unit 6 - cybersecurity Flashcards
what is cyber security?
the different processes, practices and technologies that protect networks, computers, programs and data from attack, damage or unauthorised access
what kind of threats are computers vulnerable to?
- malware including viruses
- social engineering
- pharming
- weak and default passwords
- misconfigured access rights
- removable media like a USB
- unpatched and/or outdated data
why is it important to secure data?
- millions of organisations store data and it is very valuable
- also very vulnerable
what are password policies?
- passwords are often checked as they are created to make sure that they conform to the parameters given in a required policy
- organisations will often have password policies and this makes sure that the password has specific features
what are some examples of password policies?
- minimum length of characters
- include at least 1 lowercase letter
- include at least 1 uppercase letter
- include at least one symbol £$%&*@
- have to change the password every month
what are default passwords? and why do they make devices vulnerable if not changed by the user?
- the initial passwords that come with a device when it is bought
- most devices come with a default password or PIN to gain access eg. 0000, 1111 and 1234
threat; makes it easy for hackers to gain access using password lists or a brute force attack
what are default passwords? and why do they make devices vulnerable if not changed by the user?
- the initial passwords that come with a device when it is bought
- most devices come with a default password or PIN to gain access eg. 0000, 1111 and 1234
threat; makes it easy for hackers to gain access using password lists or a brute force attack
what are user access levels?
- access rights may be set on hard drives, folders and even individual files
- alters what a specific user can see
why do misconfigured access rights serve as a threat?
- each user in an organisation is assigned individual access rights, according to their role eg. network users shouldn’t have access to the setup and configuration settings
- these rights have to be carefully managed so that no one has access to areas that they don’t need to do their job as it can become a security weakness
threat; these give users too much access which they can then misuse
what is pharming?
a cyber attack that redirects a user to a fake website
how does a pharming attack take place?
if a hacker can change the entry on the DNS (domain name system) server, then they can make it point to a fake website that they can control, meaning the DNS server has been ‘poisoned’
→ the fake website might appear the same as a real website
→ its real aim is to collect personal data like bank details
→ the hacker can then use this to transfer money to themselves
what threat does a pharming attack pose?
a DNS server is compromised so that it points to a fake website which can then obtain personal information like usernames and passwords
what is removable media? and how can they be a threat??
any storage device that can be inserted and removed from a computer
- such as, USB flash drives or SD cards
- removeable media can be used to steal documents and files from a company or introduce malware
how can malware get onto removable media?
- malware could get onto the removable media by:
- being present on a home computer and then infecting the removable media device when inserted
- also, a hacker could leave an infected USB flashdrive somewhere and it may accidentally get inserted into a computer
threat; these can be used to introduce malware or remove confidential documents
why must software be regularly patched or updated?
- many updates contain fixes to known security issues
- hackers will be aware of these known security issues, making computers that haven’t been updated an easy target
what are the most important software updates?
- operating system: updates often contain security updates
- it’s important to update the operating system is kept as secure as possible as it has full control of the computer or server
- antivirus or anti-malware software needs to be updated regularly or daily so that it can detect new malware
threat; leaves security holes open
what is social engineering and what are some examples of this?
the ability to obtain confidential information by manipulating people for it
- blagging
- phishing
- shouldering
what is phishing?
using email or a text message to obtain information
- emails, texts or phone calls are sent to users pretending to be from a trustworthy organisation (like a bank or website)
- these messages attempt to gain things such as: usernames, passwords, credit card details and other info
what are the features of a phishing email?
- greeting: generalised greeting, no personalisation
- sender’s address: a variation of a genuine address
- forged link: looks like a genuine link but redirects you to a different website
- request for personal information: genuine organisations will never ask for such details over an email
- sense of urgency in the mail
- poor spelling, grammar and punctuation
what is shouldering?
- the ability to get information or passwords by observing as someone types them in
- using a CCTV camera
- looking over someone’s shoulder
- overlooking a phone unlock pattern
what is blagging?
- the act of creating and using an invented scenario to engage a targeted victim - often makes use of tricks to get the target to do something that they wouldn’t under normal circumstances
- used to obtain personal information or money from a victim by creating a sense of urgency
what is malware? and what are some types of malware?
malicious software; executable programs that run on a computer
- viruses
- trojans
- spyware
- ransomware
- worms
what are viruses and what do they do?
- replicates their code in other programs (hence infecting)
- they infect other computers
- they harm the computer by deleting, corrupting and modifying files
what is a worm?
- they replicate themselves in order to spread to other computers
- they don’t cause damage to the attacked computers but use up their resources
- they slow down networks and computers
what is a trojan?
- they have a program, game or cracked file which is something a user wants
- they have negative program code which causes damage, takes control or provides access to the computer
what is spyware?
- installed without the user knowing it
- it spies on them by: tracking them as they visit websites or installing a keylogger that can read passwords and personal info
- personal data is then sent back to the hacker often through the use of cookies
whata re some methods of protecting devices from threats?
- pen testing
- anti-malware software - anti-virus software
- biometric measures (especially mobile devices)
- password systems
- CAPTCHA
- email confirmation to confirm identity
- automatic software updates
- authentication, encryption, firewalls and MAC address filtering
what is anti-malware software and what does it do?
- will detect malware such as viruses, worms, trojans and spyware
- when a virus or new malware is detected it is sent to the anti-virus company
- they verify that it is malware and then create a signature of it
- then add it to their database and tell the computers to run an update
how can viruses avoid detection?
they can morph which makes it harder to create a signature
what do passwords do?
- prevents unauthorised access
- applies correct permissions to each user
how does biometric authentication work?
- measures a person’s physical characteristics to verify their identities → eg. fingerprints/face
- facial recognition; commonly used for phones and tablets
- retinal scans: used in high security organisations
- matching the face to the voice
what do automatic software updates do?
- updates your software whenever they make a change
- necessary to fix bugs or edit security
what does CAPTCHA do?
- prevents hackers from sending multiple submissions to webpages so they don’t make log in attempts or add spam posts
- they are easy for humans, but hard for computers
what happens if the CAPTCHA is read incorrectly?
- another CAPTCHA is usually given so the user can try again
- after many attempts, the website may block access for a while to prevent any brute-force attempts
what is penetration testing?
- trying to find weaknesses/security holes in the system so as to prevent cyber attacks before they happen
- white box pen testing simulates an insider with knowledge of the system
- black box simulates an internal hacking or cyber attacking
what are the aims of penetration testing?
- identify possible attacks
- identify possible entry points
- attempt to break in
- report findings
what are the rules of CAPTCHA?
- skew the angles
- rotate the characters
- vary the sizes and fonts
- lines through the letters
- obscured/fuzzy