Chapter 11 Flashcards
FBI Wanted List for cyber Criminals
- had over 100 people on it
- each responsible for consumer loss ranging from $35000 to 100 million
Computer security is concerned with:
- risk management
- privacy (want to make sure all data is kept private)
- Integrity
- availability
of e information
Risk management
recognition, consequences, and assessment of risk to a computers assets
What percentage of employees steal data?
57%
How often does identity theft happen?
every 2 seconds
whats a hacker
someone who attempts to invade or disable a computer’s security measures and then to steal the computer resources at their leisure
unsecured computer
extremely easy to breach, especially by a seasoned hacker. Many times these computers are connected to the Internet, so they receive emails with malicious attachments like viruses, worms, and malware.
What is the average time to identify a computer breach?
207 days for a company to identify
how many reports of identity theft did FTC receive
11 million
What percentage of Americans have never checked to see if their data was breached?
64%
What percentage of funds that are stolen are not recoverable?
68%
Most common type of threats
-most common is use of stolen cards then followed by ransomware and phishing
- average smart home could be at risk of more than 12,000 hacker attacks in 1 week
- 43% of all breaches are insider threats either intentional or unintentional
- over 24 billion passwords were exposed by hackers in 2022 and 64% pf passwords only contain 8-11 letters
Hacker facts
- only need internet and a computer
- events held called hackathons
- not all hackers are paid
- look to steal information
3 things hackers look for
- information
- places to store information other than their own computer
- processing power
types of hackers
- white hat hackers
- black hat hackers
- script kitties
- Cracker
- hactivist
- cyberterrorist
How do you keep hackers out
- firewall
- virus utilities
- strong passwords
firewalls
- kept unauthorized users out
-specialized hardware and software working together that ensures that only authorized personnel and employees within a business can use its Intranet.
proxy server
communications in or out of an intranet pass through a special security computer
“default-deny”
firewall rule set in that the only network connections that are permitted are the ones that have been explicitly allowed
“default-allow”
rule set in that all traffic is allowed unless it has been specifically blocked
Worms
- self replicating
-send copies of themselves to other parts of the network without user knowing
Trojan horses
-seems harmless and possibly interesting at first until it is executed.
-
Denial-of-service attack (DOS)
attacks target entire networks making them unavailable to users
causes:
-loss of revenue
- have to get an IT team costs money
- spending and wasting valuable time trying to fix it
- lose customer trust
What should a workplace policy consist of?
- best practices
- code of conduct
- mobile phone usage
- smoking, drugs, alcohol, vaping
- track employees (error rate, arrival times, break times, etc)
- transactions process
- website visiting and surfing
what should an internet policy consist of?
- business monitors computers to see what youre looking up
- monitor what you access on your computers
what should privacy policy consist of?
- most companies ask for pin numbers to verify its the correct person
reverse phishing/keylogging
keylogging is when perpetrators log into your computer and get access to it from anywhere
reverse phishing is they come to your computer and install a program
what is internet fraud
any type of fraud that is over the world wide web, takes place through emails, websites, etc.
click fraud
deals with advertising, tries to manipulate the system to get paid from click ads of others
purchase scam
a buyer (typically from another country) asks to purchase something with a credit card once items are shipped the credit card is cancelled
dumpster diving
diving into a dumpster to look for your information
data diving
websites like amazon, netflix, yahoo, etc collect your data to try and understand it and evaluate it to suggest more things similar to what you normally buy or watch
how to protect yourself
“SCAM”
- Stingy with information
- Check your financial records
- Ask for credit reports
- Maintain careful records
shoulder surfing
a criminal in a public place can simply glance over victims shoulder and get their phone number, password on laptop, credit card #, etc.