Ch. 1 — Data Representation
1.1 Number Systems 1.2 Text, Sound & Images 1.3 Data Storage & Compression
Ch. 2 — Data Transmission
2.1 Data Transmission 2.2 Error Checking 2.3 Encryption
Ch. 3 — Hardware
3.1 Computer Architecture 3.2 Input & Output Devices 3.3 Data Storage 3.4 Network Hardware
Ch. 4 — Software
4.1 Types of Software & Interrupts 4.2 Programming Languages & IDE
Ch. 5 — The Internet
5.1 Internet & World Wide Web 5.2 Digital Currency 5.3 Cyber Security
Ch. 6 — Emerging Tech
6.1 Automated Systems 6.2 Robotics 6.3 Artificial Intelligence
// All Chapters
Chapter 1
1.11.1 Number Systems1.21.2 Text, Sound & Images1.31.3 Data Storage & Compression
Chapter 2
2.12.1 Data Transmission2.22.2 Error Checking Methods2.32.3 Encryption
Chapter 3
3.13.1 Computer Architecture3.23.2 Input & Output Devices3.33.3 Data Storage3.43.4 Network Hardware
Chapter 4
4.14.1 Types of Software & Interrupts4.24.2 Programming Languages & IDE
Chapter 5
5.15.1 Internet & World Wide Web5.25.2 Digital Currency5.35.3 Cyber Security
Chapter 6
6.16.1 Automated Systems6.26.2 Robotics6.36.3 Artificial Intelligence
Home/ Paper 1/ 5.3 Cyber Security
5.3

5.3 Cyber Security

Security threats, malware, attacks and the solutions to protect against them.

Denial of Service (DoS / DDoS)

  • Malware downloaded to several computers
  • Turning it into a bot/zombie
  • Creating a network of bots/zombies
  • Third party/hacker initiating the attack
  • Bots send requests to a web server at the same time
  • The web server fails due to the requests
  • Legitimate requests cannot reach the web server

Aims of a DDoS Attack

  • Revenge
  • To affect a company's reputation
  • Entertainment value
  • To demand a ransom to stop it
  • To test a system's resilience

Solution?

  • Proxy server
  • Firewall
  • Users scanning their computers with anti-malware

Phishing

  • Legitimate looking email sent to user
  • Encourages user to click a link that directs user to a fake website
  • User encouraged to enter personal details into a fake website
  • …to obtain personal details from a user

Solution?

  • Always check browser URL
  • Make use of antivirus/anti-malware software. Perform regular scans

Pharming

  • Malicious code/malware is downloaded/installed // software downloaded
  • Without users' knowledge
  • That re-directs user to fake website (when legitimate URL entered)
  • User encouraged to enter personal details into a fake website
  • …to obtain personal details from a user

Solution?

  • Avoid opening emails from unknown senders
  • Check emails for inconsistent logos, grammatical mistakes
  • Check sender email address for incorrect spelling

Brute Force Attack

  • Used to crack an account password
  • Systematically try all the different combinations of letters, numbers and other symbols with the purpose of finding an account password
  • Makes use of word lists
  • Intention of gaining unauthorised access to accounts/systems

Solution?

  • Use of two factor authentication
  • Use of strong + unpredictable passwords

Data Interception

  • A form of stealing data by tapping into a wired or wireless communication link
  • Can be carried out using a packet sniffer
  • The intercepted data is sent back to the hacker
  • Wireless data interception can be carried out using wardriving

Solution?

  • Encryption on files (will not prevent but can make attacker's effort to steal data harder)
  • Use of Firewall
  • Use of WEP (encryption protocol for wireless networks)

Hacking

  • Gaining unauthorised access to a computer system without the owner's permission
  • Can lead to identity theft
  • Can lead to data being deleted
  • Can lead to data being corrupted

Solution?

  • Use of a firewall
  • Encryption of files (will not prevent but can make attacker's effort to steal data harder)
  • Make use of strong passwords

Social Engineering

  • When a cybercriminal creates a social situation that can lead to a potential victim dropping their guard
  • It involves the manipulation of people into breaking their normal security procedures and not following best practice

Different Social Engineering Threats

  • Instant messaging — Malicious links are embedded into instant messages
  • Scareware — Often done using a pop-up message that claims that the user's computer is infected with a virus; the user is told they need to download the fake anti-virus immediately
  • Emails/phishing scams — The user is tricked by the apparent genuineness of an email and opens a link in the email; this redirects their browser to a fake website
  • Baiting — The cybercriminal leaves a malware-infected memory stick somewhere where it can be found; the finder picks up the memory stick and plugs it into their computer and unwittingly downloads malicious malware
  • Phone calls — A so-called IT professional calls the user claiming their device has been compromised; the user is advised to download software that allows the cybercriminal to take over the device

Solution?

