Chap 5.2 - The internet & its uses (cyber security threats) Flashcards
8 cyber security threats
-DDos
-Malware
-Hacking
-Pharming
-Phishing
-Social engineering
-Brute force attack
-Data interception
What is brute force attack
a type of cyber security attack that tries to guess the user’s password using all possible combination of characters
How is brute force attack done
uses a program that automatically generates and tests different passwords until the right one is found
how does quality of password affect the effectiveness of brute force attack
weak password - effective
strong password - time- consuming
2 ways to reduce number of attempts for brute force attack
-check is password is one of the common ones
-use a strong words list
What is data interception
type of cyber security attack where transmitted data is stolen
how do you make brute force attack harder
-change passwords frequently
-long passwords with variation of characters
How is data interception done
-packet sniffer
-packet injection
-Man in the Middle ( MITM)
-wardriving / Access Point Mapping
what does packet sniffers do
examine data packets transmitted over a network
is packet sniffing done in wireless or wired network
both
what does packet injection do
forging data packets and sending them back in the network
why is packet injection used
-to intercept/ disrupt transmitted data packets
-causes network quality to degrade - blocks user from accessing network resources
what does Man in the Middle do (MITM)
hacker secretly intercepts data between 2 people who think they are communicating directly
what does wardriving/ Access Point Mapping do
-intercepting data from a wireless network using a device, antenna, GPS device and software outside the building
ways to safe guard from data interception
-have complex passwords to protect wireless router
-don’t use free public wifi
-us Wired Equivalence Privacy protocol (WEP)
-use a firewall
What does Wired Equivalency Privacy protocol do
- encrypts wifi transmission - makes data incomprehensible to hacker
What is hacking
a type of cyber attack that involves gaining unauthorised access to a computer system or network
how is hacking done
- social engineering
-exploits vulnerabilities in computer system or network
What is the limitation of encrypting data form hacking
it doesn’t prevent hacker from corrupting files but it makes data incomprehensible
what can hacking do
-change data
-delete or pass on data
How do you prevent hacking
-use firewalls
-use proxy server
-frequently change passwords
-use strong passwords
what is ethical hacking
hackers are paid to test company’s systems
What is DDoS
-Distributed denial of services
-type of cyber security attack that overwhelms website/ server with traffic using many botnets
how is DDoS done
-using useless spam traffic - when server is overwhelmed by attackers useless requests to prevent service to user’s legitimate request
-botnet - spam traffic comes from different computers controlled by the attacker
why does useless spam traffic work
-server can only handle a finite number of requests
what does DDoS do to user
-prevents users access to emails, websites, online services
3 signs of DDoS attacks
-slow network performance
-unable to access websites
-spam emails
how to reduce DDoS
-use an up to date anti- malware
-firewall to restrict traffic
-email filters to filter unwanted emails
What is phishing
-deceptive messages, text, calls to lure user to fake websites to login in their details
what is must be done for phishing to work
user must initiate at attack
what do phishing messages usually have
-appear to be trust worthy
-create panic and fear in user to make them act without thinking
-have typos/ grammatical errors
what is spear phishing
phishing done to specific people
How to prevent phishing
-don’t click on links/ emails until total certainty that it’s safe
-look for secure website protocol
-run anti- phishing tools bar
what is pharming
type of cyber security attack where computer’s system or DNS is manipulated to redirect user to a fake website
what is the difference between pharming and phishing
pharming does not need user to initiate attack
How is pharming done
-malware
-DNS cache poisoning
what does DNS cache poisoning do
- changes real Ip address of URL to the one of the fake website
What does malware do (pharming)
-alters the host’s files that map domain names to Ip address to direct user to fake website
How to prevent Pharming
-use anti- virus software
-check website for correct address
-look for secure protocol
difference btw phishing & pharming
-phishing tricks people to provide info through fake emails/ websites but pharming redirect users to fake websites without their knowledge
-phishing needs user to interact but pharming exploit vulnerabilities to redirect users
What is social engineering
-manipulating users into revealing information or taking action
-to gain illegal access to comp or put malware
-try to impersonate or create a fake situation so they can scare or give advise on
5 ways social engineering is used
-instant messages
-phone calls
-bait
-scareware
-email/ phishing scams
how is instant messaging used in social engineering
attacker send message to user to click malicious link
how is scareware used in social engineering
-message with a fake situation is sent to user to scare them into initiating the attack without thinking
how is baiting used in social engineering
clickbait - user is tricked into clicking link and gets nothing in return
pen drive bait - user plugs in malware infected memory stick that was intentionally left by attacker
how is emails/ phishing scams used in social engineering
-user is tricked into opening an email and is redirected to a fake website
how is phone calls used in social engineering
attacker advises user on fake situation to get information out of them
What is tactics do social engineering have
-impersonating
-create urgency and fear to make user act without thinking
-scarcity and opportunity - offering details to get user’s information
What is malware
a type of software designed to harm a computer’s system
6 types of malware
-virus
-worm
-torjan horse
-adware
-ransomware
-spyware
what is a virus and how does it work
-program that replicates itself to damage files or malfunction user’s computer
-needs an active host
sent as emails, infected websites or software to be downloaded
what is a worms and how does it work
-standalone virus that replicate itself to spread to other computers
-doesn’t need and active host
-rely on security failures to move through the network
-one infect computer can infect the whole network
what is a spyware and how does it work
software that records all key presses & transmits these to a third party
what is a adware and how does it work
-software that flood user’s computer with ads
-usually as pop- up
-hard to remove - difficult to determine its harmfulness by anti- malware
-hijacks browser and creates it own defult search requests
-shows weakness in computer’s system which may be exploited by other malware
what is a ransomware and how does it work
-program that encrypts user’s data until money is paid
-installed on computer through a torjan horse or social engineering
what is a trojan horse and how does it work
-programs disguised as legitimate softwares
-need an active host
-spyware and ransomware often installed though this
5 ways to target and attack intended victim
-spear phishing- use deceptive calls, links and messages
-ransomware- encrypt user’s data, demand money to decrypt it
-malware infected memory sticks- put in comp to infect comp
-instant messaging- malicious links
-scareware- fake antivirus softwares
