Network Threats Flashcards
What is malware short for?
Malicious software
What is malware a general term for?
For any hostile or intrusive software
What are the 9 types of malware?
Computer Virus Trojan Spyware Adware Pharming Click fraud Ransomware Rootkits Scareware
What threats are labelled as ‘social attacks’?
When hackers try and trick, fool, bribe, or threaten people online
What do all social attacks have in common?
They attack people rather than hardware or software
Give 3 examples of social attacks
Bribing a user into allowing an attacker access to a system
Putting a thumb-drive full of malware somewhere a user might pick it up, and labelling it so that they would want to open it on their system
Phoning up a user at work and convincing them to break policy and give them the information they want directly
What does ‘phishing’ involve?
Sending out e-mails, instant messages, or phone calls pretending to be someone in authority. The attacker then uses that fake authority to convince users to voluntarily give up sensitive information such as passwords, bank account details
What is the most common method of phishing?
By email
What is a ‘brute force’ attack?
When a computer program is written to go through every possible combination of letters (and / or symbols) until the right one comes up to guess a user password
How can ‘brute force’ attacks be stopped?
By limiting the number of attempts a user can have at logging in within a certain time period
What is a ‘dictionary’ attack?
Where all the words of the most popular languages are used before brute force is tried to guess a password
What is denial of service?
A method of preventing legitimate users from connecting to a server. Web sites can be blocked with this method
How does denial of service work?
It works by flooding the targeted server with millions of bogus requests. There are so many requests that all the server memory and CPU cycles are used up and the server then crashes
What does a denial of service attack often involve?
Hundreds or thousands of computers which have been infected with botnet malware
What happens in a ‘Distributed Denial of Service’ attack?
Each machine sends a stream of bogus requests. The legitimate owner of the infected computers are unaware that their machine is being used in this way
What is Data interception and theft?
It is a form of eavesdropping as users are unaware that their data is being extracted
How does a data interception attack work?
When data packets are intercepted. An extra server or router is placed in the network so that packets coming from the target computer are re-directed, copied, and sent on. The data within each packet, such as passwords or confidential information, is then extracted from the copied packets
What is an effective defence against data interception?
To encrypt each data packet. The eavesdropper would then have the extra task of decrypting the information
What is an SQL injection?
Is the deliberate addition of malicious SQL code into a web form in order to view \ modify \ delete database records or to gain unauthorised access
What do attackers do in an SQL injection?
The attacker tries to insert extra SQL commands, for the database, into the input boxes, hoping that these commands will be carried out by the server
What is a good way of protecting against SQL injection?
Get the server to validate the information properly before the SQL request is formed. For example, the user name and password may only be a certain length and to not allow invalid characters
What is the defence against SQL injection which involves adding a non-alphanumeric characters, for example & becomes “\&”?
Escape character. This forces the input to be treated as characters only rather than commands
What are the risks with having a poor network policy?
Without precautions, guidance and training, there is a risk that some users, albeit unwittingly, will introduce threats to the network
What should be in a network policy to do with passwords?
Passwords must be hard to guess
What should be in a network policy to do with access rights?
People will only be given access to certain parts of the network to carry out their work
What should be in a network policy to do with sharing passwords?
No one is allowed to share their username password
What should be in a network policy to do with screensavers?
All computers will have password protected screen savers
What should be in a network policy to do with confidential emails and files?
They should all be encrypted
Why does a good network policy need to be in place?
To reduce security risk