Threats to Computer Systems

avatar
Created by
Chloe Lynch

Cards (18)

  • Forms of Attack
    Malware
    social engineering (e.g. phishing)
    brute-force attacks
    Denial of Service Attacks
    Data Interception and theft
    SQL injection
  • Malware
    Comes from the words Malicious Software
  • Malware are executable programs that run on a computer
  • Types of Malware
    Viruses
    Worms
    Trojans
    ransomware
  • Viruses
    infect computers
    replicate their code in other programs
    infect other computers
    harm computer by deleting, corrupting or modifying files
  • Worms
    replicates itself to spread to other computers
    may cause no damage to attacked computer
    slow down networks and computers
  • Trojan
    trojans have a program, game or cracked file which the user wants
    they contain negative program code which causes damage, takes control or provides access to the computer
    the virus is hidden in the code
  • Ransomware
    holds computer hostage by locking or encrypting access to it
    if data is encrypted no even cyber security professional will be able to recover the data unless backups are available
    once a ransom is paid to the attacker access it restored
  • Social engineering
    ability to obtain confidential information by asking people for it
  • examples of Social Engineering

    Shoulder Surfing
    Phishing
  • Shoulder Surfing
    ability to get information or passwords by observing as someone types them in
    e.g. by looking over someone's shoulder or using a CCTV camera
  • Phishing
    emails/text are sent to users commonly pretending to be a company that they are not
    these message will try to get personal information such as usernames, passwords, credit card details or other personal information
  • What to look for in Phishing Email
    Greeting - Phishers dont know your name and only your email address
    sender's address - often a variation on actual address
    forged link - link may look genuine but it may not link to website given - roll mouse over link to see actual link
    request for personal infomation - genuine organisation never ask
    sense of urgency - make it seem like something bad will happen if it isnt completed quickly
    poor spelling and grammer
  • Denial of Service (DoS)

    hacker will use or infect a computer so that it sends many requests to the server as it can (flood)
    the server cant respond fast enough so slows down or goes offline
  • Man in the middle Attack
    allows the attacker to intercept communications between the user and server
    attacker can then eavesdrop to find passwords and personal information and add different information to a web page or other communications such as email
    connecting to an unencrypted Wi-Fi makes it easy to perform Man in the middle attack
  • Brute Force Attack
    a program will try every combination of a password until the correct password is found
  • SQL injection
    data base language so data is then accessed
    SQL injection takes advantages of web input forms to access or destroy data
    SQL commands can be input into web forms instead of expected 'real' data
    which can be interpreted by vunerable web applications and end up causing damage or releasing personal infomation
  • Man in Middle data interception
    on public network hacker will place themselves between computer and network and retrieve data