Cyber Security

Cyber Security

Key terms
1. Threat
  1. External
    1. Caused outside the organisation.
  2. Internal
    1. Caused by an incident inside an organisation.
  3. An incident or action which is deliberate or unintended, that results in disruption, down time or data loss.
2. Attack
  1. An attack is a deliberate action, targeting an organisations digital system or data.
3. Unauthorised access
4. Cyber security
Hackers
1. Someone who seeks out and exploits these vulnerabilities.
2. Black hat hackers
  1. Someone who tries to inflict damage by compromising security systems.
3. Grey hat hackers
  1. Someone who does it for fun and not in malicious intent.
4. White hat hackers
  1. someone who works with organizations to strengthn the security of the system.
Types of threats
1. Malware
  1. This is an umbrella term given to software that is designed to harm a digital system, damage data or harvest sensitive information.
  2. Malicious software
  3. Trojan horse.
    1. Users are tricked into downloading it to their computer. Once installed the Trojan works undercover to carry out a predetermined task.
  4. Rootkit.
    1. Designed to remotely access and control a computer system without being detected by security software or the user.
  5. Ransomware.
    1. Encrypts files stored on a computer to extort/demand or steal money from organisations.
  6. Spyware.
    1. Is secretly installed to collect information for someone else's computer.
  7. Keyloggers.
    1. Spyware that records every keystroke made on a computer to steal personal information.
  8. Adware
    1. Automatically shows adverts such as popups.
      1. Most adware is harmless but some contain spyware such as key loggers.
2. Virus
  1. A piece of malicious code that attaches to a legitimate program. It is capable of reproducing itself, and usually capable of causing great harm to files or other programs on the same computer.
3. Worm
  1. Worms get around by exploiting vulnerabilities in operating systems and attaching themselves to emails. They self replicate at a tremendous rate, using up hard drive space and bandwidth, overloading servers.
Social engineering
1. A set of methods used by cybercriminals to deceive individuals to handing over information that can be used for fraudulent purposes.
2. Shoulder surfing/Shouldering
  1. It involves the attacker watching the victim while they provide sensitive information. (e.g. watching someone put in their pin at a cash point).
3. Phishing
  1. Is an attack in which the victim receives an email disguised to look as if it has come from a reputable source, in order to trick them to giving up valuable data. The email usually provides a link to another website where the information can be inputted.
4. Pharming
  1. Is when a victim redirects the user from a genuine website to a fake one.
5. Blagging/Pretexting
  1. An attack in which the perpetrator invents a scenario in order to convince the victim to give them data or money.
  2. Blagging and pretexting does not just happen on an email, it happens on the phone too.
6. Tailgating/Piggybacking
  1. Try to gain access to a secure room or building.
    1. E.g A common example is someone pretends to be a delivery driver and asking an authorised person to hold the door so they can enter the building.
7. Baiting
  1. Cyber criminals to make a promise of goods to get the information that they need
    1. E.g promise free downloads to a film for login details.

Next up

Description

Resource summary

Similar

	Created by Violette JENKINSON almost 4 years ago