Cyber Security
- Understand and explain the cyber security threats:
-
social engineering techniques
-
malicious code (malware)
-
pharming
-
weak and default passwords
-
misconfigured access rights
-
removable media
-
unpatched and/or outdated software.
-
- Explain what penetration testing.
Cyber Security
- Cyber security is about keeping networks and computers, and the files, data and programs stored on them, safe from attack, damage and unauthorised access.
- Cyber security is primarily concerned with preventing unauthorised access to networks and device (see Network Security).
- Additional measures are needed to limit the damage or theft of data if there is unauthorised access.
Social Engineering Techniques
- A form of security attack that involves tricking or manipulating people into giving away confidential information or access details (username/password).
- Fear is often used to put people off guard and give out information.
Malicious Code (Malware)
- Any kind of program installed on a computer system with the intention to
- cause damage,
- disrupt the computer system's functionality, or
- steal information.
Pharming
- A form of attack where users of a website are directed to a fake version of the website.
- Malware on your computer that changez the IP address or domain name of the legitimate site to the fake site.
- Malware on the DNS server changes the location request to the fake site for everyone.
- The fake site will look like the real site and capture your login details, allowing criminals the ability to use your credentials to enter the legitimate site.
Weak and Default Passwords
- Passwords are only effective if they remain secret and are not easy to guess by brute force.
- Passwords should not be reused for multiple accounts.
- Passwords should be long and use a combination of letters, numbers and symbols (some sites still do not allow symbols).
Weak and Default Passwords
- Brute force attacks are where a hacker systematically tries combinations of letters, numbers and symbols.
- They are usually automated and thousands can be tried every second.
- Dictionary attacks are similar but use a list of known passwords and words from a dictionary.
- How secure is my password
Weak and Default Passwords
- Most computer systems will give users a default password and prompt the user for a new password when they first log in.
- Unfortunately many devices (Internet Of Things), have a default password for all models that cannot be changed.
- This has made it possible to hack some networks when a vulnerability is discovered with that device.
Misconfigured Access Rights
- Users of a network are often arranged into user groups.
- Each group has different access rights that determine what software, hardware and files they are permitted to access.
- For example: at Wadham, teachers can access some folders and files that the students cannot access.
Misconfigured Access Rights
- User access levels (ACL) are an important method of avoiding attacks from people inside the network.
- Preventing most users from installing software means that those users cannot install malware (either on purpose or accidentally).
- Limiting users access to only the files they need for their job role means that users cannot see potentially confidential information about others.
Removable Media
- Portable storage devices, e.g. USB drive, CDs, DVDs, external hard drives
- Two possible threats:
- Data theft
- Virus infection
- For these reasons organisations may decide to prevent the use of removable media on their computer systems
Removable Media
- Data theft can be intentional, where an employee deliberately copies sensitive data to their removable storage device.
- Data theft can be unintentional, where the removable device is lost or stolen and the unencrypted data is then accessible.
Removable Media
- If the removable media contains malware, it may attempt to install itself onto the connected computer and then try to spread to the rest of the networks devices.
Unpatched/Outdated Software
- Patching when software is updated to fix a problem or to add new features.
- Patching is extremely important when vulnerabilities are found which could be exploited by hackers or malware.
- Many programs will now automatically update to reduce the need for a person to manually install the updates.
- Eventually most programs will reach their end of automatic support, in this case patches are no longer provided.
Penetration Testing
- Penetration testing is used to test a system or network in order to find weaknesses in the security of the system.
- Testers pretend to be hackers and try to get access to the system and to work out which areas of the network security are working well and more importantly which areas are not working.
- There are two types of penetration testing
- White-box penetration testing
- Black-box penetration testing
Penetration Testing
- White-box penetration testing is designed to replicate an insider attack.
- The tester will usually be given the credentials to enter a system and they will then see what damage they can do from inside the system.
- White-box penetration testing is usually used to check for a particular, known vulnerability.
Penetration Testing
- Black-box penetration testing is to mimic an outside attack.
- The tester will have no knowledge of usernames or passwords and will not know how a system is set up.
- This method is quite difficult and time consuming and the tester may not find any or all of the vulnerabilities.
Questions
- Explain what is meant by cyber security.
- Explain what is meant by pharming.
- Identify three different types of malware.
- Explain what is meant by a 'weak' password and give one example.
- Explain what is meant by a 'strong' password.
- Identify two threats that removable media pose to a network.
- Describe the difference between white-box and black-box penetration testing.
Answers
The different ways in which networks and devices are protected against unauthorised access.
- Explain what is meant by cyber security.
Answers
It is where users are directed to a fake website in order to obtain their login details.
- Explain what is meant by pharming.
Answers
- Virus
- Trojan
- Spyware
- Identify three different types of malware.
Answers
A password that can be easily discovered or detected by other people, such as names of pets or family members, or simple patterns of letters from the keyboard e.g. 123456
- Explain what is meant by a 'weak' password and give one example.
Answers
A long password (eight characters or longer) that includes a mix of uppercase letters, lowercase letters, numbers and special symbols.
- Explain what is meant by a 'strong' password.
Answers
- Data may be copied on to the device and lost/stolen.
- Malware may be introduced to the network.
- Identify two threats that removable media pose to a network.
Answers
- White-box testing simulates an employee trying to hack into a system from the inside, with knowledge of the system.
- Black-box testing simulates external hacking with no knowledge of usernames or passwords or how the system operates.
- Describe the difference between white-box and black-box penetration testing.
6a Fundamentals of Cyber Security
By David James
6a Fundamentals of Cyber Security
Computer Science - Cyber Security - Fundamentals of Cyber Security
- 935