Please enable JavaScript.
Coggle requires JavaScript to display documents.
Unit 9, after the disaster: recovery measures, purchasing replacement…
Unit 9
cybersecurity
Worms can spread from device to device, but unlike a virus they don’t need to attach themselves to other programs (attack vectors). Worms can copy themselves hundreds of times, so they can very quickly harm your device and other devices. A worm might copy itself onto your email account and then send a copy to all of your email contacts, for example.
Malware - short for malicious software, malware is a broad-spectrum term used to describe software used to disrupt computer operation.
Viruses - a computer program that is able to copy itself onto other programs often with the intention of maliciously damaging data. A virus requires an attack vector - 'piggybacking' on another program or data file.
Key loggers - covert programs that capture keyboard (or other input device) input and transmit this data to a third party or hold the data for collection. Bluetooth keyboards are an addition method of securing against these
Spyware. Installed by opening attachments or downloading infected software. Spyware can be used to collect stored data without the user’s knowledge.
Trojans. A Trojan is a program that appears to perform a useful function, but also provides a ‘backdoor’ that enables data to be stolen/damaged.
-
forms of cyberattack
Shoulder surfing - using direct observation to get information, by standing next to someone and watch as they fill out a form, or enter a PIN number, but shoulder surfing can also be carried out long distance with the aid of binoculars or even CCTV.
SQL injection - SQL is a programming language for interrogating data. SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve.
DoS attack - Denial of service (DoS) attacks attempt to make your website and servers unavailable to legitimate users by swamping a system with fake requests—usually in an attempt to exhaust server resources. A DoS attack will involve a single Internet connection. Distributed denial of service (DDoS) attacks are launched from multiple connected devices that are distributed across the Internet.
IP address spoofing - involves an attacker changing the IP address of a legitimate host so that a visitor who types in the URL of a legitimate site is taken to a fraudulent or spoofed web page. The attacker can then use the hoax page to steal sensitive data, such as a credit card number, or install malware.
Social engineering - Social engineering involves tricking a user into giving out sensitive information such as a password, by posing as a legitimate system administrator.
Phishing - a phishing email asks a person to send personal details but pretends to be from a business. They can often look convincing but may contain spelling errors or URLs that do not match the business's website. When a person clicks on these links and logs in, it sends their username and password to someone who will use it to access their real accounts. This information might be used to steal a person’s money or identity, or may contain malware.
Pharming - redirects a user from a genuine website to a fake one. The fake website will look like the genuine one, but when a person logs in, it sends their username and password to someone who will use it to access their real accounts. One way that a pharming cyberattack can redirect traffic from a genuine website to a fake one is if the Domain Name Servers (DNS) of the website are hacked, and the IP address is changed to become the address of the pharming site.
network security
user access levels
-
User access levels define which users can change and view, view but not change, or not view stored data.
-
-
-
To secure a network requires appropriate level of access (restricting people to the data/software they need to do their jobs), secure passwords and encryption (coding the contents of emails, etc.).
suitable passwords
-
Strong passwords may require the user to use a combination of upper and lower case letters, numbers and symbols such as @ ! ~ - / \ %.
Other users can guess short simple passwords, or a hacker may have access to programs that brute force attack - trying multiple guesses in quick succession until the correct password is found.
-
-
Backup
-
Backups of all data should be made regularly, as the older the backed-up data becomes, the less likely it is to match any current data stored on a computer system.
A backup policy sets out - what, where, when and how often backups are made.
-
-
disaster recovery
A disaster recovery policy outlines all the processes that must be carried out in the event of a disaster, such as data loss or a manmade error, to ensure that the business is able to perform normally within a short amount of time. Disasters include:
fire, flood, lightning, terrorist attacks etc.
hardware failure, e.g. power supply unit failing
software failure, e.g. virus damage
accidental and malicious damage, e.g. hacking
-
after the disaster: recovery measures, purchasing replacement hardware, reinstalling software, restoring data from backups
-