Scribd
Upload
94 views11 pages

5.3 Cyber Security EMK Notes

Uploaded by

The Best
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
94 views11 pages

5.3 Cyber Security EMK Notes

Uploaded by

The Best
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

5.

3 Cyber Security

Objective:
Describe processes involved and aim of carrying out, range of cyber security threats Including: –
Brute-force attack – Data interception – Distributed denial of service (DDoS) attack – hacking –
malware (virus, worm, Trojan horse, spyware, adware, ransomware) pharming – phishing – social
engineering.
*
Introductions

Keeping data safe is extremely important for many reasons. It may be personal data that
you want to keep within your family or close friends, or it may be commercial data, such
as passwords and bank details. Data can be corrupted or deleted either through
accidental damage or malicious acts.
Cyber Security Threats
There are many ways data can be intercepted leading to Cyber security threats.
Brute Force Attacks
A brute force attack is hacking method that uses trial and error to
crack passwords, login credentials. The hacker tries multiple usernames and passwords,
often using a computer to test a wide range of combinations, until they find correct login
information.
ESQ#1: How to reduce the number of attempts needed to crack a password?
❖ Check if the password is one of the most common ones used. Since these simple
passwords are seen so many times it's a good place for the hacker to start.
❖ If it isn't in the common password list, the next thing to do is to start with a strong
word list. Some programs will generate a word list containing a million words.
This is still a faster way of cracking a password than just total trial and error. It
would still take several hours until the password was found.

Longer a password is and the greater the variation of characters used, harder it will be to crack.
ESQ #2 How to prevent Brute Force Attack ?
➢ Always use a strong password.
➢ Make use of CAPTCHA to prevent an automated attack.
➢ Limits the number of attempts.
➢ Using the two-factor authorization technique.
Data Interception
Data interception is a form of stealing data by tapping into a wired
or wireless communication link. The intent is to compromise privacy or to obtain
confidential information.

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

ESQ#3 How Data interception can take place ?


➢ Wired Data Interception can be carried out using a packet sniffer, which
examines data packets refer to packets being sent over a network. Intercepted
data is sent back to hacker. This is a common method when wired networks are
used.
➢ Wireless data interception can be carried out using wardriving (Access Point
Mapping). Data can be intercepted using a laptop, antenna and GPS device
outside a building. Intercepted Wi-Fi signal can then reveal personal data to
hacker, often without user being aware this is happening.
Protection Against Wardriving:
➢ Use wired equivalency privacy (WEP) encryption protocol, together with
firewall.
➢ Protect wireless router by having complex passwords.
➢ DO not use Wi-Fi (wireless) connectivity in public places since no data
encryption will exist and your data is then open to interception by anyone.

ESQ#3 Does encryption prevent hacking?


Encryption does not stop hacking; it makes the data meaningless to the hacker but it doesn't
stop them from deleting, corrupting or passing on the data.

Distributed Denial of Service Attacks


Denial-of-service (DoS) attack is an attempt to
make a machine or network resource unavailable to its intended users.

DDoS not only affect networks; an individual can also be a target for such an attack.
Attacker may be able to prevent a user from:
➢ Accessing their emails
➢ Accessing websites/web pages
➢ Accessing online services (such as banking).

ESQ # 4 DDoS Attack is to flood network with useless spam traffic. How does this
cause a problem?
When a user enters website's URL in their browser, a request is sent to web server. Web
server handle a finite number of requests. So if it becomes overloaded by an attacker
sending out thousands of requests, it won't be able to service a user's legitimate
request. This is effectively a denial of service.
In distributed denial of service (DDoS), spam traffic originates from many different
computers, which makes it hard to block attack.

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

Example:
DDoS can happen to a user's email account by an attacker sending out many spam
messages to their email account. Internet service providers (ISPs) only allow a specific
data quota for each user. Consequently, if the attacker sends out thousands of emails
to the user's account, it will quickly become blocked by Cyber security and user won't
be able to receive legitimate emails.

Protection against DDoS:


❖ Using an up-to-date malware checker.
❖ Setting up firewall to restrict traffic to and from web server or user's computer.
❖ Applying email filters to filter out unwanted traffic (Spam Traffic).

Signs DDoS attack:


❖ Slow network performance (opening files or accessing certain websites)
❖ inability to access certain websites
❖ large amounts of spam email reaching the user's email account.

Hacking
Hacking is act of gaining illegal access to a computer system without user's permission.
Malicious hacking takes place without user's permission, and is always an illegal act.
Effect of Hacking:
❖ Hacking lead to identity theft.
❖ Gaining of personal information.
❖ Data can be deleted, passed on, changed or corrupted.

ESQ # 5 How a user can prevent himself from hacking?


❖ Hacking can be prevented through the use of firewalls.
❖ Use of strong passwords.
❖ Use Anti-hacking and intrusion-detection software.

.Ethical hacking occurs when companies authorise paid hackers to check out their security
measures and test how robust their computer systems are to hacking attacks.

Malware
Malware refers to any computer program that is designed to do things
that are harmful to or unwanted by a computer's legitimate user. Term malware is short
for "malicious software."
Example of Malware: Viruses , Worm , Trojan Horse, Spyware , Adware , Ransomware

a) Virus Virus is a program that replicates itself and is designed to cause harm to
a computer system. Virus cannot be spread without a human action. Viruses need an

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

active host program on target computer or an operating system that has already been
infected, before they can actually run and cause harm to computer.

Effects of Virus:
❖ Causing computer to crash.
❖ Loss of System files – system files are lost which leads to a computer
malfunction.
❖ Corruption of data stored on files.
❖ Filling up hard drive with ‘useless’ data.

