Cyberattacks

Adjunto:

• Network security 2

1. A cyberattack is an attempt by hackers to damage or destroy a computer network or system.
   1. Cyber attacks exploit us using a network or technical weakness to:
      1. Obtain data stored on the network
      2. Delete or modify data
      3. Make the system unusable
2. Social engineering
   1. Phishing
      1. Emails claiming or appearing to be from a bank or building society e-commerce site, asking for details of passwords and credit cards.
   2. Shoulder surfing
      1. Finding passwords and PINs (Personal Identification Numbers) by watching people enter them.
   3. Targeting the users
      1. Social engineering involves tricking people into divulging secret information such as passwords and login information.
3. Technical weaknesses
   1. Unpatched software
      1. As software is used security flaws are discovered which can be exploited by hackers. The makers release patches to fix security issues but they have to be applied and often are forgotten about
   2. USB devices
      1. Employees could attach portable devices containing flash drives and copy sensitive information. They could also try to install software onto the network and introduce malware.
   3. Smart devices
      1. At home, such as kettles and fridges, are usually unprotected and can be targeted by hackers. They have been used to launch denial of service attacks.
   4. Eavesdropping
      1. The interception of digital communications. This is done by: directly listening to digital or analogue voice communication; the interception or 'sniffing' of data relating to any form of communication
      2. Criminals use packet analysers or 'packet sniffers' to intercept the transmitted data packets, which are then analysed and their data decoded. The criminals can therefore steal sensitive data such as logins, passwords, credit card numbers and PINs. Encrypting data on a network is essential so that it cannot be of use if it is intercepted by eavesdropping.