Please enable JavaScript.
Coggle requires JavaScript to display documents.
System Security (Attacks) - Coggle Diagram
System Security (Attacks)
Forms of attack
Active attack
This is where some one uses malware or other technical methods to comprise a network
Insider attack
When someone inside the organisation gives away access details or sensitive infomation.
Passive attack
When an attack eavesdrops on a network, sniffing data packets.
Social engineering
When someone is exploited into giving away critical information that gives access to network or accounts.
Penetration testing
This is used to identify vulnerabilities within a networks security. This is done by a launching a controlled attack on the network.
A good penetration test will check:
Technical vulnerabilities
Likelihood of social engineering
A test of damage recovery and control
Performed by the organisation itself or by a private contractor.
Malware
Viruses and worms
A virus is a small piece of code injected into the other programs which spread from computer to computer.
Worms are small pieces of code which spread across a network, similar to viruses but without a host program.
Trojan horse and ransomware
Trojan horse is any malware that trick the user into installing it by pretending to be a different program.
Ransomware encrypts files on an infected system and only decrypts once a payment has been made to the hacker
Spyware
Gathers information about a user by tracking their activity.
Rootkits
Malware which modifies the computer's operating system to avoid detection by antivirus software.
Backdoors
Malware which opens up an access channel to a computer that other malware can use to take over the machine.
How malware spreads:
Attachments
Users often willingly install malware if they are tricked into thinking that they are installing a different piece of software --> Trojan horse.
Intallations
Opening attachments in emails such as word and excel documents can include macros. These are small programs that are given permission to run on a computer and can be set up to install malware.
Replication
Once a device is infected with a worm or virus then it becomes easy to spread the malware and the process of spreading from computer to computer is called self-replication.
Threats posed:
Files get deleted, become corrupt or are encrypted
Computers crash, reboot or slow down
Internet connection becomes slow
Key bored inputs are logged and sent to the hackers
Social engineering
No matter how much money is spent on security human error is always a problem. This makes people a weak link in system security.
Cold calling is a popular form of this attack, people will call pretending to be a bank or utility company, they will then ask the victim to confirm details so they can access there account.
Fear is used to put people off guard and make them make irrational decisions. A common attack would be to call someone asking why there bank account has been emptied,
Protection:
Company security policies --> these are instructions for employees that they must follow to uphold security.
Public awareness campaigns --> banks and governments will run education campaigns to inform people of the threat.
Education and training --> This is where people are made aware of tactics used by fraudsters.
Phishing
This is a common form of social engineering attack.
Phishing makes use of fake emails and websites to trick people into giving away their data. Emails are sent to thousands of people pretending to be banks or utility providers. Victems are taken to relestic, but fake websites where they enter they login giving their data away.
Protection:
Never click a link that asks to update or enter account details.
Check the senders email address is correct.
Look for clues that the email is not legitimate such as spelling mistakes or generic greetings.
Threats posed:
May be able to access bank account to withdraw money or make purchase.
Open bank accounts and credit cards
Gain access to high value data
Brute force attack
Threats posed:
Steal data
Access corporate data
Denial of service attack
Threats posed:
Loss of revenue due to loss of contact with costumers
Loss of reputation
Data interception and theft
Threats posed:
Data such as passwords can be stolen
SQL injection
Threats posed:
Contents of data bases can be outputted, reveals private data
Data can be amended or deleted
Rouge records can be entered
People as a weak point
People may forget to install OS updates
People may forget to update anti-malware
People may forget to lock doors to computer rooms
People may forget to log of computers
Leaving printouts on a desk
etc