Any type of harmful program that seeks to damage or gain unauthorised access to your computer system
Virus
Can replicate itself and spread from system to system by attaching itself to infected files
Is only activated when opened by a human
Can change data or corrupt a system so that it stops working
Worm
Can replicate itself and spread from system to system by finding weaknesses in software
Does not need an infected file or human interaction to spread
Can spread very quickly across a network once it has infiltrated it
Trojan
A harmful program that looks like legitimate software so users are tricked into installing it, and secretly gives the attacker backdoor access to the system
Spyware
Secretly records the activities of a user on a computer, with the main aim of recording usernames, passwords and credit card information, which is then secretly passed back to the attacker
Keylogger
Secretly records the key presses of a user on a computer, with the main aim of recording usernames, passwords and credit card information, which is then stored or sent back to the attacker
Can be downloaded or plugged into the USB port
Ransomware
Locks files on a computer system using encryption so that a user can no longer access them, and the attacker demands money from the victim to decrypt (unlock) the data
Attackers usually use digital currencies like bitcoin which makes it hard to trace them
SQL Injection
A malicious SQL query (command) is entered into a data input box on a website, which can trick the website into giving unauthorised access to the website's database
If the website is insecure
The SQL query can view and edit the contents of a database or even gain administrator privileges
DoS (Denial of Service) attack
When a computer repeatedly sends requests to a server to overload the system, which will slow the system and may take websites offline temporarily
DDoS (Distributed Denial of Service) attack
A coordinated attack using a botnet of infected systems to overload a server with requests
Botnet
A large group of devices controlled and used maliciously by an attacker
Brute-Force Attack
Every possible combination is tested in order from start to finish, which is not a quick method but should break the password eventually, and can be sped up if multiple computer systems are used at the same time
Social Engineering
Tricking others into revealing their personal data by posing as a trusted source
Social Engineering
Impersonating an IT technician of a school via email and asking for a student's username and password
Data Interception
Data packets on a network are intercepted by a third party (e.g. a hacker) and copied to a different location than the intended destination
Packet Sniffers
Software used to intercept and analyse data packets
Penetration tests
Carried out as part of ethical hacking to review the system's security, find any risks or weaknesses, and fix them
Internal tests
To see how much damage could be done by somebody within the company with a registered account
Targeted tests
Conducted by the company's IT department and the penetration team cooperating together to find faults in the system
Anti-malware software
Used to locate and delete malware, like viruses, on a computer system
How anti-malware software works
1. Scans each file on the computer and compares it against a database of known malware
2. Identifies and deletes files with similar features to malware in the database
There are thousands of known malware, but new forms are created each day by attackers, so anti-malware software must be regularly updated to keep systems secure
Roles of anti-malware software
Checking all incoming and outgoing emails and their attachments
Checking files as they are downloaded
Scanning the hard drive for viruses and deleting them
Firewall
Manages incoming and outgoing network traffic by processing each data packet to check whether it should be given access to the network by examining the source and destination address
Roles of a firewall
Blocking access to insecure / malicious web sites
Blocking certain programs from accessing the internet
Blocking unexpected / unauthorised downloads
Preventing specific users on a network accessing certain files
Rules for choosing a strong password
Contains a mix of uppercase and lowercase letters, punctuation and numbers
Is of a substantial length (at least 8 characters)
Is regularly changed
Types of access levels
Read-Only (user can only view a file and is not allowed to change any data)
Read and Write (user can read and edit the data in a file)
No access (user can't view or edit the file)
Encryption
The process of scrambling data into an unreadable format so that attackers cannot understand it if intercepted during transmission
How encryption works
1. The original data (known as plaintext) is converted to scrambled ciphertext using an encryption key
2. Only at the correct destination will the encryption key be used to convert the ciphertext back into plaintext to be understood by the receiving computer