Please enable JavaScript.
Coggle requires JavaScript to display documents.
Cyber Security - Coggle Diagram
Cyber Security
Security Measures
Biometric Measures :
The technical term for body measurements and calculations. It refers to metrics which use human characteristics. Biometric measures is a factor of checking your identification and access control. Finger print scans, retinal scans, face scans etc.
-
CAPTCHA
Completely Automatic Public Turing test to tell Computer and Human Apart. Used to determine if the user is machine or not. Works by displaying text in which is indecipherable by a computer using a automated text recognition software. Then asks the user to enter the text displayed.
-
Password Systems
A very common method of preventing unauthorised access. Requires a user to enter a password to gain access. Can be made more secure by implementing password rules.
Social Engineering
Phishing
Sending emails purporting to be from reputable companies to induce people to release private information
Ways to prevent it on the right:
- The message is from a public email domain (@gmail.com) as real companies don't use gmail
- The domain name is misspelled (spelling name of company wrong)
- The email is poorly written (grammar, spelling mistakes which are obviously unprofessional)
- Includes suspicious links and attachments (doesnt match context of email and claiming to be an "invoice")
- The email has a sense of urgency (to make you scared/panic and potentially release information)
Pharming
Pretends to be a website (perfect quality and very difficult to see)
The web address will look slightly different (like a hyphen) and check for “https” which means it is secure
Blagging
When a person invents a scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform acions that would be unlikely in normal situations (passwords, private information)
Someone acting as if they are the bank and asking for your cyber security code (e.g asking for some of the digits but eventually all of them), this is normally done on telephone and targets vulnerable people. Also, this normally involves tricking someone into giving them your information to "help you"
You can prevent blagging by training staff/people to stop blagging questions by recognising which are usual, usually people just lack the appropriate knowledge
Shouldering
Observing someone's private information over their shoulder
Cashpoint machine PIN numbers (steal pin numbers and access their bank accounts which can be used to impersonate, ransom and use their money)
Having a guard around where you insert the PIN number and you can stand in front of it. This can be used to block people's view due to the angle they would have to see it and thus prevent your information from being stolen.
Penetration Testing
Definition:
Attempting to gain access to resources who may have knowledge of usernames, passwords, and other normal means of "access"
-
Difference between White, Black, Grey Hat hackers
White Hat Hackers - Security experts, sometimes ex crackers who are employed by a company, using their expertise to find vulnerabilities in software and fix them (Legal)
Grey Hat Hackers - Not employed by a company, try to find flaws in company systems, what they do is technically illegal but then they inform the company of the flaw so they can fix it (Illegal)
Black Hat Hackers - Gaining access through nefarious means to deliberately cause harm and disrupt to data (Illegal)
Network Forensics
Science of trying to discover and retrieve evidential information in a network about a crime to make it usable/admissible in court
It’s useful as it keeps records, stores, analyses network traffic which means it makes a complete record of network communications
Cybersecurity threats
What is Cybersecurity?
Cybersecurity is a broad term and is the processes (designed to protect the network from attacks), practices (designed to protect the computers from damage) and technologies (designed to protect the programs from authorised access).
Cybersecurity Threats
Malicious Code
Why is it a threat?
Can cause network and mail server overload by sending email messages; stealing data and passwords; deleting document files, email files or passwords; and even reformatting hard drives
What is it?
Is code where it is designed to cause damage, security breaches and threats to application security
-
-
Removable media
What is it?
: Removable media is a USB stick/pen drive, portable hard drive, SD, discs "Any secondary storage medium"
Why is it a threat?
Somebody could put a virus on a USB stick and when you plug it into your computer, it can threaten your privacy. Operating systems automatically launch/run the content. Social, being someone plugging something in and the digital barrier stopping someone from accessing stuff. Firewalls can stop you accessing information
-
Malware
What is it?
Malware is a intrusive/hostile software which executes something with a bad purpose which can run code (such as a virus which can harm the computer's data)
Types of Malware
Computer Virus
A piece of code which is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data
Adware
Software which shows you adverts or downloads advertising material such as banners or pop ups when a user is online. Adware is often unwanted and is designed to be often within a web browser. It also often piggybanks off another program to trick us into clicking it.
Companies have now even been suing people who are in charge of ad blockers (because ad blocking limits the money that they make)
Trojan
A software which is sneakily piggybacking another good software to appear harmless but it is actually malicious. Sony also did this to stop people from illegally copying/using their films without their permission
-