Cybersecurity Flashcards
What does cyber security consist of?
It consists of the processes, practices, and technologies designed to protect networks, computers, programs, and data from attack, damage, or unauthorised access
Who commits cyber crime and why?
• Criminals who want data to sell to fund organised crime. • Scout kiddies who don’t have an understanding of the technology, just copy someone else. • State operators - espionage. • Blackmailers who hold data to ransom, e.g., by hacking into a business’s infrastructure and encrypting all their files. • Hacktivists - individuals who use cyber crime to gain unauthorised access to organisations and cripple them for moral reasons, e.g., Wikileaks, Anonymous
What is cyber crime?
Any illegal activity carried out using computers or the internet
What are some cyber security threats/liabilities?
• Social engineering techniques (Phishing, Shouldering, Blagging) • Pharming • Weak and default passwords • Removable media • Misconfigured Access rights • Unpatched or out-of-date software
What is social engineering?
Using psychological approaches to manipulate an individual into giving away confidential and personal information, e.g., phishing
What is phishing?
Emails or texts designed to steal personal information to gain access to your money
What is pharming?
Redirecting a website’s traffic to another fake website to harvest personal details
How does pharming work?
- An attacker installs software on the victim’s computer or hijacks their DNS server. 2. When the user navigates to a website, the attacker intercepts this and secretly sends their browser to a fake copy of the website. 3. The attacker then steals credentials/payment details
What are the differences between phishing and pharming?
Pharming forces the user’s computer to go to the hacker’s website, whereas phishing makes the user themselves navigate to the hacker’s website. Pharming involves downloading software, not just files, and makes the victim’s computer run the malware
What is blagging?
When an attacker creates a scenario to convince you to hand over data or money. They can convince the victim by using real open-source information
What is shouldering?
An attacker watching a victim over their shoulder as they enter passwords or personal information
What is malware short for?
Malicious Software
What is malware?
Malware is an umbrella term used to refer to a variety of forms of hostile or intrusive software
What are some types of malware?
Virus, Trojan, Worm, Spyware, Bots, Ransomware
What is a computer virus?
Software that replicates itself and transfers from one computer to another. It can make unauthorised and undesirable changes to a computer system when it is installed and executed
What is adware?
Software that either causes pop-ups or windows that will not close. Generally, the pop-ups or windows display advertisements
What is a Trojan?
Malware that gains access to a computer by pretending to be legitimate software
What is spyware?
Spyware, when executed, can log activity on your computer and control your webcam and microphone
What is a worm?
They spread themselves by attaching themselves to network tools. Unlike viruses, they do not require human intervention
What is ransomware?
A form of malware that encrypts all data on the hard drive of the computer. Once encrypted, the attacker then offers to decrypt the data upon payment—often in cryptocurrency
What are some malware defence techniques?
• Antivirus • Software updates • Make backups - have at least 2 copies • Captcha
How does an antivirus work?
Uses signature-based checking to detect already known malware and uses behavioural analysis to detect unknown/new malware
What is good practice for backups?
• Make at least 2 copies • Make sure it is protected by good physical security and encryption • Cloud backup is generally safer against ransomware attacks
What is a captcha?
They are used to determine if a user is a real human or a bot. It works by displaying text in a way that is indecipherable to a computer and asking users to type the displayed text
