Section 5 Flashcards
What is hacking?
Hacking means finding weaknesses in an established system and exploiting them, for example, unauthorised access.
What might a hacker be motivated by?
Profit
Protest
Challenge
What is white hat hacking?
This is where the hacker is given permission to hack into systems to identify any loopholes or vulnerabilities.
What is grey hat hacking?
This is where the hacker hacks into computer systems for fun or to troll but without malicious intent towards the computer system.
If a grey hat hacker finds a weakness, they often ask for a fee; companies often pay this rather than risk having their vulnerabilities exposed.
What is black hat hacking?
Hacking with malicious intent. This intent can include theft, exploiting the data stole or seen, and selling the data on. Black hat hackers carry out illegal hacking activities and can be prosecuted.
Black hat hackers use randomware to prevent the owners from accessing their own computer system until they pay a sum of money.
What is social engineering?
The art of manipulating people so that confidential information can be found out.
Name the six types of social engineering:
Phishing
Baiting
Pretexting
Quid pro quo
Tailgating/ piggybacking
Shoulder surfing
What is phishing?
Phishing uses a fake website that looks identical to the real one.
What is baiting?
Similar to phishing.
Cybercriminals make a promise of goods to get the information they need.
What is pretexting?
Pretexting is when a cybercriminal lies to get data or information.
Usually involves a scam, where the criminal pretends to need the information to confirm the identity of the person they’re talking to.
What is Quid pro quo?
Quid pro quo tries to disable anti-virus software so that software updates, usually malware, can be installed to gain access to a computer system.
Similar to baiting, but promises a service rather than goods.
What is tailgating/ piggybacking?
Means trying to gain access to a secure building or room. Takes the form of a person who doesn’t have the authority to enter following someone through the doors.
What is shoulder surfing?
Shoulder surfing aims to steal data or information. It’s when a person’s private and confidential information is seen.
For example, an attacker may stand very close to someone in a crowded place when using a cash machine or device.
What is malware (malicious software)?
It is installed on a computer system and collects information about users without their knowledge.
Name 6 types of malware:
Viruses
Worms
Trojan Horses
Spyware
Key logging
Ransomware
What are viruses?
Programs that replicate themselves on a system by modifying programs and inserting their own code.
The virus could enter the system due to software vulnerabilities or be activated as a result of clicking on a link within a message.
What are worms?
A type of virus that infects the computer without the user’s knowledge.
Worms are created to modify or delete files to steal data. Another way a worm can cause damage is by duplicating itself so many times that it exhausts the system’s resources, so it runs more and more slowly.
What is a Trojan horse?
A type of virus that enters the system in the form of a legitimate program.
What is spyware?
A program that collects data from a computer system and sends it to a third party without the user’s consent.
As the name suggests, it is designed to spy on you.
It collects login and account details, and feeds this information back to the program creator without you having any idea this is happening.
What is key logging?
A form of spyware.
An activity-monitoring program that logs everything you type on your keyboard, and sends this information to the creator of the program. In this way, the cybercriminal gets access to your passwords and other sensitive information.
What is ransomware?
Ransomware is created to prevent someone from accessing data on their computer. The software encrypts the files and the cybercriminal demands a random payment in exchange for the decryption key.
In a busy world, organisations can be tempted to pay the money as it is possibly the cheapest and easiest option to restore access to their files.
What is Distributed Denial of Service (DDoS)?
DDoS is an attack designed to disrupt or deny an organisation’s service.
The server is bombarded with so many fake internet requests that it gradually slows down until it can no longer function; the website then crashes.
It can also affect network usage and network resources such as Internet of Things devices.