Learning Aim B cyber security

Beschreibung

Year 11 IT Mindmap am Learning Aim B cyber security, erstellt von Cameron DAY am 01/05/2020.
Cameron DAY
Mindmap von Cameron DAY, aktualisiert more than 1 year ago
Cameron DAY
Erstellt von Cameron DAY vor mehr als 4 Jahre
20
0

Zusammenfassung der Ressource

Learning Aim B cyber security
  1. Key terms
    1. Cyber security
      1. refers to the range of measures that can be taken to protect computer systems, networks and data from unauthorised access or cyberattack.
      2. Threat
        1. A threat is an incident or an action which is deliberate or unintended that results in disruption, down time or data loss.
          1. Internal Threat = caused by an incident inside an organisation
            1. External Threat = caused outside the organisation
          2. Attack
            1. An attack is a deliberate action, targeting an organisation’s digital system or data.
            2. Unauthorised access
              1. This refers to someone gaining entry without permission to an organisation’s system, software or data. This achieved by exploiting a security vulnerability
                1. Hackers
                  1. Types of hackers
                    1. White Hat - working with organizations to strengthen the security of a system
                      1. Grey Hat - Do it for fun and not with malicious intent
                        1. Black Hat - They try to inflict damage by compromising security systems
                  2. Why are systems attacked
                    1. Fun/Challenge
                      1. Hacking systems can be fun or a challenge
                        1. There is a sense of achievement
                          1. Friends may give respect of hacking achievements
                          2. Financial gain
                            1. Ransomware can be used to encrypt a computer until you pay
                              1. Ransoms can be made to prevent attacks from happening
                                1. A payment is given to carry out an attack on a organisation
                                2. Disruption
                                  1. Attacks such as Denial-of-Service stop websites working
                                    1. Viruses can slow down computers and delete files
                                    2. Industrial espionage
                                      1. The aim is to find intellectual property such as designs or blueprints for products, business strategies or software source code
                                      2. Personal atack
                                        1. Employees that are unhappy may attack the company
                                          1. Friends / family may attack each other if upset over something
                                          2. Information/Data theft
                                            1. Company information may also be stolen
                                              1. Credit card and financial details are stolen to gain money
                                            2. Malware:
                                              1. This is an umbrella term given to software that is designed to harm a digital system, damage data or harvest sensitive information.
                                                1. Atrojan horse is a type of malware that is often disguised as legitimate software. Users are tricked into downloading it to their computer. Once installed the Trojan works undercover to carry out a predetermined task. Such as Backdoor for hackers to use Installing harmful programs Harvesting sensitive data It is named after the wooden horse used by the ancient Greeks to infiltrate the city of Troy.
                                                  1. A rootkit Is a set of tools that give a hacker a high level administrative control, of a computer. They can then us this privileged position to: Encrypt files Install programs Change system configuration Steal data Much like a trojan, rootkits often come bundled with legitimate software.
                                                    1. RansomwareEncrypts files stored on a computer to extort or steal money from organisations. Victims must then pay a ransom to have the encrypted files unlocked. There is normally a deadline for the transaction to happen. Bitcoin is usually asked for as a form of payment as they are difficult to trace. If the payment is not made then the amount demanded may increase or the files are permanently locked. Ransomware is usually spread through e-mails or through infected websites.
                                                      1. Spyware is malicious software secretly installed to collect information from someone else's computer Cyber criminals harvest personal information such as: Passwords Credit card numbers and other details Email addresses With this information they can steal someone's identity, making purchases on their credit card etc Spyware works in the background on someones computer without it being noticed.
                                                        1. Keyloggers are spyware that records every keystroke made on a computer to steal personal information
                                                          1. A botnet is an army of 'zombie' devices. They are used to carry out mass attacks such as emailing spam to millions of users.
                                                            1. A DDoS attack is when someone floods a website with useless traffic to inundate and overwhelm the network
                                                            2. Virus
                                                              1. A piece of malicious code that attaches to a legitimate program. It is capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer
                                                              2. Worm
                                                                1. Similar to virus but unlike a virus it is a self contained program. It is capable of spreading on it own, without help from humans. Worms get around by exploiting vulnerabilities in operating systems and attaching themselves to emails. They self replicate at a tremendous rate, using up hard drive space and bandwidth, overloading servers.
                                                                2. Social engineering
                                                                  1. A blagger invents a scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information
                                                                    1. involves tricking people into divulging valuable information about themselves.
                                                                      1. Phishing is a way of attempting to acquire information, by pretending to be from a trustworthy source. examples are email spoofing, fake websites, spoof phone calls
                                                                        1. Shoulder surfing is the act of Acquiring sensitive information by someone peering over a users shoulder when they are using a device. It can also be done from a distance with the use of technology such as video cameras, drones etc
                                                                          1. Spear phishing involves bespoke emails being sent to well-researched victims. eg. where somebody who holds a senior position within an organisation with access to highly valuable information uses it to target victims
                                                                            1. Pharming Involves redirecting people to bogus, look-a -like websites without realising it has happened.
                                                                              1. A man in the middle attack is a form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
                                                                              Zusammenfassung anzeigen Zusammenfassung ausblenden

                                                                              ähnlicher Inhalt

                                                                              Common Technology Terms
                                                                              Julio Aldine Branch-HCPL
                                                                              Project Communications Management
                                                                              farzanajeffri
                                                                              Network Protocols
                                                                              Shannon Anderson-Rush
                                                                              Abstraction
                                                                              Shannon Anderson-Rush
                                                                              Computing
                                                                              Kwame Oteng-Adusei
                                                                              HTTPS explained with Carrier Pigeons
                                                                              Shannon Anderson-Rush
                                                                              Introduction to the Internet
                                                                              Shannon Anderson-Rush
                                                                              Construcción de software
                                                                              CRHISTIAN SUAREZ
                                                                              Historical Development of Computer Languages
                                                                              Shannon Anderson-Rush
                                                                              Useful String Methods
                                                                              Shannon Anderson-Rush
                                                                              Web Designing & Development Full Tutorial
                                                                              Nandkishor Dhekane