1.6 System Security
Forms of attack:
– Passive Attack – This where someone monitors data travelling on a network and intercepts any sensitive information they find. This is called ‘Packet Sniffing’ – This can be prevented by using data encryption
– Active Attack – This is when someone attacks a network with malware. Can help be prevented by using a Firewall.
-Inside Attack – When someone inside an organization exploits their network access to steal information
-Brute-force-attack – This is the trial and error attempt to gain access to accounts. This is done by automated software that repetitively try hundreds of likely passwords in hope to gain access to an account. This can help be prevented by having strong and complex passwords and having a measure in place to lock accounts after a certain amount of fail attempts.
-Denial-of-service attack (DoS) – where a hacker tries to stop users from accessing a part of a network or website by flooding the network with useless traffic to render the network as extremely slow or completely useless. (Be told that we shouldn’t put this in our exam by my teacher. If you can’t think of anything else, then go for it)
Threats to Networks:
-Malware – This is malicious software installed on a device without the user’s knowledge or consent. Examples of malware actions:
1) Deleting or modifying files
2) Scareware – tells the user that their computer is infected with viruses to scare them into paying for their problems to be fixed by a following malicious link
3) Ransomware. This encrypts all files on a computer. This user must pay a sum of money to have the decryption key in order to gain back access to the files.
4) Spyware. Secretly monitors user’s actions on a computer, for example, key presses and sends info to the hacker.
5) Rootkits. This alters permissions and gives malware and hackers administrator access to devices. It also opens ‘Backdoors’ which is a hole in a devices security which can be used for future attacks.
Types of Malware:
-Viruses – Small pieces of code injected other programs which spread from computer to computer. Viruses replicates themselves when an infected file is opened by the user.
-Worms – These spread really quickly as they replicate without activation from the user. They exploit weaknesses in network security.
-Trojans – This is disguised malware as legitimate software. Trojans don’t replicate themselves. Users install them not realizing that they have a hidden purpose.
-Phishing – This is when you receive an email that claims to be from a well-known business, for example; your bank. The emails will often include links to spoof versions of the company’s website and tell to login due to a security breach in your account. When the user inputs this data into the website, it will be sent to the sender of the emails. They now have access to your personal details.
-Social Engineering – a way of gaining sensitive information or illegal access to networks by influencing people.
-SQL Interception (SQL stands for Structured Query Language) – Networks which make use of databases are vulnerable to SQL injection attacks. They are pieces of SQL typed into a website’s input box which then reveals sensitive information. If the website doesn’t have a strong enough input validation, then someone may be able to gain access to people’s account information using SQL code.
-Poor Network Policies: This is a set of rules that the organization will follow to ensure their network is protected against attacks and unauthorized access.
A good network policy will:
-Penetration testing: This is when a organisations will employ specialists to simulate potential attacks on their network to test its security. Any weakness found will be reported back to the organization who will work on them to make their network more secure.
-Network Forensics: These are investigations that are done to find the cause of attack on a network. This is done by having a system that captures data packets as they enter the network. This can be used to analyze the packets to discover how the network was attacked and to prevent future attacks.
-Password – This helps prevent unauthorized users from accessing the network. The password should be strong and complex meaning that they should contain as many combinations of characters, symbols and numbers as well possible as well as regularly changed.
-User Access Levels: This controls which parts of the network that different users can access. This helps to limit the number of people with access to important data. This also helps prevent an insider attack.
-Anti-Malware Software – This is designed to find and stop malware from damaging a network and the devices on it. Firewalls are also used to block unauthorized access. They examine all data entering and leaving the network and block any potential threats.
-Encryption – This is when data is scrambled meaning it is unreadable by anyone who doesn’t have the decryption key. Encrypted test is called cipher text. It is essential for sending data over a network securely.
1,405 total views, 3 views today