What are the cyber security threats?
- Brute force attacks
- Data interception
- Distributed denial of service (DDoS) attacks
- Hacking
- Malware (viruses, worms, trojan horse, spyware, adware and ransomware)
- Phishing
- Pharming
- Social engineering.
How does brute force attacks?
A hacker tries to crack your password by systematically trying all the different combinations of letters, numbers and other symbols.
What are the solutions to brute force?
- Use long password with a variation of characters e.g. upper and lower case letters, numbers and symbols.
- Limit the number of attempts allowed for inputting the password.
How does data interception work?
Data interception is a form of stealing data by tapping into a wired or wireless communication link. The intent is to compromise privacy or to obtain confidential information.
Interception can be carried out using a packet sniffer, which examines data packets being sent over a network.
What is packet sniffing?
It is a method used by a cybercriminal to examine data packets being sent over a network and to find the contents of a data packet, which are sent back to the cybercriminal.
What is war driving?
The act of locating and using wireless connections illegally.
Wi-Fi (wireless) data interception can be carried out using a laptop or smartphone, antenna and a GPS device outside a building or somebody’s house. The intercepted Wi-Fi signal can then reveal personal data to the hacker, often without the user being aware this is happening.
What are the solutions to data interception?
- Use of Wired Equivalent Privacy (WEP) encryption
- Use of firewalls to prevent outside users from gaining access
- Protect the use of wireless device with complex passwords before the internet can be accessed
What is Distributed Denial of Service (DDoS) attacks?
A denial of service (DoS) attack is an attempt at preventing users from
accessing part of a network, notably an internet server.
The attacker may be able to prevent a user from:
• accessing their emails
• accessing websites/web pages
• accessing online services (such as banking).
What are the solutions to Distributed Denial of Service (DDoS) attacks?
- Using an up-to-date malware checker
- Setting up a firewall to restrict traffic to and from the web server or user’s computer
- Applying email filters to filter out unwanted traffic (for example, spam)
- Use a proxy server to redirect unauthorised traffic.
What is Hacking?
Hacking is generally the act of gaining illegal access to a computer system without the user’s permission.
This can lead to identity theft or the gaining of personal information; data can be deleted, passed on, changed or corrupted.
What is Ethical Hacking?
Authorise hackers paid by companies to check out their security measures and test how robust their computer systems are to hacking attacks.
What are the solutions to Hacking?
- Use complex password with a variation of characters e.g. upper and lower case letters, numbers and symbols.
- Use of anti-hacking software
- Use firewall to monitors for malicious traffics
- Use encryption for sensitive data
What is Malware?
Malware, short for malicious software is any intrusive software developed by hackers to steal data and damage or destroy computers and computer systems.
Examples of malware include viruses, worms, Trojan horse, spyware, adware, and ransomware
Definition of viruses
Viruses are programs that can replicate/copy themselves with the intention of deleting or corrupting files, or causing the computer to malfunction.
They need an active host program on the target computer or an operating system that has already been infected before they can run.
Definition of worms
Worms are a type of stand-alone malware that can self-replicate. Their intention is to spread to other computers and corrupt whole networks.
Unlike viruses, they don’t need an active host program to be opened in order to do damage.
Definition of Trojan horse
A Trojan horse is a program which is often disguised as legitimate software but with malicious instructions embedded within it.
Once installed on the user’s computer, the Trojan horse will give cyber criminals access to personal information on your computers, such as IP addresses, passwords and other personal data.
Definition of Spyware
Spyware is software that gathers information by monitoring a user’s activities carried out on the user’s computer. The gathered information is sent back to the hackers who originally sent the spyware.
Definition of Adware
Adware is the least dangerous of malware that attempt to flood user with unwanted advertising.
It could redirect a user’s browser to a website that contains promotional advertising in the form of pop-ups or redirect search requests.
Definition of Ransomware
Ransomwares are programs that encrypt data on a user’s computer and hold the data hostage. The cybercriminal waits until the ransom money is paid, and the decryption key is then sent to the user.
What are the solutions to Malware?
- Install anti-malware software (antivirus and antispyware software) and scan the computer regularly
- Don’t download or install software from unknown sources
- Be careful when opening emails or attachments from unknown senders
- Do regular back ups of important files
- Keep your operating system, browsers and software updated
- Use firewall protection
What is Phishing?
Legitimate-looking emails with link or attachment when click will send the user to fake website with the intention to trick the user into responding with personal data (for example, bank account details or credit/debit card details).
What is spear phishing?
The cybercriminal targets specific individuals or companies to gain access to sensitive financial information or industrial espionage.
What are the solutions to Phishing?
- Security awareness training for the users to become aware of how to identify phishing scams
- The user should always be cautious not to click on any email’s links unless totally certain that it is safe to do so
- it is important to run anti-phishing toolbars on browsers since these will alert the user to malicious websites contained in an email
- Always look out for https or the green padlock symbol in the address bar
- Regular checks of online accounts are also advisable as well as maintaining passwords on a regular basis
- Keep your browser up to date and firewall running on the computer device
- Be very cautious of pop-ups and use the browser to block them
What are the solutions to Phishing?
- Security awareness training for the users to become aware of how to identify phishing scams
- The user should always be cautious not to click on any email’s links unless totally certain that it is safe to do so
- it is important to run anti-phishing toolbars on browsers since these will alert the user to malicious websites contained in an email
- Always look out for https or the green padlock symbol in the address bar
- Regular checks of online accounts are also advisable as well as maintaining passwords on a regular basis
- Keep your browser up to date and firewall running on the computer device
- Be very cautious of pop-ups and use the browser to block them
