23517910
Description
Mind Map by Harriet WALLACE, updated more than 1 year ago
|
Created by Harriet WALLACE
over 4 years ago
|
|
Cyber Security
- Key Terms
- unauthorised access
- This refers to someone gaining entry without
permission to an organisation’s system, software
or data. This is achieved by exploiting a security
vulnerability
- This refers to someone gaining entry without
permission to an organisation’s system, software
or data. This is achieved by exploiting a security
vulnerability
- Cyber Security
- refers to the range of measures that can be taken to protect
computer systems, networks and data from unauthorised
access or cyberattack.
- refers to the range of measures that can be taken to protect
computer systems, networks and data from unauthorised
access or cyberattack.
- Threat
- A threat is an incident or an action which
is deliberate or unintended that results in
disruption, down time, or data loss
- Internal Threat
- Caused by an incident
inside an organisation
- Caused by an incident
inside an organisation
- External Threat
- Cause outside of an
organisation
- Cause outside of an
organisation
- A threat is an incident or an action which
is deliberate or unintended that results in
disruption, down time, or data loss
- Attack
- An attack is a deliberate action, targeting
an organisation's digital system or data
- An attack is a deliberate action, targeting
an organisation's digital system or data
- unauthorised access
- Hackers
- hacker
- someone who seeks out and
exploits these vulnerabilities.
- someone who seeks out and
exploits these vulnerabilities.
- Black hat hacker
- someone who tries to inflict damage by
compromising security systems
- someone who tries to inflict damage by
compromising security systems
- Grey hat hacker
- someone who does it for fun and
not with malicious intent
- someone who does it for fun and
not with malicious intent
- white hat hacker
- someone who works with organisations to
strengthen the security of a system
- someone who works with organisations to
strengthen the security of a system
- hacker
- Types of threat
- Malware
- Malicious software
- This is an umbrella term given to software that is
designed to harm a digital system, damage data or
harvest sensitive information.
- This is an umbrella term given to software that is
designed to harm a digital system, damage data or
harvest sensitive information.
- Trojan Horse
- Users are tricked into downloading it to their
computer. Once installed the Trojan works
undercover to carry out a predetermined
task.
- Users are tricked into downloading it to their
computer. Once installed the Trojan works
undercover to carry out a predetermined
task.
- Rootkit
- Designed to remotely access and control a
computer system without being detected by
security software or the user.
- Designed to remotely access and control a
computer system without being detected by
security software or the user.
- Ransomware
- Encrypts files stored on a computer to
extort/demand or steal money from
organisations.
- Encrypts files stored on a computer to
extort/demand or steal money from
organisations.
- Spyware
- Is secretly installed to collect information from
someone else's computer
- Is secretly installed to collect information from
someone else's computer
- keyloggers
- spyware that records every keystroke
made on a computer to steal personal
information
- spyware that records every keystroke
made on a computer to steal personal
information
- Adware
- Automatically shows adverts such as popups. Most
adware is harmless but some contain spyware such as
keyloggers
- Automatically shows adverts such as popups. Most
adware is harmless but some contain spyware such as
keyloggers
- Botnet
- Bots take control of a computer system, without
the user’s knowledge. A botnet is a large
collection of malware-infected devices
(zombies). An attacker (‘bot herder’) chooses
when to ‘wake’ the zombies to perform an attack.
- Bots take control of a computer system, without
the user’s knowledge. A botnet is a large
collection of malware-infected devices
(zombies). An attacker (‘bot herder’) chooses
when to ‘wake’ the zombies to perform an attack.
- Distributed Denial-of-Service
attack (DDoS attack)
- flooding a website with useless
traffic to inundate and overwhelm
the network
- flooding a website with useless
traffic to inundate and overwhelm
the network
- Malicious software
- Virus
- A piece of malicious code that attaches to a
legitimate program. It is capable of reproducing
itself and usually capable of causing great harm to
files or other programs on the same computer
- A piece of malicious code that attaches to a
legitimate program. It is capable of reproducing
itself and usually capable of causing great harm to
files or other programs on the same computer
- Worm
- Worms get around by exploiting vulnerabilities in
operating systems and attaching themselves to emails.
They self replicate at a tremendous rate, using up hard
drive space and bandwidth, overloading servers.
- Worms get around by exploiting vulnerabilities in
operating systems and attaching themselves to emails.
They self replicate at a tremendous rate, using up hard
drive space and bandwidth, overloading servers.
- Malware
- Social engineering
- is a set of methods used by
cybercriminals to deceive individuals
into handing over information that they
can use for fraudulent purposes
- Shoulder surfing/shouldering
- It involves the attacker watching the victim
while they provide sensitive information
- It involves the attacker watching the victim
while they provide sensitive information
- Phishing
- is an attack in which the victim receives an email
disguised to look as if it has come from a reputable
source, in order to trick them into giving up valuable
data. The email usually provides a link to another
website where the information can be inputted.
- is an attack in which the victim receives an email
disguised to look as if it has come from a reputable
source, in order to trick them into giving up valuable
data. The email usually provides a link to another
website where the information can be inputted.
- Pharming
- is when a victim redirects the user from a genuine
website to a fake one. Some pharming sites are so
expertly copied from the genuine website that it is
very difficult to identity therefore this is carried out
without the user knowing about it
- is when a victim redirects the user from a genuine
website to a fake one. Some pharming sites are so
expertly copied from the genuine website that it is
very difficult to identity therefore this is carried out
without the user knowing about it
- Blagging/ pretexting
- is an attack in which the perpetrator invents a
scenario in order to convince the victim to give
them data or money.
- is an attack in which the perpetrator invents a
scenario in order to convince the victim to give
them data or money.
- Tailgating/ Piggybanking
- Trying to gain access to a secure
room or building.
- Trying to gain access to a secure
room or building.
- Baiting
- Cyber criminals make a promise of goods to get the
information that they need.
- Cyber criminals make a promise of goods to get the
information that they need.
- Quid pro quo
- Cyber criminals make a promise of a service to get the
information that they need.
- Cyber criminals make a promise of a service to get the
information that they need.
- is a set of methods used by
cybercriminals to deceive individuals
into handing over information that they
can use for fraudulent purposes
Want to create your own Mind Maps for free with GoConqr? Learn more.