Learning Aim B - Cyber Security Flashcards
All of the key parts of Learning Aim B, including Social Engineering & Security
Hacking
Unauthorised access to a computer system. Covered by the Computer Misuse Act 1990
Why are systems attacked?
- Fun
- Financial Gain
- Industrial Espionage
- Personal Attacks
- Hacktivism (hacking for activism)
Types of Hackers
- Black Hat - a hacker with malicious intent
- Grey Hat - a hacker with neither malicious or heroic intent
- White Hat - a hacker with heroic intent to stop other hackers
Types of threat to a computer system
- Unauthorised access
- Virus
- Worm
- Botnet / DDoS Attack
- Rootkit
- Trojan
- Ransomware
- Spyware
Virus
A computer program or part of a computer program that can make copies of itself and is intended to prevent the computer from working normally
Cambridge Dictionary
Worm
Aa harmful computer program that can copy itself and spread across a number of connected computers
Cambridge Dictionary
Botnet
A group of computers that are controlled by software containing harmful programs, without their users’ knowledge
Cambridge Dictionary
DDoS
Distributed Denial of Service: an occasion when a computer network or website is intentionally prevented from working correctly, by a botnet sending lots of data at once.
Cambridge Dictionary (mod.)
Rootkit
A type of malware designed to give hackers access to and control over a target device. Most rootkits affect the software and the operating system.
Kaspersky
Trojan
A computer program that has been deliberately designed to destroy information, or allow someone to steal it.
Cambridge Dictionary
Ransomware
Software designed by criminals to prevent computer users from getting access to their own computer system or files unless they pay money.
Cambridge Dictionary
Spyware
Software that collects information about how someone uses the internet, or personal information such as passwords, without the user knowing about it
Cambridge Dictionary
Social Engineering
`
Manipulating people so that confidential information can be found out.
Why does social engineering work?
Most people want to do the right thing, and this is why it works. In a recent study, 60% of unauthorised USB drives were mounted to a computer and used in a controlled environment.
United States Department of Homeland Security
Types of Social Engineering
- Phishing - Where an individual poses as a legitimate company to steal sensitive information
- Pharming - Where a user is redirected from a legitimate site to another
- Shoulder Surfing - Where somebody physically looks at somebody’s computer system to steal sensitive information
- Tailgating - Where a hacker gains unauthorised access to a password-protected system
- Baiting - Where a scammer uses a false promise to steal personal information
- Pretexting - Where an attacker tries to convince a victim into giving up valuable information
How to detect Social Engineering
- Are they using correct grammar and spelling?
- Are they addressing you, or a generalised person?
- Are they asking for personal information?
- Are they being urgent?
- Are they asking you to check a link? Check the link before you click it and compare it to internet searches.
Man in the Middle Attack
Where a hacker intercepts a message between two users without their knowledge.
Internal Threats
A threat carried out by a trusted individual in an organisation. These are usually accidental and not malicious, but there is a minority who do this on purpose.`
Why do Internal Threats happen?
- Carelessness
- Not following organisation’s procedures
- Not understanding risks of the user’s actions.
Drive-by Downloads
By only visiting the website, the device can be infected (often with a worm).
Malware in Adverts
Malware can be embedded into advert iframes and on a legitimate website and be downloaded onto the computer
Search Engine Poisoning
Where websites abuse SEO tools and pack the website with trending and viral keywords to drive traffic to the site.
P2P Sharing Sites
Peer-to-Peer sites often have trojans in them, so are downloaded when sharing/downloading files on a P2P site.
Impacts of an Internal Threat
- Data and financial loss
- Damage to reputation
- Reduction in productivity and downtime
- Legal Action (Data Protection Act)
Firewall
A physical device/piece of software that stops a cyber security threat from moving from one network/device to another.
Hardware Firewall
- Protect an entire network
- Are complicated to setup
- Often offer more security than software firewalls
- Are hard to bypass
Software Firewall
- Protects a single device
- Are easy to setup
- Offer less security than hardware firewalls
- Easier to buypass
Device Hardening Policy
Steps that are required to be carried out in an organisation in order to reduce threats to a computer system
Types of Device Hardening
- Using a password manager
- Keeping software and OSes up to date
- Removing unused software
- Removing unused accounts
Symmetric Encryption
More vulnerable than asymmetric encryption.
Asymmetric Encryption
Where the device and the host have a pair of keys which have to match. These are not symmetrical so are hard to guess.
Types of policy
- Password Policy - define how long, complex and how long a password can be used for is.
- Acceptable Use Policy - how you are expected to use a computer and the sanctions if you do something prohibited.
- Device Hardening Policy - what software you should use and how to keep the computer system safe.
- Backup Policy - how regularly devices are backed up, how and where.
- Disaster Recovery Policy - Who is responsible for doing what to restore an organisations infrastructure when a cyber attack or physical damage to a computer system occurs
