Cyber Security

avatar
Created by
Huong Nguyen

Cards (21)

  • Brute Force Attack:
    • Hackers try to guess your password by trying all the different combinations of letters, numbers and symbols.
    • Effect:
    • Hacker gets access to user’s personal data
    • To remove risk:
    • Use stronger passwords with more characters and symbols
  • Data Interception:
    • This involves stealing data by tapping into a wired or a wireless transmission line
    • Wardriving - The act of locating and using wireless internet connections illegally
    • Packet Sniffing - Uses Packet sniffers to examine packets sent over a line; all the data collected is sent back to the attacker
    • Effect:
    • It can cause a computer to crash
    • Can delete or corrupt files/data
    • To remove risk:
    • Install anti-virus software
    • Don’t use software from unknown sources
    • Be careful when opening emails from unknown
  • Distributed Denial of Service Attacks (DDoS)
    • An attempt at preventing users from accessing part of a network
    • Usually temporary but may be damaging
    • An attacker may be able to prevent the user from:
    • Accessing their emails
    • Accessing websites
    • Accessing online services
  • Hacking
    • The act of gaining illegal access to a computer system
    • Effect:
    • This leads to identity theft, gaining personal information
    • Data can be deleted, changed or corrupted
    • To remove risk:
    • Firewalls
    • Strong passwords/ user IDs
    • Use of anti-hacking software
    • Difference between hacking and cracking
    • Hacking breaks into computer systems to steal data
    • Cracking is when someone edits a program code, malicious
  • Malware
    • Stands for Malicious Software
    • Virus - A program that can replicate itself with the intention of deleting or corrupting files, causing a computer malfunction
    • Ransomware - Attackers encrypt the user’s data until a certain amount of money is paid
    • Adware - Displays unwanted ads on the user’s screen
    • Trojan Horse - Programs that are disguised as legitimate software
    • Spyware - Sends data about all the activities of the user to the attacker
    • Worms - Programs that can replicate themselves with the intention of corrupting the entire network instead of the computer alone
  • Phishing
    • Attackers send legitimate-looking emails to bait the user into giving out their information.
    • To remove risk:
    • Don’t open links from unknown receivers
    • Use anti-phishing tools
    • Block pop-up ads
    • Have an up-to-date browser
  • Pharming
    • The attacker installs a malicious code on the computer, which redirects the user to fake websites
    • Effect:
    • The user gives out login details and other personal details
    • To remove risk:
    • Using anti-virus software
    • Checking the spelling and the weblink carefully
    • Make sure that the green padlock is present in the URL bar
  • Social Engineering: attackers create a social situation which leads to victims giving out their details 
  • Keeping data safe from threats
    • Access Levels
    • Antivirus
    • Authentication
    • Two-Step Verification
    • Automatic Software Updates
    • Spelling and Tone
    • Firewalls
    • Proxy Servers
    • Privacy Settings
    • SSL (Secure Socket Layer)
  • Access Levels - having different levels of access for different people
  • Antivirus - protects user’s computer from malware attacks
  • Authentication - user proving who they are
  • Two-Step Verification - requires two methods of authentication to prove who the user is
  • Automatic Software Updates - latest updates contain patches which improve device security
  • Spelling and Tone - fake emails tend to have wrong spelling and grammar and the tone would also seem urgen
  • Firewalls - hardware or software which monitors the traffic between a network and the user’s computer
  • Proxy Servers - Acts as an intermediate between the user’s computer and the web server. They are used for -
    • Filtering Internet traffic
    • Keeping the user’s IP Address Confidential
    • Blocking access to certain websites
    • Attacks like DDoS and hacking attack the proxy server, keeping the web server safe.
    • Acts as a firewall as well.
  • Privacy Settings - used to limit who can access and see a user’s profile
  • SSL (Secure Socket Layer) - set of rules used while communicating with other users on the internet.
  • Biometric Methods:
    • Benefits:
    • Fingerprint Scans: very easy to use, require very low storage space to store
    • Retina Scan: very high accuracy, impossible to replicate a person’s retina
    • Face Recognition: non-intrusive method, relatively cheaper
    • Voice Recognition: non-Intrusive method, done quickly and relatively cheaper
  • Biometric Methods:
    • Drawbacks:
    • Fingerprint Scans: can’t be used if the finger gets dirty or damaged
    • Retina Scan: very intrusive, takes longer to verify, expensive install, set up
    • Face Recognition: can’t identify if there are any changes
    • Voice Recognition: voices can be recorded and verified, but low accuracy can make voice identification impossible.