5.3 Cyber Security Threats

Question 1

What is a virus?

Answer 1

• A virus is a program or piece of software
• It is a program that copies itself …
  
  • … in order to damage or destroy files files
• Often causes the computer to crash

Question 2

How can I protect myself from a virus?

Answer 2

• Install anti-virus software
• Don’t use software from uknown sources
• Be careful when opening attachments

Question 3

What does antivirus software do?

Answer 3

• Scans files for virus
• Also checks data before it is downloaded
• Can constantly run in the background
• Can run scheduled scans
• Automatically updates virus definitions
• Can quarantine or delete a virus

Question 4

What is a Spyware?

Answer 4

• Spyware is a program or piece of software
• It records the key presses on the users keyboard …
  
  • … and sendsback the key presses to the creator
• Data can be analysed to find user passwords

Question 5

How can I protect myself from spyware?

Answer 5

• Install anti-spyware software
• Input random characters (of a password)
• Use drop down menus (instead of key presses)
• Generate time sensitive pins that change regularly

Question 6

What does anti spyware software do?

Answer 6

• Finds and removes spyware installed on a computer
• Stops the recording of key presses …

Question 7

What is a Hacking?

Answer 7

• The act of gaining illegal access to a computer system …
  
  • …without the owners consent or knowledge

Question 8

How can I protect myself from hacking?

Answer 8

• Install anti-hacking software
• Use firewalls
• Use strong passwords

Question 9

What are the consequences of hacking?

Answer 9

• Can lead to identity theft
• Can lead to the loss of personal information
• Data can be deleted, changed or corrupted

Question 10

What is a hacker?

Answer 10

A person who tries to gain illegal access to a computer or a network

Question 11

What is a cracker?

Answer 11

Someone who edits program source code usually for a malicious purpose

Question 12

What is cracking?

Answer 12

The act of illegally changing the source code of a program so that it can be exploited for another use

Question 13

Explain what is meant by a DOS attack

Answer 13

• Denial of Service (DoS) attack
• A large number of requests are sent to the network or server all at the same tim
• Designed to flood a network/server with useless traffic/requests
• The network/server will come to a halt trying to deal with all the traffic/requests
• Prevents users from gaining access to a website/server

Question 14

What are the signs of a DOS attack?

Answer 14

• Slow network performance e.g. accessing websites
• Unable to access particular websites or files

Question 15

How can you prevent a DOS attack?

Answer 15

• Using an up-to-date malware/virus checker
• Setting up a firewalls to restrict traffic to a server
• Applying email filters to manage unwanted spam.
• Be careful when opening attachments

Question 16

What is a Phishing?

Answer 16

• Creator sends a legitimate looking email
• User then clinks on a link and they are sent to a fake website

Question 17

How can I protect myself from phishing?

Answer 17

• ISP’s can filter out phishing emails
• Don’t click on links
• Look out for spelling errors
• Look out for lack of personalisation e.g. Dear customer
• Check the URL (link) is correct

Question 18

What are the consequences of pharming?

Answer 18

• Steals personal data when user enters details
• This leads to fraud or theft

Question 19

What are the consequences of phishing?

Answer 19

• Steals personal data when user enters details
• This leads to fraud or theft

Question 20

What is a Pharming?

Answer 20

• Malicious code installed on a computer or web server
• Code redirects the user to a fake website
• Hacker can change IP address on the DNS server

Question 21

How can I protect myself from Pharming?

Answer 21

• Install anti-spyware/virus software
• Check the URL of any links you click on

Question 22

What is a Wardriving?

Answer 22

• Locating and using wifi connections illegally
• Equipment needed is a …
  
  • Laptop
  • Wireless Network Card
  • Antenna to pick up wireless signals

Question 23

How can I protect myself from Wardriving?

Answer 23

• Use of WEP encryption
• Strong password protection for router
• Use of firewall to prevent outside access

Question 24

What are the consequences of wardriving?

Answer 24

• Steals a users download/data allowance
• Can access wireless network to steal personal data

Question 25

What is a SPAM?

Answer 25

• Junk/ unsolicited email
• Sent to large numbers of people

Question 26

How can I prevent SPAM?

Answer 26

• Use a spam filter
• Do not give out your email address
• Keep an eye out for tick boxes when signing up

Question 27

What is SPAM used for?

Answer 27

• Advertising
• Spreading malware

Question 28

What is a trojan horse?

Answer 28

A program which is often disguised as legitimate software
… but with malicious instructions embedded within it.
They need to be executed by the end user
Once installed they can steal personal information
Often used to install spyware/ransomware
Often arrive as message attachments

Question 29

How can I protect myself from a trojan horse?

Answer 29

Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments

Question 30

What is a worm?

Answer 30

Stand-alone malware that can self-replicate
Intention is to spread to other computers and corrupt networks
They replicate without being triggered by an end user (unlike virus’)
Often arrive as message attachments

Question 31

How can I protect myself from a worm?

Answer 31

Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments

Question 32

What is adware?

Answer 32

Attempts to flood the end-user with unwanted advertising
It can generate advertising pop-ups
It can hijack a browser and redirect it to promotional advertising
It can be difficult to identify using anti-malware software

Question 33

How can I protect myself from adware?

Answer 33

Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments

Question 34

What is ransomware?

Answer 34

Programs that encrypt data on a user’s computer …
… restricting access to the computer until a ransom is paid
The cybercriminal waits until the ransom money is paid …
… then , sometimes, the decryption key is sent to the user

Question 35

How can I protect myself from ransomware?

Answer 35

Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments

Question 36

What is a DDoS attack

Answer 36

A distributed denial of service attack.
The spam traffic originates from many different computers
(making it harder to stop)

Question 37

What is social engineering?

Answer 37

Manipulating people into breaking normal security procedures (e.g. giving away a password) …
… in order to gain illegal access to computer systems or to install malware

Question 38

What human emotions do social engineers exploit?

Answer 38

• *Fear** - the user is panicked into believing their computer is in immediate danger
• *Curiosity** - they may find an infected memory stick lying around and try to use it
• *Trust**: a belief that genuine sounding companies and people are legitimate

Question 39

Social Engineering - what are the 5 main types of threat?

Answer 39

• *Instant Messaging** - Malicious links are embedded into instant messages;
• *Scareware** - For example a pop-up message that claims that the users computer is infected with a virus;
• *Phishing scams** - Tricked to open a link in an email that redirects their browser to a fake website
• *Baiting** - The cybercriminal leaves a malware-infected memory stick somewhere where it can be found
• *Phone Calls** - an “IT professional” calls someone and pretends their device is compromised to get them to download malicious software

Question 40

What is a brute force attack?

Answer 40

When a hacker tries to crack your password by …
… systematically trying all of the different possible combinations

To reduce the number of attempts you can

• Use a list of common passwords and try these
• Use a strong word list to generate passwords