Please enable JavaScript.
Coggle requires JavaScript to display documents.
Threats - Coggle Diagram
Threats
-
Malware: a malicious program that is installed on a computer system with the intention to cause damage and disrupt its functionality or steal information.
Viruses: A virus is a computer program that is hidden within another program. The virus code is only run when the host program is executed. Viruses can delete data or change system files so that data becomes corrupted.
Worms: They are different to viruses as they do not need to be hosted in another program. They often create a 'back door' so that the hacker can take over an infected computer. Worms are self-replicating, which uses up the computer's resources and cause other programs to run slowly.
Trojans: are programs that users are tricked into installing under pretence that they are legitimate and useful.
Ransomware: It is a malware that interferes with a user's operation of a computer unless a sum of money (ransom) is paid.
Spyware: it is a malware that comes packaged with other software such as free software that a user downloads. It gathers information about it's user and sends it to the criminal.
Pharming: It is a form of attack where users are directed to a fake websites. Two ways that this might happen: Malware installed on a computer can send lookup requests to a rogue DNS server rather than their ISP's genuine DNS server, or malware can infect the DNS server itself (known as DNS spoofing) so that everyone is directed to the bogus website.
Social Engineering: It is a form of security attack that involves tricking or manipulating people into giving away critical information or access details.
Phishing: uses fake emails and new websites to trick people into giving away their sensitive data and information.
Pretexting: Also known as blagging, is often done by phone but can also be carried out face to face. They often will pretend to be from an official organisation such as a bank.
Shouldering: It involves finding out login details, passwords and PINs by watching people enter them.
Data interception and Theft: Data is a very valuable commodity. Personal data can be used to access bank accounts or in identity theft, while the financial data or trade secrets of a company can be exploited by others to gain a competitive advantage.
Packet sniffing: It involves intercepting data using packet analysers as it is being transmitted across a network. These analysers read and display the contents of each data packet enabling sensitive data.
Man-in-the-middle attacks: A MITM attack involves a device's connection to the internet. Often this is achieved by luring users into using a fake Wi-Fi spot.
Denial of Service (DoS) attacks: These are attacks are designed to bring down servers or websites by flooding them with superfluous bogus requests such as repeated attempts to login.
The concept of SQL injection: (SQL) Structured Query Language, It can be used to bypass security and circumvent the need to enter legitimate login credentials, thus allowing hackers to gain access to the database. From here they can steal valuable data such as names, addresses and bank details.
Brute force attacks: It is where a hacker attempts to crack a password by systematically trying different combinations of letters and numbers until the correct one is found.