Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Threats (malware (Trojan - malware disguised as a normal document,…
Network Threats
malware
Trojan - malware disguised as a normal document, email, etc.
-
-
-
-
Pharming - a malware that directs the browser to a fake copy of a wanted website. This website looks identical but has a different URL. It will record any information put into it
Click fraud - a program that secretly makes the computer click on websites that make the criminal money per click
Ransomware - encrypts important files and data before sending the victim a ransom to unlock the system
Rootkits - gives other people remote access to a computer system and runs even while the computer is off
Scare ware - a program that causes pop-ups that tell the user that they have a virus and attempts to direct them to a download for an actual virus
Poor network policies - here are some examples of network policies, if these policies are not in place or not carried out effectively, it can allow attackers to damage a network more easily
Passwords must be hard to guess (many characters, upper and lower case at least).
-
-
-
-
-
-
attacks
Brute force attacks - a brute force attack is a program that will try to run every possible combination of letters, numbers and symbols until it cracks the target password. Simple passwords can be discovered very quickly, while passwords with capital letters, numbers, symbols and a lack of pattern may take years. If there is only a limited number of incorrect password attempts allowed on a device, this can greatly slow down or stop a brute force attack.
Denial of Service - denial of service (DoS) attacks are used to prevent users from accessing a website. They work by flooding a website with millions of bogus requests until all server memory and CPU cycles are used up, crashing the server. DoS attacks often involve the use of possibly thousands of computers infected with botnet malware. This is called distributed denial of service (DDoS), each computer will send requests while the owners will be unaware. A server can block a DoS if it is only coming from one or a few computers, however it gets harder to block the attack if more devices join. DoS attacks can commonly be associated with ransoms from attackers.
SQL injection - when a person inputs their password into a server, they send an SQL request. The server will then check for a matching password. An SQL injection is when an attacker sends many SQL requests to a server, hoping to have them carried out.
Data interception - data packets being sent between a computer or server will be intercepted by a third party device that will copy the data before sending it to its destination. This allows any information in the packets to be discovered by the third party. Encryption of data will force the eavesdropper to de-encrypt the data first, slowing them down or making them give up.
tricks
Social engineering - people can be bribed, tricked, threatened or convinced to allow criminals to access network data. This can be done with no contact between the criminal and the victim, with hard drives containing malware being left in public places for users to pick up being a very common form of social engineering.
Phishing - phishing involves sending official-looking emails from companies used by the target, these say that the user has a problem that can be solved after they click on a link. The link will take them to a site that will ask for a username and password for (usually) the user's bank account. It may also download malware.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-