LO2 Flashcards
Understand the issues surrounding cyber security.
Vulnerabilities
Flaws or issues that results in weaknesses in the security of a system. They can be intentional, accidental or a natural phenomenon.
System Vulnerabilities
Weaknesses within a network or system.
Examples of this are denial of service, botnet, malware, social engineering
Physical threats Vulnerabilities
Weaknesses within a network or system that happen in a physical sense.
Theft, Vandalism and arson etc.
Environmental Vulnerabilities
Weaknesses within a network or system that happen due to a environmental impact. Flooding and natural disasters etc.
Accidental threats
This is damage that happens to a network/data/system without actually intention of the individual causing harm. For example dropping a device and breaking it, spilling a liquid on a machine which contains information.
Replying to a hoax email without realising what it is.
Intentional threats
Criminal activities that have the intention to cause harm to a computer system. Hacking / Social engineering and theft etc.
Organised Crime
Cyber dependant and cyber enabled crime, stealing identities, blackmailing. teams of hackers working together to commit fraud and other crimes.
State Sponsored Crime
Countries who employ spies to find out state secrets, government polices etc. spying, espionage.
Hacktivist
Individuals and groups which use computers and computer systems to promote their own views on a particular issue such as human rights, animal rights or ethics. They hack into computer systems and cause disruption such as DDoS, steal or destroy information and put individuals, organisations and countries at risk.
Cyber Criminal
Anyone who commits a cyber-crime by breaking national or international law. They may use the computer in different ways to carry out the crime- as a tool e.g. commit fraud, send spam – to aim crime at a particular copter or system e.g. looking up information they are not allowed to read, installing Trojan horse, spreading Malware, stealing data, altering data
Insider
Insider threats are often disgruntled employees or ex-employees who believe that the business, institution, or agency has “done them wrong” and feel justified in gaining revenge. An insider threat could be: the introduction ofviruses,worms, orTrojan horses; the theft of information or corporate secrets; the theft of money; the corruption or deletion of data; the altering of data to produce inconvenience or false criminal evidence; and the theft of the identities of specific individuals in the enterprise.
Script Kiddie
is anunskilledindividual who usesscriptsor programs developed by others to attack computer systems and networks anddeface websites. The term, ‘Script kiddies’ does not relate to the actual age of the participant, but they are often young and inexperienced. It is anyone who lacks the ability to write their own sophisticated programs.
Scammers
Trying to cheat you by offering goods or opportunities to make some quick money. Scams often come via emails and are activated once clicked on. E.G. ‘click here to try the free trial of XXX’ to register pay £1 that will be refunded. The link will not work and you will not be refunded.
Vulnerability Broker
Several companies make money by either finding program bugs themselves or buying them from researchers of hackers to sell the information on – not to the company who created the program.
Phishers
Gain access to your personal details (passwords, bank account numbers, NI) normally an email is sent from your e.g. bank or Paypal asking you to click the link and log in. The link takes you to a webpage that looks like ‘Paypal’ but is fake. If data is entered then it will provide access to the phishers.