Cyber security threats that computers are vulnerable to
- Pharming
- Weak and default passwords
- Misconfigured access rights
- Removable media
- Unpatched and/or outdated software
- Malware including viruses
- Social engineering
Cyber security
Covers the different processes, practices and technologies that protect the following from attack, damage or unauthorised access:
- Networks
- Computers
- Programs and data
Password policy
Passwords are often checked as they are created to make sure that they conform to the parameters given in a required policy. Organisations and computer systems will often have password policies. These will make sure that your chosen password has features like:
- Minimum length of characters
- Include at least one lowercase letter
- Include at least one uppercase letter
- Include at least one symbol
- Change password every month
Misconfigured access rights
- Each user in an organisation is assigned individual access rights, according to their role
- For example, most network users should not have access to setup and configuration settings
- As people change roles within an organisation, or new roles are created, these rights have to be carefully managed
- No one should have access to areas of folders that they do not need to do their job, as this can create a security weakness
What is pharming?
A cyber attack that redirects a user to a fake website
How does a pharming attack happen?
- When your computer requests a website, it asks a DNS (Domain Name System) server for the IP address
- The DNS server replies with the IP address
- Your computer then sends a HTTP request to that IP address
- If a hacker can change the entry on the DNS server, then they can make it point to a fake website that they control. The DNS server has been ‘poisoned’
- The fake website may appear the same as the real website, however, it’s aim is to collect personal details, such as the log in to a bank account
- The hacker can now use this to transfer money to themselves
What is removable media?
Any storage device that can be inserted and removed from a computer
What can removable media be used for?
- Steal documents and files from a company
- Introduce malware
How could malware get onto removable media?
- Being present on a home computer and then infecting the removable media device when inserted
- Alternatively, a hacker could leave an infected USB flash drive in a car park or reception of a business. An interested employee can then put it into a computer
What is unpatched software?
- Software needs to be regularly patched or updated
- Many updates will contain fixes to known security issues
- Hackers will be aware of these known security issues, making computers that haven’t been updated an easy target
Which types of software are the most important to update?
Operating system
- operating system updates often contain security updates
- it is crucial that the operating system is kept as secure as possible as it has full control of the computer or server
Anti-virus or anti-malware software
- needs to be updated regularly or daily so that it can detect new malware
Which types of software are the most important to update?
Operating system
- operating system updates often contain security updates
- it is crucial that the operating system is kept as secure as possible as it has full control of the computer or server
Anti-virus or anti-malware software
- needs to be updated regularly or daily so that it can detect new malware
Explain how pharming poses a risk to computer systems, data or networks
A DNS server is compromised so that it points to a fake website which can then obtain personal information such as usernames and passwords
Explain how weak and default passwords pose a risk to computer systems, data or networks
Make it easy for hackers to gain access using password lists or brute-force attack
Explain how misconfigured access rights pose a risk to computer systems, data or networks
The give users to much access which they can then misuse
Explain how unpatched or outdated software pose a risk to computer systems, data or networks
Leave security holes open
Explain how removable media poses a risk to computer systems, data or networks
These can be used to introduce malware or remove confidential documents
What is social engineering?
The ability to obtain confidential information by manipulating people for it
What techniques can hackers use to gain information via social engineering?
- Blagging, using an invented scenario to target someone
- Phishing, using email or SMS (text) message to obtain information
- Shouldering, observing information as it is entered
What is shoulder surfing?
Shoulder surfing or shouldering is the ability to get information or passwords by observing as someone types them in
Examples of shoulder surfing
- Looking over someone’s shoulder
- Using a CCTV camera
- Viewing the reflection of a keyboard as a password is typed
Preventing vulnerabilities
- Penetration testing
- Anti-malware software, including anti-virus software
- Biometric measures, especially for mobile devices
- Password systems
- CAPTCHA
- Email confirmation to confirm identity
- Automatic software updates
- Network security such as authentication, encryption, firewalls and MAC address filtering
Anti-malware software
- Will detect malware such as viruses, worms, trojans and spyware
- When a virus or new malware is detected it is sent to the anti-virus company
- They verify it is malware then create a signature of the virus
- They then add it to their virus database and tell computers to run an update
- Viruses can morph to avoid detection, this makes it harder to create a signature
Describe how anti-virus software works
- Anti-virus software can provide real-time protection
- When a program is loaded or a file is downloaded, it is first checked to see if it contains a virus
- Parts of the file are checked and compared with virus definitions of known viruses
- If a match is found, the file can be quarantined and the user notified
