Please enable JavaScript.
Coggle requires JavaScript to display documents.
ICT Revison.2 - Coggle Diagram
ICT Revison.2
TA4
Threats
-
Adware: adverts that cover any software that automatically displays them either embedded or in the form of pop-ups to generate income for the ad's author
Botnet: harmful software is secretly distributed to make the device apart of the botnet. Infected devices can communicate with botmasters control centre to coordinate activities, for stealing data or sending DDOS attacks.
Ransomware: locks files on the victims computer by using encryption so that the attacker only can access the files by decrypting them, attacker will ask money from victim.
Spyware: software to secretly record a users activities on a computer, to try get their personal information.
Trojan horse: software disguised to be legit, but will affect files that the culprit choose to, to give attacker backdoor access to someone's system.
Virus: corrupts systems by pretending to be legitimate file/link/program but will then spread itself across multiple systems by attaching itself to infected files.
Worm: compromising systems/stealing data by spreading across networks, doesn't need any infected files/human interaction.
Social engineering
Phishing: an attacker will communicate (e.g. via email) to take your sensitive information, by asking or setting up links
Pretexting: attacker will set up scenario (usually personal
to you) to try get your personal information
Baiting: attacker will try to lure a victim (e.g. promising free software) and then add malware to your computer/attain your personal information
-
-
Shoulder surfing: attacker will look over victims shoulders
to build up knowledge of your personal information
Hacking
-
Hats
-
Grey hat: someone who will gain unauthorised access but won't have any malicious intent, usually show weaknesses in systems to owner & expect reward
-
A DDoS attack is when an attacker will use more than one device with intentions of disrupting a system by introducing malware to it. After consuming resources, affected devices will become into a botnet.
Pharming is an attack that will redirect the victim from a legitimate website to a fraudulent one, withought the victims knowledge. It will exploit vulnerabilities to reroute traffic and victims could risk sharing their private information
Identity theft is posing as someone else (after having gained information about them) for your own benefit
Cyber prevention methods
Physical
-
-
-
RFID: radio frequency identification is a wireless technology that uses radio waves to receive information from their tag to identify them
Firewalls: physical devices that act as a barrier by protecting entire networks by filtering incoming/outgoing traffic (based on security measures)
-
Logical
User access levels: system will contain different hierarchies to only allow selective people to gain access
-
Anti virus software: detects/prevents malware from attacking a system by scanning files/programs for any harmful activity
Firewalls: security system that acts as a barrier between trusted/internal networks and untrusted/external networks by controlling incoming/outgoing network traffic
-
Back ups: stores copies of important data/information in case of threat by regularly backing up data/storing data in multiple locations
2 factor authentication: a company will ask you to enter any other data that they know you only have access too
Data sanitation
Data erasure: overwriting data (usually in binary) so that the old one is completely gone -meets industry standards -time-consuming
Magnetic wiping: using a fairly powerful magnet to disrupt magnetic field of magnetic storage devices -works on damaged drives -if too strong can disrupt other data and prevent systems working
Physical destruction: breaking physical component/device -ideal for highly sensitive data -risk of self harm
Data Protection
Data Protection Act: makes legal what personal data can be: collected (and for how long), making sure it's accurate + who can see/share that data
Principles: Lawfulness + fairness + transparency, Purpose limitation, Data minimisation, accuracy, storage limitation, Security, Accountability
Freedom of Information Act (2000): legalises requesting info you think a public authority has/find info that is already published by public authorities
-
Data controller: in charge of sharing data, ensuring accuracy + safety
Information commissioner: people who collect/store data providing advice for who they work for/government
Computer Misuse Act
Cyberbullying, trolling, hacking, financial fraud
Other offences: unauthorised access, changing data for your own personal beneift on a system you shouldnt be on
Health & Safety
Trailing wires can be a safety issue, prevented with cable covers
If a computer catches fire a carbon dioxide fire estinguisher should be used because they displace oxygen (eliminate fire w/out damaging eletrical equipment)
UPS (device that manages the flow of power to allow power can run for a period of time even after a power failure)
Preventing eye strain/back pain/repetitive strain injury: wearing (blue-light) glasses, taking regular breaks, stretches, good posture, proper lighting