Threats to networks * Flashcards
What is an active form of attack?
where the hacker attempts to modify or delete data, or prevent a network from operating properly
What is eavesdropping?
where the hacker monitors a network in order to gain information
What is an external form of attack?
where someone outside of an organisation attempts to hack its network
What is an internal form of attack?
where someone within an organisation attempts to hack its network
List the 6 techniques used to hack a network
- malware
- phishing
- brute force
- denial of service
- data interception and theft
- SQL injection (Structured Query Language)
What is malware?
a malicious software that is designed to hack a system
What are the 5 types of malware?
- viruses
- worms
- trojans
- spyware
- ransomeware
Malware
What are viruses? (2 points)
How do they harm a network?
programs hidden within other files
they replicate themselves and become part of other programs
delete or modify data
Malware
What are worms?
How are they often spread?
programs similar to viruses except they aren’t hidden within other files
often spread through emails
Malware
What are trojans?
What do they do instead of replicating?
programs which pretend to be legitimate and are often disguised in email attachments
trojans can’t replicate themselves, but trick user into installing the program
Malware
What is spyware?
programs that monitor user activities and send the information back to a hacker
Malware
What is ransomware?
programs that attempt to blackmail a user into making a payment to a hacker
Malware
What are botnets?
a network of infected computers all under the control of a hacker
What is phishing?
emails that trick users into giving away personal details
eg. convincing them into putting their details into a fake bank account website
What is brute force?
a program is used to find a password by trying all the possible combinations until one is correct
What can a hacker do using a brute force attack?
- hack into websites
- deface websites
- crash servers
- email spam to millions of users
- steal your personal information
What are the three types of brute force attack?
- dictionary attack - use list of common words and phrases
- password spraying - common passwords, large numbers of computers at once
- botnets - control multiple computers at once
What is denial of service (DOS)?
where a computer (or many computers) are used to prevent a server from performing its tasks
bombards server over and over with requests, until server is occupied trying to handle fake requests and doesn’t answer legitimate ones
What is data interception?
where data is intercepted during transmission
done using software called packet sniffer, which examines packets as they are sent around a network or across the internet
information gathered and sent back to hacker
What information can be obtained through data interception?
- payment data (eg. bank details)
- passwords and personal details to hack into accounts and sell to third parties for identity theft
What is SQL?
Structured Query Language
an SQL code is entered as a data input
cause errors or unintended operations
What can hackers do using an SQL injection? (4 things)
- steal credentials
- access databases
- alter data
- delete data