Threats to Networks and system software 1.4 Flashcards
What is malware
-software which is specifically designed to disrupt, damage or gain unauthorised access to a computer system
-it is installed on someone’s device without their knowledge or consent
what are actions of malware
-deleting or modifying files
-locking files- ransomware encrypts all the files on a computer. The user receives a message demanding a large sum of money to be paid in exchange for a decryption key
-Spyware - secretly monitors user actions, e.g. key presses, and sends info the the hacker
-scareware - tells the user their computer is injected with loads of viruses to scare them into following malicious links or paying for the problems to be fixed
-rootkits alter permissions, giving malware and hackers administrator-level access to devices
-opening backdoors - holes in someone’s security which can be used for future attacks
how can malware access your device
-viruses attack (by copying themselves) to certain files. Users spread them by copying infected files and activate them by opening injected files
-worms - they are like viruses by they self-replicate without any user help, meaning they can spread very quickly. They exploit weaknesses in network security
-trojans - they are malware disguised as legitimate software. Unlike viruses and worms, Trojans don’t replicate themselves - users install them not realising they have a hidden purpose
what is social engineering
-a way of gaining sensitive information or illegal access to networks by influencing people, usually the employees of large companies
Phishing
-the fraudulent practice of sending emails purporting to be from reputable companies in order to include individuals to reveal personal information
-the emails often contain links to spoof versions of the company’s website. They then request that the user update their personal information. When the user inputs this data onto the website they hand it all over to the criminals, who can then access their genuine account
brute force attack
-a trial and error method of attempting passwords and PIN numbers. Automated software is used to generate a large number of consecutive guesses(e.g. trying every word in the dictionary
how to prevent brute force attacks
locking accounts after a certain number of attempts and using strong passwords will reduce the risk of a brute force attack
denial of service attack
this is where a hacker tries to stop users from accessing a part of a network or website. Most DoS attacks involve flooding the network with useless traffic, making the network extremely slow
what is data interception and theft
-the unauthorised act of stealing computer-based information from an unknowing victim with the intent of compromising privacy or obtaining confidential information
SQL injection
a technique used to view or change data in a database by inserting additional code into a text input box, creating a different search string
-an SQL Query is entered into the input box of a website
-the input box was not designed for that query but is permitted by the website’s database’s code
-the inserted code runs a database query that can give unauthorised access to the whole part of the database
how can SQL injection attacks be prevented
-using stronger input validation
-so that only the intended input type will be accepted
-penetration testing
how can organisations prevent network vulnerabilities
-regularly test the network to find and fix security weaknesses and investigate problems if they happen
-use passwords to prevent unauthorised people from accessing the network
-enforce user access levels to limit the number of people with access to sensitive information
-install anti-malware and firewall software to prevent and destroy malicious software attacks
-encrypt sensitive data
-physical security to protect the physical parts of a network from either intentional or unintentional damage e.g. locks and passcodes to restrict certain areas
-educating employees on the dangers of social engineering
-automatic encryption of all data leaving and entering the network could prevent intercepted data from being read by hackers and criminals
passive attack
when someone monitors data travelling on a network and intercepts any sensitive information they find
-best defence is encryption
active attack
when someone attacks a network with malware or other planned attacks
-best defence is a firewall
how do firewalls work
a firewall can stop hackers and malware from accessing the school’s network
-by blocking traffic that is identified as suspicious
