module 5 Flashcards
how much will cybercrime cost the world economy by 2025
$10.5 trillion annually
costs of cyber crime
loss of revenue
stolen identities, intellectual property and trade secrets
damage to companies and individuals reputations
expense of enhancing and upgrading a compnays cyver security
loss of business info
spyware
software gathers info about users while connected to the internet
adware
form of spyware that collects info about the user to determine ads to display
phishing
sending fradulent emails that seem to come from legit sources
pharming
like phising but the official website of an org is hijacked by altering website IP address via a domain name system
baiting
similar to phishing attacks but baiter gives recipient a promise (free software/giftcard)
quid pro quo
Similar to baiting but involves a hacker requesting the exchange of critical data or login information in exchange for a service or prize
SMSishing
technique that tricks user to download malware onto mobile devicei
vishing
using voice technology that tricks user into revealing important financial or personal info to unauthorized entities
keystroke loggers
software or hardware devices that monitor and record keystrokes
sniffing
capture and record network traffic
spoofing
attempt to gain access to a network by posing as an authorized user
computer fraud
unauthorized use of computer data for personal gain
denial of service attacks
identity theft
software piracy
viruses
self propagating program code that is triggered by a specified time or event
attaches to other files continuously
transmitted through the network, email or mssg boards
worms
indept programs that can spread without attaching a host programs
eats up computer resources
does not usually erase data
trojan programs
contain code intended to disrupt a computer, network or website
hidden inside popular program
can erase data
do not replicate
logic bombs
type of trojan program used to release a virus, worm, or other destructive code
triggered at certain tiem or event
backdoors (or trapdoor)
programming routine built into a system
enables the designer or programmer to bypass security at a later time
blended threats
combines characteristics of viruses, worms and malicious codes with vulnerabilities on networks
embedding malicious codes in the servers HTML files
sending unauthorized emails from compromised servers with a worm attachment
rootkits
series of software tools that enable unauthorized access to computer or network system
denial of service attack (DOS)
flood a network or server with service requests to prevent legitimate users access to the system
distributed denial of service (DDoS)
thousands of computers work together to floor a website to cause it to fail
botnet
network of computers and IoT devices infected with malicious software and controlled as a group
TDOS telephone DOS
high volumes of automated calls flood a target phone system, halting incoming and outgoing calls
social engineering
using people skills to trick others into revealing private ingo
comprehensive securirty system should have
acess controls
data encryptions
biometric security measures
physiological element unique to a person that cannot be stolen, lost, copied or passed on to others.
thee main nonbiometric secuirty measures
callback modems
firewalls
intrusion detection systems
intrusion detection system
protects external and internal access
placed in front of a firewall
identifies attack signatures, traces pattersn and generates alarms
data encryption
transforms plaintext data into a scrambled form called ciphertext that cannot be read by others
SSL
TLS
