Computers 💻 | Cyber S̸̈ẻ̸c̴̒ǘ̶̫r̷̋i̵̗̔ţ̸̍y̴̝̅| 5.2 Flashcards
List some examples of cyber security threats.
- Brute-force attack
- Data interception
- Distributed denial of service (DDoS) attack
- Hacking
- Malware (virus, worm, Trojan horse, spyware,
adware, ransomware) - Pharming
- Phishing
- Social engineering
Define brute-force attack
A ‘trial and error’ method used by cybercriminals to crasck passwords by finding every possible combination of letters, numbers, and symbols until the password is found
Describe how a brute force attack tries to crack a password in a reduced number of attempts
- Start by cheecking if the password is one of the most common ones used
- If not, start with a strong word list
Define word list
A text file containing a collection of words used in a brute force attack
Define data interception
An attempt to eavesdrop on a wired or wireless network transmission
Define packet sniffer
A method used by a cybercriminal to examine data packets being sent over a network and to find the contents of a data packet, which are sent back to the cybercriminal
Define wardriving
Using a laptop, antenna, GPS device and software to intercept Wi-Fi signals and illegally obtain data
Name two methods of data interception
- Packet sniffing
- Wardriving
Define Wired Equivalency Privacy
(WEP)
An algorithm for wireless networks to protect them against data interception
What are some ways to prevent data interception?
- Encryption
- Using WEP encryption protocol
- Using a firewall
- Using complex passwords for routers
- Not using public Wi-Fi due to no data encryption
Define Denial of Service
(DOS)
A cyberattack in which crybercriminals seek to disrupt the normal operation of a website by flooding it with requests
What is the purpose of DOS?
To prevent users from accessing part of a network
What does DoS commonly try to prevent users from accessing?
- Emails
- Websites/webpages
- Online services such as banking
How does a DoS attack prevent a website from operating?
The server can only handle a finite number of requests. So if it becomes overloaded by an attacker sending out thousands of requests, it cannot service a user’s legitimate request
What does DDoS stand for?
Distributed Denial of Service
How does a DDoS differ from a DoS?
In a DDoS attack, the spam traffic originates from many computers, making it difficult to block the traffic
How does a DoS attack target emails?
- An attacker sends many spam emails to an email account
- As ISPs only allow a specific data quota for each user, it clogs up the account
- The user cannot recieve legitimate emails
In what ways can a website or user guard against a DoS attack?
- Use an upto date malware checker
- Set up a firewall to restrict traffic to and from the web server or user’s computer
- Apply email filters to filter out unwanted traffic such as spam
What signs may signify a DoS attack?
- Slow network performance
- Inability to access certain websites
- Large amounts of spam emails reaching user’s email account
Define hacking
The act of gaining illegal access to a computer system without the owner’s permission
Why can’t encryption prevent hacking?
It makes the data meaningless to the hacker but it doesn’t stop them from deleting, corrupting, or passing on the data
How can hacking be prevented?
- Firewalls
- Anti-hacking software / intrusion detection
- Frequently changed strong password
Define ethical hacking
When companies authorise paid hackers to check out their seurity measures and test how tobust their computer systems are to hacking attacks
Define malware
Programs installed on a user’s computer with the aim of deleting, corrupting, or manipulating data illegally
List the types of malware.
- Viruses
- Worms
- Trojan horse
- Spyware
- Adware
- Ransomware
Define virus
A program or progam code that replicates itself with the intention of deleting or corrupting files, or by causing the system to malfunction
Define active host
Functioning software that a virus can affect by attatching itself to the code or by altering the code to allow the virus to carry out its attack
What are some ways in which a virus can cause a computer to malfunction?
- Corrupting important files
- Deleting .exe files
- Filling up the hard drive with ‘useless’ data
How can viruses be avoided?
- Don’t open emails from unknown sources
- Don’t install non-original software
- Don’t download unknown email attatchments
- Always run an up-to-data virus scanner
Define worm
A standalone type of malware that can self-replicate.
How do worms differ from viruses?
Unlike viruses, worms don’t need an active host; they can spread throughout a network without the need for any action by an end-user
How do worms spread?
They remain inside applications allowing them to move thoughout networks. Rather than targeting specific files, they rely on security failures in networks
How do worms frequently arrive to users?
As messager or email attatchement: one email opened may infect the whole network
Define Trojan Horse
A type of malware that is designed to look like legitimate software but contains malicious code that can cause damage to a computer system
Why can security measures such as firewalls often be useless against trojan horses?
Trojan horses rely on tricking the end user, so such security systems can be overridden when users initiate the running of malware
Define spyware
A type of malware that gathers information by monitoring a user’s activities on a computer and sends the gathered information back to the cybercriminal who sent out the spyware
What kind of data does spyware try to capture?
Bank account numbers, passwords, credit card numbers
Define adware
A type of malware that attempts to flood the end-user with unwanted advertising
Despite adware not necessarily being harmful, what are the concerns surrounding it?
- It highlights weaknesses in the user’s security defences
- It can be hard to remove, as most anti-malware software do not know if it is harmful
- It can hijack a browser and create its own default search requests
Define ransomware
A type of malware that encrypts data on a user’s computer and ‘holds the data hostage’. A decryption key is sent to the user if they pay a sum of money
Define phishing
Sending out legitimate-looking emails designed to trick the recipients into giving their personal details to the sender of the email
How can users avoid phishing?
- Be aware of new phishing scams
- Not click on email links unless totally certain it is safe to do so
- Run anti-phishing toolbars on browsers
- Always look out for https in address bar
- Regularly check online accounts and passwords
- Use an up-to-date browser and a good firewall
- Be wary of popups and block them
Define pharming
Redirecting a user to a fake website in order to illegally obtain personal data about the user without their knowledge
How does pharming differ from phishing?
