What are all the potential threats to a network?
- Malware
- Social engineering, e.g Phishing, people as the ‘weak point’
- Brute force attacks
- Denial of service attacks
- Data interception and theft
- SQL injection
Etymology of malware
Malicious & Software
What is malware?
Malware are executable programs that run on a computer and ‘infect’ it. There are different types of malware.
Types of malware
- viruses
- worms
- trojans
- ransomware
- spyware
What do viruses do?
• Attach themselves to legitimate files or programs.
• Spread when the infected file is opened, ie. requires human action to do this
• Can corrupt data, slow systems, or delete files.
What do worms do?
• Spread automatically across networks without user action.
• Often cause network congestion and system slowdowns.
What do trojans do?
• Disguised as legitimate software.
• Open a “backdoor” for attackers to access your system.
• Commonly used to steal data or install additional malware.
What does ransomware do?
• Encrypts your files/data and demands payment to unlock (ie. decrypt) them
• Only way to recover the data is likely to be via backups
This happened to Marks and Spencer in 2025
What does spyware do?
• Secretly monitors your activity by capturing your keystrokes
• Can obtain your passwords, banking details for example.
What is social engineering?
• Social engineering is the ability to obtain confidential information by asking people for it
• It is based on the premise that ‘People are the weakest link in any system / network’
• Can take many forms including:
• Shoulder Surfing
• Phishing
• Pretexting
What is shoulder surfing?
• Shoulder surfing is the ability to get information or passwords by observing as someone types them in
• The following are two examples:
• Looking over someone’s shoulder
• Using a CCTV camera
What is pretexting?
Impersonating an IT or Account support representative use this false identity to deceive the victim into providing confidential information or granting access to secure areas
What is phishing?
• Phishing is a type of social engineering technique
• Emails mainly (or texts) are sent to users commonly
pretending to be from a bank or website
• The ‘From’ email address may be forged
• These messages will try to get
personal information via a link such as:
• Usernames
• Passwords
• Credit card details
• Other personal information
How to spot a phishy email?
• Greeting: The phishers don’t know your name – just your email address, so the greeting is not personalised
• The sender’s address is often a variation on a genuine address
• Forged link: The link looks genuine, but it may not link to the website given. Roll your mouse over it to check
• Request for personal information: Genuine organisations never do this
• Sense of urgency: Criminals try to persuade you that something bad will happen if you don’t act fast
• Poor spelling and grammar
Intended impact of social engineering
• Obtain personal information and profit from it
• Gain access to personal data / sensitive files
• Install malware
Brute force attacks
• In a brute force attack, a hacker will try every combination of password until the correct password is found
This is done using a computer program.
The purpose is to gain access to a computer
system
What is a Denial of Service (DoS) attack?
• In a denial of service attack, a hacker will use or infect a computer so that:
• it sends as many requests to the server as it can (‘flooding’ the server with requests)
• the server can’t respond fast enough so slows down or goes offline
• In a distributed denial of service attack (DDoS), many computers are used to send the requests
Impact of DoS attack
A DoS attack is is a malicious act aimed at rendering a
computer system, network, or service unavailable to its
intended users.
To Customers:
• unable to access the desired website/service
To Company:
• reputational damage
• financial loss (depending on severity and duration)
What is data interception?
• The attacker can intercept communications between the one device and another on a network
• This is done via a network sniffer - Network sniffing is the process of monitoring and capturing all the packets
passing through a given network using sniffing tools
What are network sniffers?
• A network sniffer is either software or hardware that can intercept data packets as they travel across a network.
• Legitimate uses include:
• Tracking down network traffic bottlenecks
• Testing firewalls for network security efficacy
• Acquiring statistical data on network bandwidth,
availability, etc.
• But clearly can be used for the wrong reasons by a hacker
When are you most at risk of data interception?
Connecting to unencrypted Wi-Fi makes it easy for your data to be intercepted
What is data theft?
• Digital devices are often targeted by criminals. Data on
them can be accessed in a variety of ways:
• Loss of a mobile phone can lead to the loss of all the data stored on it, including passwords, account numbers and credit card details
• Malware which targets digital devices may create ‘back doors’ to give malicious users access to your device
• Many apparently legitimate apps are malicious and may lead to theft of your personal information
How to reduce the risk of data theft?
• Use the password feature and choose a strong password
• Make sure the data is encrypted
• Do not follow links in suspicious emails
• Don’t install apps without researching them first – if they require unnecessary extra permissions, don’t install them
• Delete all information stored on your device before discarding
What is SQL injection?
• SQL (Structured Query Language) is a database query
language
• SQL injection takes advantage of web input forms to access or destroy data
• Malicious SQL commands can be input into web forms instead of the expected ‘real’ data
• This can be interpreted by vulnerable web applications and end up causing damage or releasing personal information
