List legislation related to computer misuse. Describe what each does.
Computer Misuse Act 1990
- made it illegal to gain unauthorised access to a computer; unauthorised access with the intent to commit further crimes; unauthorised access with the intent to modify content
Police and Justice Bill 2006
- amended Computer Misuse Act 1990
- made it illegal to build any attack toolkits
- increased the penalty for a computer misuse offense from 6 months to 12 months
EU Directive on Security of Network and Information Systems 2016
- united, transnational approach to cyber crime to achieve a high level common security by:
- EU level cooperation
- logging and reporting any incidents
- increased cybersecurity capabilities at a national level
Define malware
malicious + software = malware
a program that is COVERTLY installed on a device that attacks DATA, APPLICATIONS, PROGRAMS, OS.
Data - damages it and compromises its integrity and confidentiality
RUNS intrusive and destructive programs
How is a malware classified?
By payload and how it propagates
What does APT stand for and what is it?
Advanced Persistent Threats
- > advanced = sophisticated and a variety of malware tools
- > persistent = attacks one target, usually political, repeatedly over a long time
What are the different components of a virus?
An infection vector
Trigger
Payload (what it does, besides spreading)
Describe a typical life cycle of a virus.
Dormant phase
Propagation phase
Triggering phase
Execution phase
How is it classified?
By target
or concealment strategy (polymorphic, metamorphic, encryption)
What is a worm?
A malicious program that actively seeks a machine to infect and use as a launchpad for further attacks
What are the different types of worms?
Polymorphic Metamorphic Multi-exploit Multi-platform Ultrafast Zero day exploits (exploiting known vulnerability to achieve maximum surprise and distribution)
How does a worm spread?
- Email/IM
- File sharing
- Remote execution -> remote log in access/ remote file access
