5.3 Cyber Security Threats Flashcards
What is a virus?
- A virus is a program or piece of software
- It is a program that copies itself …
- … in order to damage or destroy files files
- Often causes the computer to crash
How can I protect myself from a virus?
- Install anti-virus software
- Don’t use software from uknown sources
- Be careful when opening attachments
What does antivirus software do?
- Scans files for virus
- Also checks data before it is downloaded
- Can constantly run in the background
- Can run scheduled scans
- Automatically updates virus definitions
- Can quarantine or delete a virus
What is a Spyware?
- Spyware is a program or piece of software
- It records the key presses on the users keyboard …
- … and sendsback the key presses to the creator
- Data can be analysed to find user passwords
How can I protect myself from spyware?
- Install anti-spyware software
- Input random characters (of a password)
- Use drop down menus (instead of key presses)
- Generate time sensitive pins that change regularly
What does anti spyware software do?
- Finds and removes spyware installed on a computer
- Stops the recording of key presses …
What is a Hacking?
- The act of gaining illegal access to a computer system …
- …without the owners consent or knowledge
How can I protect myself from hacking?
- Install anti-hacking software
- Use firewalls
- Use strong passwords
What are the consequences of hacking?
- Can lead to identity theft
- Can lead to the loss of personal information
- Data can be deleted, changed or corrupted
What is a hacker?
A person who tries to gain illegal access to a computer or a network
What is a cracker?
Someone who edits program source code usually for a malicious purpose
What is cracking?
The act of illegally changing the source code of a program so that it can be exploited for another use
Explain what is meant by a DOS attack
- Denial of Service (DoS) attack
- A large number of requests are sent to the network or server all at the same tim
- Designed to flood a network/server with useless traffic/requests
- The network/server will come to a halt trying to deal with all the traffic/requests
- Prevents users from gaining access to a website/server
What are the signs of a DOS attack?
- Slow network performance e.g. accessing websites
- Unable to access particular websites or files
How can you prevent a DOS attack?
- Using an up-to-date malware/virus checker
- Setting up a firewalls to restrict traffic to a server
- Applying email filters to manage unwanted spam.
- Be careful when opening attachments
What is a Phishing?
- Creator sends a legitimate looking email
- User then clinks on a link and they are sent to a fake website
How can I protect myself from phishing?
- ISP’s can filter out phishing emails
- Don’t click on links
- Look out for spelling errors
- Look out for lack of personalisation e.g. Dear customer
- Check the URL (link) is correct
What are the consequences of pharming?
- Steals personal data when user enters details
- This leads to fraud or theft
What are the consequences of phishing?
- Steals personal data when user enters details
- This leads to fraud or theft
What is a Pharming?
- Malicious code installed on a computer or web server
- Code redirects the user to a fake website
- Hacker can change IP address on the DNS server
How can I protect myself from Pharming?
- Install anti-spyware/virus software
- Check the URL of any links you click on
What is a Wardriving?
- Locating and using wifi connections illegally
- Equipment needed is a …
- Laptop
- Wireless Network Card
- Antenna to pick up wireless signals
How can I protect myself from Wardriving?
- Use of WEP encryption
- Strong password protection for router
- Use of firewall to prevent outside access
What are the consequences of wardriving?
- Steals a users download/data allowance
- Can access wireless network to steal personal data
What is a SPAM?
- Junk/ unsolicited email
- Sent to large numbers of people
How can I prevent SPAM?
- Use a spam filter
- Do not give out your email address
- Keep an eye out for tick boxes when signing up
What is SPAM used for?
- Advertising
- Spreading malware
What is a trojan horse?
A program which is often disguised as legitimate software
… but with malicious instructions embedded within it.
They need to be executed by the end user
Once installed they can steal personal information
Often used to install spyware/ransomware
Often arrive as message attachments
How can I protect myself from a trojan horse?
Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments
What is a worm?
Stand-alone malware that can self-replicate
Intention is to spread to other computers and corrupt networks
They replicate without being triggered by an end user (unlike virus’)
Often arrive as message attachments
How can I protect myself from a worm?
Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments
What is adware?
Attempts to flood the end-user with unwanted advertising
It can generate advertising pop-ups
It can hijack a browser and redirect it to promotional advertising
It can be difficult to identify using anti-malware software
How can I protect myself from adware?
Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments
What is ransomware?
Programs that encrypt data on a user’s computer …
… restricting access to the computer until a ransom is paid
The cybercriminal waits until the ransom money is paid …
… then , sometimes, the decryption key is sent to the user
How can I protect myself from ransomware?
Install anti-malware software
Don’t use software from unknown sources
Be careful when opening attachments
What is a DDoS attack
A distributed denial of service attack.
The spam traffic originates from many different computers
(making it harder to stop)
What is social engineering?
Manipulating people into breaking normal security procedures (e.g. giving away a password) …
… in order to gain illegal access to computer systems or to install malware
What human emotions do social engineers exploit?
- *Fear** - the user is panicked into believing their computer is in immediate danger
- *Curiosity** - they may find an infected memory stick lying around and try to use it
- *Trust**: a belief that genuine sounding companies and people are legitimate
Social Engineering - what are the 5 main types of threat?
- *Instant Messaging** - Malicious links are embedded into instant messages;
- *Scareware** - For example a pop-up message that claims that the users computer is infected with a virus;
- *Phishing scams** - Tricked to open a link in an email that redirects their browser to a fake website
- *Baiting** - The cybercriminal leaves a malware-infected memory stick somewhere where it can be found
- *Phone Calls** - an “IT professional” calls someone and pretends their device is compromised to get them to download malicious software
What is a brute force attack?
When a hacker tries to crack your password by …
… systematically trying all of the different possible combinations
To reduce the number of attempts you can
- Use a list of common passwords and try these
- Use a strong word list to generate passwords
