Cybersecurity Flashcards
Snooping
A technique used to secretively discover private information about a person, company, or other entity. This is often an insider threat within organizations.
For example, an employee may look at emails when a computer is left logged in and unattended. Another example is an IT employee who has administrative access looking in confidential employee files.
Wiretapping
Wiretapping is a form of eavesdropping that uses programs such as packet sniffers to capture data being transmitted over a network.
With the proper tools, unauthorized people can intercept data on either a wired or a wireless network. One of the best ways to protect against wiretapping threats is to use data encryption.
Social engineering
Social engineering is the act of exploiting human weaknesses to gain access to personal information and protected systems. Social engineering relies on manipulating individuals rather than hacking computer systems to penetrate a target’s account.
Reconnaissance
A type of social engineering exploit that passively gathers information about a potential victim. The goal is to get the information needed to further exploit the victim. Common reconnaissance techniques include the following:
Shoulder surfing
Observe a user through a window.
Eavesdropping
Dumpster diving
Pretexting
Pretexting is use of a fabricated story, or pretext, to gain a victim’s trust and trick or manipulate them into sharing sensitive information, downloading malware, sending money to criminals, or otherwise harming themselves or the organization they work for.
Email attacks
A form of social engineering that attempt to exploit a victim using email messages. Email attacks may come in the following forms:
Phishing emails are crafted to appear as though they were sent from a legitimate organisation, such as a bank or an e-commerce website. These emails convince the user to click a link that opens a malicious website where the user is then tricked into providing sensitive information.
Spear phishing is phishing but targeted at certain individuals
Whaling - Exactly like spear phishing but targeted at High level employees. e.g. C-Level, CEO, COO, Etc
Browser attacks
Browser attacks are a type of social engineering. The attacker tries to convince the victim that revealing sensitive information or installing malware on the computer is a legitimate task. Browser-based attacks can take many forms including the following:
Pharming redirects web traffic intended for a legitimate site to a malicious site that looks identical to the legitimate website. Once there, the victim is tricked into supplying sensitive information, such as usernames, passwords, bank account numbers, or credit card numbers.
Rogue anti-virus attacks employ a pop-up browser window that tells the user the computer is infected with a virus and to click a link to clean it. Sometimes this exploit merely tricks users into paying for worthless software they don’t need. However, it is also frequently used to install malware on the victim’s computer.
On-path (Man in the middle) attack
A hacker places themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two. The attackers can then collect information as well as impersonate either of the two agents.
Replay attacks
A replay attack is a type of network attack in which an attacker captures a valid network transmission and then retransmit it later. The main objective is to trick the system into accepting the retransmission of the data as a legitimate one. Additionally, replay attacks are hazardous because it’s challenging to detect.
Impersonation
The term impersonation usually refers to a social engineering tactic where a hacker pretends to be a member of senior management who is authorized to gain access to a system. In hacking technology, it can also refer to hijacking a networking session and masquerading as another identity.
For example, in a TCP session hijacking, the attacker gains access to a host on the network and logically disconnects the client; the hacker then pretends to be the client. The concept of session hijacking can also be used with an HTTP session. For example, the hacker could hijack cookies from a web browser. To the web server, the hacker appears to be the original web client and takes over the original HTTP session that’s already been initiated.
If an attacker captures a user’s username and password through social engineering or other means, the attacker could impersonate the user by logging into the user’s account with the captured authentication credentials.
Unauthorized changes
On-path attacks, replay attacks, and session hijacking are often used to gain unauthorized access to a system. With system access, hackers can steal even more confidential information. They can also alter or corrupt data. Cyber criminals often launch destructive malware attacks that compromise data integrity and disrupt communication networks.
Denial of service (DOS)
A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash.
Power outage
We all know that without electricity, computer systems won’t work. A bigger concern is that when a computer system loses power abruptly, it can corrupt and lose data.
This is why critical systems such as database servers and web servers should be equipped with an uninterruptible power supply (UPS). These systems provide a temporary power source during an outage that gives the system enough time to shut down cleanly without data loss or corruption.
Hardware failure
Hardware failures can occur for many reasons, such as power surges, power spikes, overheating, and dust accumulation. While some of these causes can be prevented, computer components such as hard disks will eventually fail.
To maintain access to data on critical systems, most businesses maintain redundant copies of data on separate disks.
Data destruction
System administrators are often responsible for the disposal and destruction of sensitive data stored on old hard disks. This is particularly important when storage devices leave an organization.
However, data destruction can also occur for malicious or accidental reasons. Natural disasters, acts of terrorism, and accidental coffee spills can all harm computer components and destroy data. To prepare for these events, businesses should store regular backups of data in different locations.
Service outage
As businesses rely more and more on cloud hosting solutions for their products and services, their productivity depends on the reliability and quality of their internet connection. However, even if the internet is up and running, employees may not be able to access their files when the cloud service is down.
Google, Amazon, Microsoft, and other cloud hosting businesses work hard to avoid any downtime, but there will always be short periods of hardware or software failure. For this reason, businesses should keep offline copies of any critically important files or applications.
Marketing metadata
Metadata (information about information) can include where and when you use the service, the language you use, the sites you access, keywords from your posts and messages, the kind of device you’re using, etc. These companies analyse the data and use it for marketing and advertising. They can also sell their metadata to other companies.
brute force attack
A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations’ systems and networks.