cyber security Flashcards
brute force attacks
- a ‘trial and error’ method used by cybercriminals to crack passwords by finding all possible combinations of letters, numbers and symbols until the password is found
- logical steps:
- common passwords (12345, 11111)
- word list: a text file containing a collection of words used in a brute force attack
data interception
- an attempt to eavesdrop on a wired or
wireless network transmission - compromise privacy or to obtain
confidential information. - is carried out by a packet sniffer
packet sniffing
- data interception: wired networks
- a method used by a cybercriminal to
examine data packets being sent over a network and to find the contents of a data packet, which are sent back to the cybercriminal
wardriving
- also called access point mapping
- using a laptop, antenna, GPS device and
software to intercept Wi-Fi signals and illegally obtain data
methods of preventing data interception
– wired equivalency privacy (WEP) encryption protocol
security: an algorithm for wireless networks to protect
them against data interception
- use complex passwords
- do not connect to random public wireless network (wifi)
Denial of Service (DoS) attacks
- a cyberattack in which
cybercriminals seek to disrupt the normal operation of a website by flooding it with requests; - flood the network with useless spam traffic.
- when a user enters a website’s URL in their browser, a request is sent to the web server that contains the website or web page, since can only handle a number of requests, it becomes overloaded by an attacker
sending out thousands of requests, it won’t be able to service a user’s legitimate
request. - prevents users from:
1. accessing their emails
2. accessing websites/web pages
3. accessing online services (such as banking).
spam
unsolicited emails sent to a user’s mailbox
Distributed Denial of Service (DDoS) attacks
- distributed denial of service (DDoS) attack – a denial of service (DoS) attack in which the fake requests come from many different computers, which makes it harder to stop
methods of preventing Dos and DDos
- using an up-to-date malware checker
- setting up a firewall to restrict traffic to and from the web server or user’s computer
- applying email filters to filter out unwanted traffic (for example, spam).
signs of Dos and DDos
- slow network performance (opening files or accessing certain websites)
- inability to access certain websites
- large amounts of spam email reaching the user’s email account.
hacking
- the act of gaining illegal access to a computer
system without the owner’s permission - can lead to identity theft or the gaining of
personal information; data can be deleted, passed on, changed or corrupted.
methods of preventing hacking
- use of firewalls,
- user names
- frequently changed strong passwords.
- anti-hacking software
- intrusion-detection software also exists in the fight against hacking.
ethical hacking
- when companies authorise paid hackers to check
out their security measures and test how robust their computer systems are to hacking attacks.
malware
– programs (such as viruses, worms and Trojan
horses) installed on a user’s computer with the aim of
deleting, corrupting or manipulating data illegally
virus
- a program or program code that replicates itself
with the intention of deleting or corrupting files or by
causing the computer system to malfunction - needs an active host
- often sent as email attachments
active host
– functioning software that a virus can affect by
attaching itself to the code or by altering the code to allow the virus to carry out its attack
methods of preventing a virus
- don’t open emails from unknown sources
- don’t install non-original software
- always run an up-to-date virus scanner
worms
- a stand-alone type of malware that can self-
replicate - do not need an active host: they can spread throughout a network without the need for
any action by an end-user - they rely on security failures within networks to permit them to spread
unhindered - arrive as message attachments and only one user opening a worm-infested email could end up infecting the whole network.
methods of preventing worms
- up-to-date anti-virus program
trojan horse
- trojan horse will give cyber criminals
access to personal information on your computers, such as IP addresses, passwords and other personal data. - often disguised as legitimate software but
with malicious instructions embedded within it.
replaces all or - part of the legitimate software with the intent of carrying out some harm to the user’s computer system.
- need to be executed by the end-user
- email attachment or are downloaded from an infected website
Spyware
- They are primarily designed to
monitor and capture web browsing and other activities and capture personal data
Adware
-its least dangerous it will attempt to flood
an end-user with unwanted advertising.
-highlight weaknesses in a user’s security defences
- be hard to remove – it defeats most anti-malware software since it can be
difficult to determine whether or not it is harmful
- hijack a browser and create its own default search requests.
Ransomware
-‘hold the data hostage’
-it either encrypts files straightaway or it waits for
a while to determine how much of a ransom the victim can afford.
Phishing
-occurs when a cybercriminal sends out legitimate-looking emails to
users.
-There are numerous ways to help prevent phishing attacks:
» users need to be aware of new phishing scams;
» it is important not to click on any emails links unless totally certain that it is
safe to do so;
» ensure an up-to-date browser is running on the computer device
» be very wary of pop-ups and use the browser to block them;
Pharming
The creator of the malicious code can gain personal
data, such as bank details, from the user. Often the website appears to come
from a trusted source and can lead to fraud and identity theft.
-It is possible to mitigate against the risk of pharming:(refer the points)
Social engineering
occurs when a cybercriminal creates a social situation that
can lead to a potential victim dropping their guard.
-Instant messaging:Malicious links are embedded into instant messages;
-Scareware:This is often done using a pop-up message that claims that the user’s
computer is infected with a virus;
-Emails/phishing scams:The user is tricked by the apparent genuineness of an email and opens
a link in the email;
-Baiting:The cybercriminal leaves a malware-infected memory stick somewhere
where it can be found;
-Phone calls:the user is
advised to download some special software that allows the cybercriminal to take over the user’s device giving them access to personal information
Access levels
user accounts control a user’s rights. This often
involves having different levels of access for different people.
1 public access
2 friends
3 custom
4 data owner
Anti-malware
The two most common types of anti-malware are anti-virus and anti-spyware.
-Anti-spyware software detects and removes spyware programs installed illegally
on a user’s computer system. The software is based on one of the following
methods:
» rules
» file structures
-The general features of anti-spyware are:
» detect and remove spyware already installed on a device
» prevent a user from downloading spyware
» encrypt files to make the data more secure in case it is ‘spied’ on
» encryption of keyboard strokes to help remove the risk posed by the
keylogging aspects of some spyware
Authentication
refers to the ability of a user to prove who they are. There are
three common factors used in authentication:
» something you know (for example, a password or PIN code)
» something you have (for example, a mobile phone or tablet)
» something which is unique to you (for example, biometrics).
Biometrics
It can be used in much the same way as passwords as a way of identifying a user. Biometrics relies on certain unique characteristics of human
beings; examples include:
» fingerprint scans
» retina scans
» face recognition
» voice recognition.
Fingerprint scans
-Images of fingerprints are compared against previously scanned fingerprint
images stored in a database;
-The system compares patterns of ‘ridges’ and ‘valleys’ that are
unique.
Fingerprint scanning
techniques have the following benefits as a form of security:
» fingerprints are unique,
» other security devices
» it would be impossible to ‘sign in’ for somebody else since the fingerprints would match with only one person on the database
» fingerprints can’t be misplaced
-What are the drawbacks of fingerprint scanning?
» it is relatively expensive to install and set up
» if a person’s fingers are damaged through an injury, this can have an effect on
the scanning accuracy
» some people may regard any biometric device as an infringement of civil
liberties.
Retina scans
it is a rather unpleasant technique requiring
a person to sit totally still for 10 to 15 seconds while the scan takes place;
(study the table)
spyware
- spyware can be detected and removed by anti-spyware software.