22477960
Description
Mind Map by MacKenzie WILLIAMS, updated more than 1 year ago
|
Created by MacKenzie WILLIAMS
almost 4 years ago
|
|
Cyber security
- Key Terms
- Threat
- An incident or action which
is deliberate or unintended
that results in disruption,
down time or data loss.
- Internal
- Caused by an incident
inside an organisation.
- Caused by an incident
inside an organisation.
- External
- Caused outside the
organisation.
- Caused outside the
organisation.
- Internal
- An incident or action which
is deliberate or unintended
that results in disruption,
down time or data loss.
- Attack
- Is a deliberate
action, targeting an
organisation's
digital system or
data.
- Is a deliberate
action, targeting an
organisation's
digital system or
data.
- Cyber Security
- Refers to the range of
measures that can be
taken to protect
computer systems,
networks and data
from unauthorised
access or cyberattack.
- Refers to the range of
measures that can be
taken to protect
computer systems,
networks and data
from unauthorised
access or cyberattack.
- Unauthorised Access
- Refers to someone getting entry
without permission to an
organisation's system, software
or data. This achieved by
exploiting a security
vulnerability.
- Hacker
- Is someone who seeks
out and exploits these
vulnerabilities.
- 3 types of hacker
- White
- Working with
organisations to
strengthen the
security of a system.
- Working with
organisations to
strengthen the
security of a system.
- Grey
- Do it for fun and
not for malicious
intent.
- Do it for fun and
not for malicious
intent.
- Black
- They try to inflict damage
by compromising security
systems.
- They try to inflict damage
by compromising security
systems.
- White
- Is someone who seeks
out and exploits these
vulnerabilities.
- Hacker
- Refers to someone getting entry
without permission to an
organisation's system, software
or data. This achieved by
exploiting a security
vulnerability.
- Threat
- Reasons for cyber
attacks
- Fun/challenge
- Hacking be systems
can fun or a challenge.
- There is a sense
of achievement
- Friends may give
respect for of hacking
achievements.
- Hacking be systems
can fun or a challenge.
- Financial
gain
- Ransoms can be
made to prevent
attacks from
happening.
- Ransomware can
be used to encrypt
a computer until
you pay.
- A payment is
given to carry
out an attack
on an
organisation.
- Ransoms can be
made to prevent
attacks from
happening.
- Disruption
- Attacks such as
denial -of-service
stop websites
working.
- Viruses can slow
down computers
and delete files.
- Attacks such as
denial -of-service
stop websites
working.
- Information/data
theft
- Credit card details are
stolen to gain money.
- Company information
may also be stolen.
- Credit card details are
stolen to gain money.
- Personal
attack
- Employees that
are unhappy
may attack the
company.
- Friends/family may attack each
other if upset over something.
- Employees that
are unhappy
may attack the
company.
- Industrial
espionage
- The aim is to find intellectual
property such as designs or
blueprints for products,
business strategies or software
source code.
- The aim is to find intellectual
property such as designs or
blueprints for products,
business strategies or software
source code.
- Fun/challenge
- Malware
- malware or Malicious software - an umbrella term given
to software that is designed to harm a digital system,
damage data or harvest sensitive information.
- Virus - A piece of malicious code that attaches to a legitimate
programs. It is capable of reproducing itself and usually capable
of causing great harm to files or other programs on the same
computer.
- Worm - A self-contain program that is
capable of spreading on its own without
help from humans.
- Worms get around by exploiting
vulnerabilities in operating systems and
attaching themselves to e-mails.
- Worms self replicate at a tremendous
rate, using up hard drive space and
bandwidth, overloading servers.
- Worms get around by exploiting
vulnerabilities in operating systems and
attaching themselves to e-mails.
- Trojan Horse: A type of malware that is
often disguised as legitimate software.
- Users are tricked into downloading it onto their computer. Once installed
the Trojan works undercover to carry out a predetermined task. Some of
these tasks include: Backdoor for hackers to use, Installing harmfull
programs and harvesting sensitive data.
- Users are tricked into downloading it onto their computer. Once installed
the Trojan works undercover to carry out a predetermined task. Some of
these tasks include: Backdoor for hackers to use, Installing harmfull
programs and harvesting sensitive data.
- Rootkit: A set of tools that give a hacker a high level administrative control, of a
computer.
- This can allow the hackers to: encrypt files, install programs, change system
configurations and steal data.
- Much like a trojan, rootkits often come bundled with legitimate
software.
- This can allow the hackers to: encrypt files, install programs, change system
configurations and steal data.
- Ransomware: Encrypts files stored on a
computer to extort or steal money from
organisations.
- Victims must pay a ransom to have the encrypted files unlocked, there is normally a deadline
for the transaction to happen. Bitcoin is usually asked for as a form of payment because it is
hard to trace.
- If the payment is not made then the amount demanded may increase or the files
are permanently locked. Ransomware is usually spread through e-mails or
through infected websites.
- If the payment is not made then the amount demanded may increase or the files
are permanently locked. Ransomware is usually spread through e-mails or
through infected websites.
- Victims must pay a ransom to have the encrypted files unlocked, there is normally a deadline
for the transaction to happen. Bitcoin is usually asked for as a form of payment because it is
hard to trace.
- Spyware: Malicious software secretly installed to collect information from someone
else's computer.
- Cyber criminals harvest personal information such as: Passwords, credit card numbers and other
details and e-mail addresses.
- With this information they can steal someone's identity, making purchases on there credit cards etc. Spyware
works in the background on someones computer without it being noticed.
- With this information they can steal someone's identity, making purchases on there credit cards etc. Spyware
works in the background on someones computer without it being noticed.
- Cyber criminals harvest personal information such as: Passwords, credit card numbers and other
details and e-mail addresses.
- Keyloggers: Spyware that records every keystroke made on a computer to
steal personal information.
- Botnet-An army of zombie devices that are used to carry out
mass attacks such as e-mailing spam to millions of users.
- Distributed denial-of-service attack-Flooding a website with
useless traffic to inundate and overwhealm the network.
- malware or Malicious software - an umbrella term given
to software that is designed to harm a digital system,
damage data or harvest sensitive information.
- Social Engineering
- Social engineering involves tricking people into
divulging valuable information about
themselves. Some of the information includes:
passwords, PIN numbers and credit card details.
- Phishing - A way of attempting to acquire information, by pretending to be
from a trustworthy source. Examples are email spoofing, fake websites
and spoof phone calls.
- Spear Phishing - Involves bespoke emails being sent to well - researched victims.
e.g. where somebody who holds a senior position within an organisation with
access to highly valuable information uses it to target victims.
- Blagging - A blagger invents a scenario to engage a
targeted victim in a manner that increases the
chance the victim will divulge information.
- For example a blagger might pretend to be a member of the IT
department to inform them something is wrong with your PC and
requires to access to fix the problem.
- For example a blagger might pretend to be a member of the IT
department to inform them something is wrong with your PC and
requires to access to fix the problem.
- Shoulder Surfing - Acquiring sensitive information by someone peering over a
persons shoulder when they are using a device. It can also be done from a distance
with the use of technology such as video cameras and drones etc.
- Pharming - Involves redirecting people to bogus,
look-a-like websites without realising it has happened.
The objective is to acquire sensitive personal information
or to install malware.
- Man in the middle attack - A form of eavesdropping where the attacker makes
and independent connection between two victims and steals information to
use fraudulently.
- Social engineering involves tricking people into
divulging valuable information about
themselves. Some of the information includes:
passwords, PIN numbers and credit card details.
Want to create your own Mind Maps for free with GoConqr? Learn more.