The user doesn’t need to take any action for it to be initiated - the website merely redirects
What method is often used by pharmers to redirect users to a fake website?
DNS cache poisoning
How does DNS cache poisoning work?
Changing the real IP addresses on a DNS server so that the user’s computer redirects to a fake website
How can the risk of pharming be mitigated?
- Use of antivirus software to detect unauthorised alterations to a website address
- Using a modern browser that alertts the user of such an attack
- Checking the spelling of website
- Making sure websites are https
Define social engineering
Manipulating people into breaking normal security procedures in order to gain illegal access to computer systems or place malware on the computer
List some examples of social engineering threats
- Malicious links in instant messages
- Scareware: popup messages telling the user they are infected
- Emails that trick the user with how genuine it is
- Baiting: leaving a malware-infected memory stick somewhere it can be found
- Phone calls: “IT professionals” calling users and claiming their device is compromised
Define access levels
Different levels of access in a computer system allowing a hierarchy of access levels depending on user’s level of security
How do access levels improve security?
Only the trusted administrator will have the rights to delete important files, have access to vital data, etc.
Others will not have those rights but still be able to use the computer
Define anti-spyware
Software that detects and removes spyware programs installed on a system; the software is based on typical spyware rules or known file structures
How does an anti-spyware based on rules work?
The software looks for typical features usually associated with spyware
How does an anti-spyware based on file structures work?
The software looks for file structures generally associated with potential spyware
What are the general features of anti-spyware?
- Detect and remove malware already on device
- Prevent a user from downloading spyware
- Encrypt files to make the data more secure in case it is spied on
- Encrypt keyboard strokes to remove the risk poised by keylogging
- Blockin acceess to webcam and microphone
- Scanning for signs that the user’s personal information is stolen, warning the user
Define authentication
The process of proving a user’s identity by using something they know, have, or is unique to them
What features does a strong password contain?
- At least one capital letter
- At least one numerical value
- At least one other keyboard character
What are the methods of authentication?
- Username and password
- Biometrics
What are some examples of biometrics?
- Fingerprint scans
- Retina scans
- Face recognition
- Voice recognition
Define biometrics
Type of authentication that uses a unique human characteristic
Explain how fingerprint scans work
- Images of fingerprints are compared against previously scanned fingerprint images stored in a database. If they match, the user has been correctly recognised.
- The system compares patterns of ‘ridges’ and ‘valleys’
What are the benefits of fingerprint scanning as a biometric?
- Fingerprints are unique
- Other security devices like magnetic cards can be stolen, but u cant steal a finger
What are the drawbacks of fingerprint scanning?
- Relatively expensive to install and set up
- If a person’s fingers are damaged via injury it may effect scanning accuracy
Explain how a retina scan works.
Infrared light is used to scan the unique pattern of blood vessels in the retina.
What are the benefits of retina scanning?
- Very high accuracy
- No known way to replicate a person’s retina
What are the drawbacks of retina scans?
- Very intrusive
- Can be relatively slow to verify retina scan
- Very expensive
What are the benefits of face recognition?
- Non intrusive method
- Relatively inexpensive technoloy
What are the drawbacks of face recognition?
- Can be affected by lighting, age, hair, glasses, etc.
- Can be fooled with a picture sometimes
What are the benefits of voice recognition?
- Non-intrusive method
- Quick verification
- Relatively inexpensive
What are the drawbacks of voice recognition?
- Person’s voice can be easily recorded and used for unauthorised access
- Low accuraccy
- An illness can change a person’s voice
Define two-step verification
A type of authentication that required two methods of verification to prove the identity of the user
How is the second step of two-step verification often carried out?
A one-time pass code is sent to the user, after they enter a password, via email or app, and the code is entered to verify the authenticity
What are automatic software updates?
Software on computers an mobile phones or tablets that is kept up-to-date.
How are automatic software updates important?
They may contain patches to improve the software security or performance.
What actions can users take to determine the genuinity of emails or websites?
- Watching for spelling or grammatical errors
- Making sure the tone of the email is appropriate
Define firewall
Software or hardware that sits between a computer an an external network. The firewall monitors and filters all incoming and outgoing traffic
List the tasks carried out by a firewall.
- To examine the traffic between user’s computer and a public network
- Checks whether incoming or outgoing data meets a given set of criteria; blocking if not.
- Logging all incoming and outgoing traffic to allow later interrogation by the user
A firewall can either be …
hardware or software
In what circumstances is a firewall ineffective?
- When individuals use their own hardware devices to bypass the firewall
- Employee misconduct
- When users on standalone computers choose to disable the firewall
Define proxy servers
A server that acts as an intermediary server through which internet requests are processed; it ooften makes use of cache memory to speed up webpage access
What are the features of a proxy server?
- Can filter internet access
- Keeps user IP address secret
- Blocking requests from certain IP addresses
- Preventing direct access to a web server by sitting between the user and the web server
- If an attack is launched such as DoS, it hits the proxy server instead
- Using cache, it can speed up access to data from a website
- Can act as a firewall
Define privacy settings
Controls available on social networking and other websites which allow users to limit who can access their profile
What are some examples of privacy settings?
- ‘do not track’ setting
- A check to see if payment methods are saved on websites
- Web browser privacy options - history and cookies
- Website adveritising opt-outs
- Sharing of location data or not
Define Secure Sockets Layer
(SSL)
A security protocol used when sending data over a network such as the internet
How does SSL work?
Whe a user logs onto a website SSL encrypts the data so only the user’s computer and the web server can make sense of what is being transmitted. The padlock symbol in the status bar shows this.
Define SSL certificate
A form of digital certificate which is used to authenticate a website; providing the SSL certificate can be authenticated, any communication or data exchange between browser and website is secure