  • User education on such threats to keep users cautious in these situations

Malware

Virus

  • Programs or program code that replicate (copies themselves) with the intention of deleting or corrupting files, or causing a computer to malfunction
  • Must be triggered by the activation of a host.
  • Often sent as email attachments

Solution for Virus

  • Never open emails from unknown sources
  • Do not install non-original software
  • Always run up-to-date virus scanner

Worm

  • Stand alone malware that can self-replicate. Intention is to spread to other computers and corrupt whole networks.
  • They remain inside applications which allows them to move throughout networks.
  • Worms replicate without targeting and infecting specific files on a computer.
  • Rely on security failures within networks to permit them to spread unhindered.

Adware

  • Flood an end-user with unwanted advertising
  • Not harmful
  • Highlight weaknesses in user's security defences
  • Hard to remove — as it is difficult to determine whether or not it is harmful
  • Hijack a browser and create its own default search requests

Trojan Horse

  • Is a program which is often disguised as legitimate software but with malicious instructions embedded within it.
  • Replaces all or part of the legitimate software with the intent of carrying out some harm to the user's computer system.
  • Usually arrives as an email attachment or are downloaded from an infected website and must be executed by the end user.
  • Once installed into the user's computer, it will give cyber criminals access to personal information.

Spyware

  • Software that gathers information by monitoring key presses
  • Information collected is sent back to the attacker
  • Software may allow other spyware to be installed to read cookie data and change user default web browser

Solution for Spyware

  • Use of anti-spyware software
  • Using a mouse to select characters from passwords rather than typing
  • Using an on screen keyboard for entering passwords

Ransomware

  • Programs that encrypt data on a user's computer and hold the data hostage.
  • It will lock your screen until the demands of the cyber criminals have been met.
  • The cyber criminal waits until the ransom money is paid and sometimes the decryption key is then sent to the user.
  • It can be installed on a user's computer by way of a Trojan horse or through social engineering

Solution for Ransomware

  • Make use of anti-virus/anti-malware software
  • Always run up-to-date virus scanner

Solutions for Security Threats

Access Levels

  • Providing users with different permissions for the data
  • Limiting access to reading data // limiting the data that can be viewed
  • Limiting access to editing data
  • Normally linked to a username

Antivirus/Antispyware

  • Scans files for viruses // detects/identifies a virus
  • Can constantly run in background
  • Can run a scheduled scan
  • Can automatically update virus definitions
  • Can quarantine a virus
  • Can delete a virus
  • Completes heuristic checking
  • Notifies user of a possible virus

Authentication (Passwords)

  • Use of strong passwords when creating accounts
  • Passwords should not be short in length (eg 8 characters)
  • Passwords should use upper and lowercase
  • Passwords should contain symbols (eg. !$#&)
  • Password attempts should be limited (eg. not allow the user to re-enter a password for a set time period after 3 failed attempts, this prevents brute force attacks)

Authentication (Two-Step Verification)

  • Requires two methods of authentication to verify a user
  • User enters a password…
  • …and a secret combination of characters sent to an email assigned to the account
  • Access is granted when both are correct
  • Often used with online payments and signing into accounts

Firewall/Proxy

  • Checks all incoming and outgoing traffic
  • Store whitelist/blacklist IP addresses
  • Can block incoming/outgoing signals
  • Can block unauthorised access
  • Keeps logs of all traffic
  • Can be hardware OR software (OR Both)

Difference between Firewall and Proxy

  • Proxy can hide a user's IP address, a firewall does not hide the user's IP address
  • Proxy intention is to divert an attack from a server, a firewall is to stop unauthorised access
  • Proxy examines requests for a website but a firewall does not
  • Proxy allows faster access to a web page using cache but a firewall does not
  • Proxy can hide internal network from internet but a firewall cannot

Biometrics

  • Fingerprint: very easy to use; small storage requirements; can make mistakes if skin is dirty or damaged; considered intrusive as it is used in criminal identification
  • Retina: high accuracy as the human retina cannot be replicated; relatively slow to verify; very expensive to install and setup
  • Facial Recognition: non-intrusive method; relatively inexpensive; can be affected by many factors such as lighting, ageing, glasses etc
  • Voice Recognition: non-intrusive; quick verification time; relatively inexpensive; low accuracy — a cold can change a person's voice; people's voices can be recorded to trick voice recognition

SSL

  • Secure Sockets Layer
  • It encrypts data being transmitted
  • Makes use of public and private keys
Previous5.2 Digital Currency