network threats

Cards (12)

  • Malware
    Computer software/program/code with malicious/hostile/intrusive intent
  • Malware
    • Files being deleted, corrupted or encrypted
    • The device randomly crashing, rebooting or slowing down
    • Internet connections becoming slow (This is often due to the malware using up a lot of bandwidth to search online for other devices to infect)
    • Keyboard inputs being logged and sent to hackers. This can be very dangerous as the keys the user presses when entering important details, such as bank account passwords can be picked up by the hacker.
    • Once malware has entered one device on a network, it is very easy for it to spread to other devices on that same network via the server
    • The purpose of malware is usually to uncover sensitive information about a user such as their passwords.
  • Phishing
    The fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers
  • Purposes of phishing
    • Accessing a victims account in order to withdraw money or purchase items
    • To open bank accounts and credit cards or to cash in illegitimate cheques
    • To gain access to high value cooperate data. The hacker will often sell this back to the business in return for a large sum of money
    • Financial services can blacklist the company, resulting in damage to its reputation
    • The overarching goal of phishing is for the hacker to gain money and sensitive information
  • Brute force attacks
    A trial-and-error method used to crack passwords, login credentials, or encryption keys. It involves using automated software to generate a large number of consecutive guesses as to the value of the desired data.
  • Brute force attacks
    • The purpose is to gain access to cooperate systems or to steal sensitive data
    • They do not use a very sophisticated strategy, they usually use an algorithm to try out every possible password combination until they get the right one – hence the name "brute force attack".
  • Denial of service attack (DOS)
    An interruption in an authorized user's access to a computer network, typically one caused with malicious intent
  • Denial of service attack (DOS)
    • The hacker overloads a company's server with a huge amount of useless requests in order to use up all of the server's bandwidth
    • This over usage of bandwidth prevents other genuine users from properly accessing the network
    • It can result in loss of access for genuine users, lost revenue for the company, lower productivity within the network, and damage to the company's reputation
    • The overall goal is to temporarily lower a company's profits and productivity and to permanently damage its reputation
  • Data interception and theft
    With data interception, users and passwords are compromised, resulting in unauthorized access to systems. The main goal is to steal sensitive information such as usernames and passwords and to steal cooperate data.
  • Data interception and theft
    • Hackers often use a packet sniffer to pick up sensitive data (such as usernames and passwords) that are being transferred across two points on a network. These stolen login details can then be used to log into the network it what seems like a legitimate way.
  • SQL injections
    With SQL injection hacks, the contents of a database can be output, revealing data that would otherwise be hidden. Data in the database can then be changed or deleted. The hacker can even add whole new files.
  • People as a weak point
    • Not installing OS updates
    • Not keeping anti malware software up to date
    • Not locking doors to computer rooms
    • Not logging off of their device once they are finished using it
    • Leaving login details out in the open
    • Sharing passwords
    • Misplacing a memory stick which can then be picked up by someone else
    • Not applying security to their network
    • Not encrypting data while it is being transmitted