Chapter 5.3 - cyber security threats Flashcards
What is:
Cyber security
Processes, policies, and practices designed to protect agianst any threats or unauthorised access to networks, computers, programs or data.
A combinasion of strategies are designed to give a robust defense
What are the different:
Categories of attack
- Hacking
- Brute force attacks
- Data interception and theft
- Malware: Spyware and pharming
- Social engineering: phising, shouldering, suspicious links
What are the different:
Forms of defences
cyber security,
- Firewall
- encryption
- physical locks
- passwords
- network policy
- user awarness of phising ‘clues’
- concealing your password or PIN entry
- Strong passwords with limited attempts allowed
- anti-malware/ anti-spyware software
- Checking the URL, making sure the site says HTTPS, not HTTP, as well as using a trusted internet service provider
- Hovering over a suspicious link revealing the destination before clicking it
What is:
Malware
a malicious software written to cause inconvenience or damage to programs or data
Different forms of:
Malware
- Viruses and worms
- trojan horse
- ransomware and adware
- distributed denial of service (DDOS) attack
What are:
Viruses and worms
- A virus is a program installed on a computer without the user’s knowledge/permission with the purpose of doing harm and relies on a host file to spread itself to other computers
- A worm is similar except it replicates itself and uses’ up the computer’s resources
What is a:
Trojan horse
- Pretends to be a normal file with a legitimate purpose wich has another, and when the link is clicked it can give unauthorised access to a computer for example
- Cannot replicate itself, but has a lot of flexibility on its purpose.
What is:
Ransomware
- Malware that encrypts a victims file.
- A ransom is demanded so that the user can decrypt the files, which is usually paid in digital currencies such as bitcoin
What is:
Adware
- Malware that displays onscreen advertisments.
- May not be dangerous but can redirect the browser to an unsafe site or contain spyware
What is:
Spyware
Allows a user to gather activity, passwords and payment information from another user’s computer
What is:
Distributed Denial of service attack
- an attack which targets a server with a lot of requests.
- multiple interconnected devices makes a botnet
- This leads to the server crashing as there are too many requests
- real requests cannot be determined and seperated from the false so there is a denial or service
What are the different methods to:
Keep data safe
7
- Biometrics
- two step verification
- passwords
- automatic software updates
- Secure Socket layer (SSL) protocol
- Privacy settings
- Proxy servers
What are:
Biometrics
- pre-recorded human characteristics
- Methods are:
- Facial recognition
- Iris and retina scanners
- fingerprint or palm recognition
- voice recognition
This is compared to the ones of the person trying to enter the phone. The user is let in if it is the same
What is:
Two-step verification
- Two authentication methods
- e.g. a 4digit code sent in a text message to the phone as part of the login method
How to effectively use:
Passwords
- Change them regularly
- use different ones on each website
- use a mixture of characters numbers and symbols
- Have a long password
