B1 Threats to data Flashcards
Why might an organisation have their system attacked?
Information can be sold to competition of the organisation or customer details can be stolen and used in identity theft.
Some people enjoy the challenge of breaking into a system. They get credibility for their achievement from other hackers.
This can motivated as an attack on an organisation or can be carried out as a challenge. It often is carried out by preventing access to on-line services i.e. DoS attack
Somebody will attack the system as a form of revenge on the organisation e.g. an ex-employee.
Often ransomware is used in an attempt to force organisations to pay money in order to have access to their files/system.
To steal from the company, usually designs and other business ideas.
What is a black hat hacker?
A black hat hacker will gain access to a computer system without permission
The hacker looks for vulnerabilities in a computer system. They the use this as a way into the system, with the intent to cause disruption or for financial gain
Black hat hacking is illegal
What is malware?
Malicious software
Ransomware
Malware which stops the user having access to their data unless a ransom is paid. Some malware encrypts files.
Rootkit
Malware often hidden in the operating system of the computer. They are useful to intercept data from network connection and also what is typed in from the keyboard.
Virus
A program which is installed to stop a computer working or to effect the operation of a computer. It is often installed via email or other programs. Once on the computer the virus can replicate itself.
Trojan horse
Often disguised as legitimate software, the software enables hackers access to a computer and hence the data it contains.
Spyware
Malware which allows information to be collected about a person e.g. usernames and passwords.
Worms
A program that replicates itself across computers, via network connections.
They can be used to turn computers into bots, or allow access for other malware.
BOTNET
A NETwork of computers, each called a BOT, which are used to transmit a virus or launch attacks on networks/computers.
The Bot can take control over the infected computer:
It might be infected with malware e.g. keyloggers, this would make it possible to access data or passwords
It might sit on a computer until the creator wants to use it
It might collect data from a business
Denial of service attacks
A website is made unavailable, as it is unable to cope with the large amount of traffic visiting the site
This type of attack is usually committed against organisations who are reliant on their website to function on a day to day basis e.g. banks or large online retailers
A botnet is often used to create fake requests to the website, thus not leaving any capacity for the system to deal with legitimate traffic
Reasons for DoS
High profile companies often targeted to cause disruption and prevent them from trading leading to a loss of revenue
Some hackers will cause DoS to prove they can, this could damage the reputation of the business leading to a loss of customers
Phishing
When an individual or organisation receives an email, text or phone call from somebody who pretends to be from an organisation e.g. a bank
The aim is to get the recipient to give out sensitive details, e.g.
bank details
passwords
access to computers
Pharming
An internet user is directed from what they believe to be a legitimate site to a bogus site
Once at the bogus site personal details, for example passwords and credit card details can be obtained
Social engineering
A criminal will set up a scenario, pretending to be from a legitimate organisations
They will try to collect the information that they require by gaining the trust of the person they are talking to
Often they take the form of telesales people or people working on a help desk
