1.4.1

avatar
Created by
tonks179

Cards (11)

  • Malware:
    • Created with intention to do harm
    • An executable program
    • Examples are viruses, worms, trojans and ransomware
    • Threats posed:
    • Files are deleted, become corrupt or are encrypted
    • Computers crash, reboot spontaneously and slow down
    • Internet connection becomes slow
    • Keyboard inputs are logged and sent to hackers
  • Viruses:
    • Use a host file that has to be activated- as it spreads each copy of the host needs to be activated
    • Causes harm such as deleting, corrupting or modifying files
  • Worms:
    • A form of virus but self replicating
    • Can spread to other computers across networks without further intervention by humans
  • Trojans:
    • Disguised as something the user wants
    • Can provide access to the computer and take control of the computer
  • Ransomware:
    • Prevents access to the computer by locking or encrypting the data
    • It is extremely difficult to decrypt the data- all data could be lost unless backups are available
    • Attacker demands a large payment, usually in crypto currency, to restore access to the files
  • Social engineering:
    • Getting confidential information by asking people for it
    • Threats posed by social engineering:
    • Accessing a victims account to withdraw money
    • Identity theft - opening bank accounts and credit cards, cashing illegitimate checks
    • Gain access to high value corporate data
    • Financial services and blacklist a company, resulting to damage in brand reputation
  • Shoulder surfing (social engineering):
    • Obtaining someone's password by watching them
    • Looking over someone's shoulder
    • Using CCTV
    • Installation of small cameras at ATMs
    • Is said to be the weakest point of a system because:
    • Assumptions people do not wish us any harm
    • Lack of understanding/ knowledge of potential issues
  • Phishing (social engineering):
    • Trying to obtain personal information
    • Username
    • Password
    • Bank or credit card details
    • Other personal information
    • Most commonly an email but can be texts, phone calls etc.
    • Used to commit identity fraud or steal money
  • Brute force attack:
    • Hacker uses software to try millions of combinations of letters, numbers etc. until the correct password is found
    • Millions of passwords per seconds can be attempted
    • Threats posed:
    • Theft of data
    • Access to corporate systems
  • SQL injection:
    • Networks which make use of databases are vulnerable. SQL can be typed into a website's input box which then reveals sensitive information
  • Denial of service (DoS):
    • A server is deliberately targeted with many requests (a flood) which causes the server to slow down or go offline
    • Purpose is to take down a website i.e. deny its service to prospective users
    • Distributed Denial of Service (DDoS):
    • Many computers (known as zombies) are used to flood the server
    • Owners of the computers may be unaware this is happening
    • Botnets are used to send requests
    • Threats posed:
    • Loss of access to service for customers
    • Lost revenue
    • Lower productivity
    • Damage to reputation