Mobile Security Flashcards
Assess the effectiveness of a ransomware attack on smart phones.
In recent years, ransomware attacks have become more sophisticated and targeted, with attackers exploiting vulnerabilities in software and hardware. Smartphones are not immune to ransomware attacks, and attackers may target them for several reasons.
One reason is that smartphones often contain sensitive information, such as personal contacts, banking information, and access to cloud storage accounts. Additionally, smartphones are often connected to a variety of networks, making them vulnerable to attacks from malicious actors.
However, the effectiveness of a ransomware attack on a smartphone depends on several factors, including the operating system, the security measures in place, and the behavior of the user. For example, smartphones running the latest version of the operating system and with up-to-date security patches may be less vulnerable to ransomware attacks.
Moreover, users who regularly back up their data to the cloud or an external device may be less likely to pay the ransom. Additionally, users who are aware of the risks of phishing attacks and other forms of social engineering may be less likely to fall victim to a ransomware attack.
Evaluate the effectiveness of anti-malware applications for mobile phones.
Anti-malware software is designed to detect and remove malicious software, such as viruses, Trojans, and ransomware, from mobile phones. The effectiveness of anti-malware for mobile phones depends on several factors, including the type and quality of the software, the behavior of the user, and the specific threats it is designed to protect against.
Overall, anti-malware software for mobile phones can be effective in protecting against known threats, especially if the software is updated regularly to address emerging threats. However, it is important to note that anti-malware software is not foolproof and may not detect all threats, especially if the malware is new or specifically designed to evade detection.
It is also important to note that while anti-malware software can help prevent malware infections, it cannot always protect against other types of cyber attacks, such as phishing scams or social engineering attacks, which rely on tricking users into giving away their personal information or downloading malicious software.
Discuss the implications of poor smart phone security practices during the covid-19 pandemic, specifically in Malaysia.
One implication of poor smartphone security practices is the increased risk of cyber attacks, such as phishing scams, ransomware attacks, and malware infections. Cybercriminals often take advantage of people’s fear and anxiety during times of crisis, using fake emails and websites to trick users into giving away sensitive information or downloading malicious software. In Malaysia, the pandemic has seen a rise in cybercrime, with a reported increase in phishing attacks and online scams.
Another implication of poor smartphone security practices is the risk of data breaches and identity theft. With more people working remotely and using their smartphones to access sensitive information, the risk of unauthorized access to personal and corporate data increases. This is particularly concerning in Malaysia, where data protection laws are not as stringent as in some other countries.
Poor smartphone security practices can also have economic implications, with businesses and individuals potentially losing money as a result of cyber attacks or identity theft. This can have a ripple effect on the wider economy, as consumers and businesses lose confidence in online transactions and the security of their personal and financial data.
Compare and contrast the security features of 3G and 4G technology.
Authentication: Both 3G and 4G technologies use authentication mechanisms to ensure that only authorized users can access the network. However, 4G technology uses a more secure authentication mechanism called “Elliptic Curve Digital Signature Algorithm (ECDSA)” which is more robust and resistant to attacks compared to the “Authentication and Key Agreement (AKA)” used in 3G.
Encryption: Both 3G and 4G technologies use encryption to protect data during transmission. However, 4G technology uses a stronger encryption algorithm called “Advanced Encryption Standard (AES)” which provides better security against attacks compared to the “Triple Data Encryption Standard (3DES)” used in 3G.
Network architecture: 4G technology uses an all-IP network architecture, which provides end-to-end encryption and security. This means that data is encrypted at every stage of the transmission process, from the device to the destination server. In contrast, 3G technology uses a combination of circuit-switched and packet-switched networks, which can be less secure.
Signaling security: 4G technology provides better signaling security than 3G technology. Signaling security refers to the security of communication between the mobile device and the network during the establishment and termination of a connection. 4G technology uses a more secure signaling protocol called “ Diameter protocol” which provides better protection against attacks compared to the “ Signaling System 7 (SS7)” used in 3G.
Differentiate between spyware and ransomware.
Spyware: Spyware is a type of malware that is designed to gather data from a computer without the user’s knowledge or consent. Spyware can be used to monitor keystrokes, capture login credentials, track browsing history, and more. The data collected by spyware is typically transmitted back to the attacker who installed the software. Spyware can be difficult to detect, and can cause a range of problems including identity theft and financial fraud.
Ransomware: Ransomware is a type of malware that is designed to encrypt a victim’s files and demand payment in exchange for the decryption key. Once the victim’s files are encrypted, they are effectively unusable unless the ransom is paid. Ransomware attacks can be very disruptive and can cause significant financial damage to individuals and organizations. Ransomware attacks are typically initiated through phishing emails or by exploiting vulnerabilities in software or systems.
Assess the reasons for wireless network security being more of a concern to organisations as compared to wired network security.
Wireless security is often considered to be more of a concern than wired security because wireless signals can be intercepted by unauthorized users who are within range of the network. With wired networks, physical access is required to intercept data.
Wireless networks use radio waves to transmit data, and these signals can be intercepted by anyone with a wireless receiver that is within range of the network. This means that wireless networks are vulnerable to eavesdropping, unauthorized access, and other security threats.
In addition, wireless networks are often more difficult to secure than wired networks because they are broadcasted over the air and can be accessed from outside of a building. This makes it more difficult to control who has access to the network and to detect unauthorized access.
