Cyber security

Descrição

Year 10 IT Mapa Mental sobre Cyber security, criado por MacKenzie WILLIAMS em 01-05-2020.
MacKenzie WILLIAMS
Mapa Mental por MacKenzie WILLIAMS, atualizado more than 1 year ago
MacKenzie WILLIAMS
Criado por MacKenzie WILLIAMS mais de 4 anos atrás
14
0

Resumo de Recurso

Cyber security
  1. Key Terms
    1. Threat
      1. An incident or action which is deliberate or unintended that results in disruption, down time or data loss.
        1. Internal
          1. Caused by an incident inside an organisation.
          2. External
            1. Caused outside the organisation.
        2. Attack
          1. Is a deliberate action, targeting an organisation's digital system or data.
          2. Cyber Security
            1. Refers to the range of measures that can be taken to protect computer systems, networks and data from unauthorised access or cyberattack.
            2. Unauthorised Access
              1. Refers to someone getting entry without permission to an organisation's system, software or data. This achieved by exploiting a security vulnerability.
                1. Hacker
                  1. Is someone who seeks out and exploits these vulnerabilities.
                    1. 3 types of hacker
                      1. White
                        1. Working with organisations to strengthen the security of a system.
                        2. Grey
                          1. Do it for fun and not for malicious intent.
                          2. Black
                            1. They try to inflict damage by compromising security systems.
                  2. Reasons for cyber attacks
                    1. Fun/challenge
                      1. Hacking be systems can fun or a challenge.
                        1. There is a sense of achievement
                          1. Friends may give respect for of hacking achievements.
                          2. Financial gain
                            1. Ransoms can be made to prevent attacks from happening.
                              1. Ransomware can be used to encrypt a computer until you pay.
                                1. A payment is given to carry out an attack on an organisation.
                                2. Disruption
                                  1. Attacks such as denial -of-service stop websites working.
                                    1. Viruses can slow down computers and delete files.
                                    2. Information/data theft
                                      1. Credit card details are stolen to gain money.
                                        1. Company information may also be stolen.
                                        2. Personal attack
                                          1. Employees that are unhappy may attack the company.
                                            1. Friends/family may attack each other if upset over something.
                                            2. Industrial espionage
                                              1. The aim is to find intellectual property such as designs or blueprints for products, business strategies or software source code.
                                            3. Malware
                                              1. malware or Malicious software - an umbrella term given to software that is designed to harm a digital system, damage data or harvest sensitive information.
                                                1. Virus - A piece of malicious code that attaches to a legitimate programs. It is capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer.
                                                  1. Worm - A self-contain program that is capable of spreading on its own without help from humans.
                                                    1. Worms get around by exploiting vulnerabilities in operating systems and attaching themselves to e-mails.
                                                      1. Worms self replicate at a tremendous rate, using up hard drive space and bandwidth, overloading servers.
                                                      2. Trojan Horse: A type of malware that is often disguised as legitimate software.
                                                        1. Users are tricked into downloading it onto their computer. Once installed the Trojan works undercover to carry out a predetermined task. Some of these tasks include: Backdoor for hackers to use, Installing harmfull programs and harvesting sensitive data.
                                                        2. Rootkit: A set of tools that give a hacker a high level administrative control, of a computer.
                                                          1. This can allow the hackers to: encrypt files, install programs, change system configurations and steal data.
                                                            1. Much like a trojan, rootkits often come bundled with legitimate software.
                                                            2. Ransomware: Encrypts files stored on a computer to extort or steal money from organisations.
                                                              1. Victims must pay a ransom to have the encrypted files unlocked, there is normally a deadline for the transaction to happen. Bitcoin is usually asked for as a form of payment because it is hard to trace.
                                                                1. If the payment is not made then the amount demanded may increase or the files are permanently locked. Ransomware is usually spread through e-mails or through infected websites.
                                                              2. Spyware: Malicious software secretly installed to collect information from someone else's computer.
                                                                1. Cyber criminals harvest personal information such as: Passwords, credit card numbers and other details and e-mail addresses.
                                                                  1. With this information they can steal someone's identity, making purchases on there credit cards etc. Spyware works in the background on someones computer without it being noticed.
                                                                2. Keyloggers: Spyware that records every keystroke made on a computer to steal personal information.
                                                                  1. Botnet-An army of zombie devices that are used to carry out mass attacks such as e-mailing spam to millions of users.
                                                                    1. Distributed denial-of-service attack-Flooding a website with useless traffic to inundate and overwhealm the network.
                                                                    2. Social Engineering
                                                                      1. Social engineering involves tricking people into divulging valuable information about themselves. Some of the information includes: passwords, PIN numbers and credit card details.
                                                                        1. Phishing - A way of attempting to acquire information, by pretending to be from a trustworthy source. Examples are email spoofing, fake websites and spoof phone calls.
                                                                          1. Spear Phishing - Involves bespoke emails being sent to well - researched victims. e.g. where somebody who holds a senior position within an organisation with access to highly valuable information uses it to target victims.
                                                                            1. Blagging - A blagger invents a scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information.
                                                                              1. For example a blagger might pretend to be a member of the IT department to inform them something is wrong with your PC and requires to access to fix the problem.
                                                                              2. Shoulder Surfing - Acquiring sensitive information by someone peering over a persons shoulder when they are using a device. It can also be done from a distance with the use of technology such as video cameras and drones etc.
                                                                                1. Pharming - Involves redirecting people to bogus, look-a-like websites without realising it has happened. The objective is to acquire sensitive personal information or to install malware.
                                                                                  1. Man in the middle attack - A form of eavesdropping where the attacker makes and independent connection between two victims and steals information to use fraudulently.

                                                                                  Semelhante

                                                                                  Common Technology Terms
                                                                                  Julio Aldine Branch-HCPL
                                                                                  Project Communications Management
                                                                                  farzanajeffri
                                                                                  Network Protocols
                                                                                  Shannon Anderson-Rush
                                                                                  Abstraction
                                                                                  Shannon Anderson-Rush
                                                                                  Computing
                                                                                  Kwame Oteng-Adusei
                                                                                  HTTPS explained with Carrier Pigeons
                                                                                  Shannon Anderson-Rush
                                                                                  Introduction to the Internet
                                                                                  Shannon Anderson-Rush
                                                                                  CyberSecurity
                                                                                  Stephen Williamson
                                                                                  Construcción de software
                                                                                  CRHISTIAN SUAREZ
                                                                                  Historical Development of Computer Languages
                                                                                  Shannon Anderson-Rush
                                                                                  Useful String Methods
                                                                                  Shannon Anderson-Rush