5 eSecurity

avatar
Created by
anjali

Cards (35)

  • Personal data is any data that relates to you and your personal identity
  • Personal data includes
    name
    address
    phone number
    email address
    bank details
    medical records
    salary
    political opinion
  • Revealing personal data online exposes you to dangers such as identity theft, bullying, blackmailing, and fraud
  • How to keep data confidential
    have strong passwords with a combination of characters, numbers, symbols, etc.
    encrypt any personal data
    have a firewall present
    regularly scan your computer with an anti-virus package
    make use of any biometric devices (fingerprint, face id)
    only visit and provide data to trusted websites
    do not open email attachments from unrecognized senders
    be cautious about any pictures or opinions you post or send online
    remove data about your location which is normally attached to posts and videos
  • How to keep data confidential
    do not become friends on social networking sites with people you do not know
    set all privacy control settings to the most secure setting available
    report and block any suspicious users
    use a nickname when playing games on the internet
  • How is personal data collected?
    phishing
    smishing
    vishing
    pharming
  • Phishing
    when a person sends a legitimate looking email to a user.
    the email contains a link to a website.
    the user is encouraged to click the link and input personal data into a form on the website.
    the personal data input is collected by an unauthorized person.
    the person can use this data to commit fraud or steal the person's identity.
  • Smishing (SMS phishing)

    uses SMS text messages to lure the user into providing their personal details.
    the user is sent an SMS text message that either contains a link to a website in the same way that phishing does, or it will ask the user to call a telephone number.
  • Vishing (voice phishing)

    the user receives a telephone call that could either be an automated system or could be a real person.
    an automated voice speaks to the user and advises them that an issue has occurred.
    the user may then be asked to call another number, or to press a digit and be directed to another automated system.
    this system asks for bank details to resolve the issue.
  • Pharming
    when an unauthorized user installs malicious code on a person's hard drive or server.
    the malicious code is designed to redirect a user to a fake website when they type in the address of a legitimate one.
    the fake website is designed to look like the legitimate one, to trick the user and make sure they are not aware that their request has been redirected.
    the user enters their personal details and now the unauthorized user has full access.
  • A common technique used in pharming is called domain name server (DNS) cache poisoning.
    this exploits vulnerabilities in the DNS and diverts the internet traffic intended for a legitimate server towards a fake one instead.
    the malicious code for pharming is often hidden in an email attachment or link.
  • Malware is a software that is malicious
  • Types of malware
    virus
    trojan
    worm
    spyware
    adware
    rootkit
    malicious bots
    ransomware
  • The aim of a virus is to corrupt and disrupt data in a computer system.
  • Virus is the most common malware
  • Virus
    infects new files in the computer system
    it attaches itself to a clean file, replicates itself, then attached itself to another clean file
    it is designed to spread
    a virus can be especially dangerous if it infects files on a server that are accessed by many different computers
  • Signs a computer has been infected by a virus
    slower system performance
    files multiplying or duplicating on their own
    files being deleted without your knowledge
  • MINIMISING the risk of a virus
    robust anti-virus software is needed to minimize the risk of a virus
    install an anti-virus program and scan regularly
    after scanning, the anti-virus software quarantines any files that it thinks contains a virus and alerts the user. the user can then select to delete these files
    one weakness of an anti-virus program is that it is dependent on the database it holds
  • MINIMISING the risk of a virus
    a firewall can also be used
    a firewall acts as a filter, monitoring incoming and outgoing traffic from a computer system. therefore, it detects malicious software
    it is also very common for viruses to spread through the use of portable storage devices (USB)
  • Trojan
    disguises itself as legitimate software or it is included in legitimate software that has been infiltrated
    they are mostly downloaded from an infected email or website
    when the trojan file is opened, it normally releases another type of malware such as a virus
    a trojan needs the user to run the program for it to release other malicious software
    therefore, it will usually encourage the user to run a program
    for example, it will tell the user another program needs to be updated, and to click to run a program to update it
  • MINIMISING the risk of a trojan
    difficult to minimize the risk of a trojan because they mask themselves as legitimate software
    they also require the user to make them run, so rely on the error of the user to operate, rather than detection from anti-virus or firewall
    only open files and click to run software that you know is from a trusted source
    if you are in doubt about the program, do not run it
  • Worm (acts similar to a virus)

    a worm is a program that replicates itself, like a virus but, unlike a virus it does not need to attach itself to another program or file to cause damage
    worms exploit security holes and issues in a computer
    a worm replicates itself and aims to fill up all the free space on a computer to slow it down and bring it to a halt
    worms are normally downloaded and spread through email attachments, peer-to-peer file sharing networks or using a link to a website or resource
  • MINIMISING the risk of a worm
    worms often aim to exploit software vulnerabilities in a computer
    these will normally be located in the operating system or applications
    anti-virus software can normally check for a worm too
    worms can be spread by network connections
  • Spyware
    global term used to describe malware that is designed to gather information about your interactions with your computer
    the aim is to SPY on the user
    spyware is normally used to gather personal and sensitive data
  • Example of a spyware
    Key logger
    a key logger is installed on a user's computer without their consent
    a key logger records any key presses that are carried out by the user
    all this data is sent to a third party, normally the person who created the spyware, to be analyzed
    the patterns are analyzed to see if any of them look as though they could be personal or sensitive data, for example, a password
  • Spyware also includes
    targeted marketing from tracking browsing habits
    sending unwanted and often irritating pop-up adverts
    installing add-ons and redirecting to advertising websites
  • MINIMISING the risk of a spyware
    be careful about what you download, especially when downloading software free of cost and downloading from video or music sharing sites
    do not click on any links or offers in pop-up adverts
    download anti-malware software
  • Adware
    designed to display targeted advertising on your computer
    it does this by collecting data about your internet browsing habits
  • MINIMISING the risk of adware
    make sure you check exactly what is being downloaded onto your computer
    once downloaded, unwanted adware can be very difficult to remove. it may take several scans with an anti-malware software to detect and remove the adware
  • Rootkit
    a computer program that enables a person to gain administrator access to a computer
    designed to stay hidden on the computer and control the computer from a remote location
    a rootkit allows the unauthorized user to do several criminal acts with the computer such as hide illegal files, use the computer as part of a large cyber attack or to steal personal data or information
    rootkits can get installed because a victim's password is cracked/a vulnerability in the security of a computer system is exploited
    the person installing it can stop the computer recognizing the rootkit is there
  • MINIMISING the risk of a rootkit
    have a strong password for your computer to minimize the risk of it being cracked
    make sure that software is only downloaded from trusted sources
    rootkit MAY be detected by anti-malware
    completely uninstall the operating system
  • Malicious bots
    automated application used to carry out simple and repetitive tasks
    used by cybercriminals in a number of ways:
    SPAM bots are used to bombard people's email inbox with SPAM emails
    chatter bots will pretend to be humans on sites to obtain personal data
  • MINIMISING the risk of malicious bots
    bots are often embedded into links or software downloads
    do not click on any links without knowing who they are from
    never give out personal information when chatting online
    use anti-malware software
    a firewall can also be used
  • Ransomware
    restricts a user's access to their computer system and files
    the ransomware will normally demand that the user pays a random in order to regain access to their computer system
  • MINIMISING the risk of ransomware
    same as trojan
    make sure you have a copy of your data
    store your data in the cloud system