms to add SQL instructions to a query that cause data loss or the revealing of personal information
How to execute SQL Injection
- SQL Commands are inserted instead of ‘real’ data
* These can return or destroy valuable data