Protection against Viruses:


❖ Use up-to-date anti-virus software. This detects viruses and then removes or
quarantines(i.e. isolates) any file which has been infected.
❖ Do not allow illegal software to be loaded onto a computer.
❖ Use CD/DVD in the computer which comes from known reputable source.
❖ Download software and files from the internet if they are from a reputable site.
❖ Use firewalls on networks to protect against viruses.
❖ Don’t open emails from unknown sources

b) Worms
Worms are a type of stand-alone malware that can self-replicate. Worms
spread to other computers and corrupt whole networks. They remain inside
applications which allows them to move throughout networks.
Effects of Worms:
❖ Worms replicate without targeting and infecting specific files on a computer.
❖ Corruption of the data stored on files.
❖ Filling up the hard drive with ‘useless’ data.

Protection against Worms:


❖ Running of an up-to date anti-virus and anti spyware program.
❖ Hacker use Phishing to spread worms. Be careful when opening unwanted
emails, especially those from unknown senders that contain attachments or link.
❖ Users can minimize threat posed by worms by keeping their computers'
operating system and other software up to date and running firewall.
Note:
➢ Worms don’t need an active host program to be opened in order to do any damage
while viruses need active host program.
➢ Worms is more dangerous then viruses because of their ability to spread throughout a
network without any action from an end-user while viruses need human action to start
self replicating itself.

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

c) Trojan Horse
Trojan horse is a type of malware that downloads onto a computer
disguised as a legitimate program but with malicious instructions embedded within it.
Trojan horse replaces part of legitimate software with intent of carrying out some harm
to user’s computer.

Trojan horse usually arrive as an email attachment or downloaded from an infected


website. Spyware, key logging software and ransomware are often installed on a user’s
computer via Trojan horse malware. Because they rely on tricking end-users, firewalls
and other security systems are useless since user can overrule them and initiate running
of malware.

Example: Trojan horse could be transmitted via a fake anti-virus program that pops up
on user’s screen claiming their computer is infected and action needs to be taken. User
will be invited to run fake anti-virus as part of free trial. Once installed on user’s
computer, Trojan horse will give hackers access to personal information on computers.
Note:
Virus replicates itself while Trojan horse does not replicate itself. Main objective of virus
is to modify information while main objective of Trojan horse is to steal information.

d) Adware Adware is a type of malware. At its least dangerous it will attempt to


flood an end-user with unwanted advertising.
Example: Adware could redirect a user’s browser to a website that contains promotional
advertising, it could appear in the form of pop-ups, or it could appear in the browser’s
toolbar and redirect search requests.
Effect of adware:
❖ Highlight weaknesses in a user’s security defences.
❖ It is hard to remove as it defeats most anti-malware software since it can be
difficult to determine whether or not it is harmful.
❖ Hijack a browser and create its own default search requests.
Protection Against Adware:
Install an up-to-date antivirus in computer.
When installing legitimate freeware software, users should read installation
prompts and deselect third-party advertising components if they don't want
them.
Download and install programs only from trusted sources, such as the software
developers' own websites instead of third parties websites.
d) Spyware
Spyware is malware that gathers information by monitoring a user’s

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

activities carried out on their computer. The gathered information is sent back to the
cybercriminal who originally sent the spyware.

Effect of Spyware on User:


Spyware are designed to monitor and capture web browsing and other activities and
capture personal data (e.g, bank detail, passwords and credit/debit card details).

Protection Against spyware:


Spyware can be detected and removed by anti-spyware software.
Don’t open emails from unknown sender.
Don’t download files unless they come from a trusted source.
e) Keylogging Software
Key logging software is part of spyware. It is one of the most dangerous
threats to a PC user's privacy. Keyloggers keep track of all of your keystrokes when you
are using your PC and then transfers the information to a remote server. It is capable of
recording all of your online conversations, emails, and password logins, as well as
creating screenshots of all of your PC activity.

How to Detect a Keylogger ?


You can detect a keylogger through abnormal behaviors in
your PC's performance.
Sluggish Performance
Change in user PC Settings
Excessive Pop-Up Activity

How to Get Rid of a Keylogger ?


Install Anti-Virus/Anti-Spyware
Activate Your Firewall
Use Voice Recognition Software
Use on screen Keyboard

f) Ransomware
It is a program that encrypt data on a user’s computer and ‘hold the
data hostage’. The cybercriminal waits until the ransom money is paid and, sometimes,
the decryption key is then sent to the user. It has caused considerable damage to some
companies and individuals.

Effects of Ransomware:
User PC screen is locked and user can’t unlock it until the
demands of the cybercriminal have been met. It restricts access to the computer and

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

encrypts all the data until a ransom is paid. It can be installed on a user’s computer by
way of a Trojan horse or through social engineering.

Protection against Ransomware:


It can be prevented by the usual methods (for example,
by avoiding phishing emails) but once it is executed, it is almost impossible to reverse
the damage caused. The best way to avoid a disaster is to ensure regular back-ups of
key files are kept and thus avoid having to pay a ransom.

Phishing
Phishing occurs when a cybercriminal sends out legitimate-looking emails to
users. When user click on Emails links it will take user to a fake website that trick user
into responding with personal data (for example, bank account details). This fake email
usually appears to be genuine coming from a known bank or service provider.

The key point is that the recipient has to initiate some act before the phishing scam can
cause any harm. If suspicious emails are deleted or not opened, then phishing attacks
won’t cause any problems.

How to prevent phishing attacks?


Users need to be aware of new phishing scams through frequent security
awareness training.
User should not click on any emails links unless totally certain that it is safe to do
Run anti-phishing toolbars on browsers since these will alert user to malicious
websites contained in email
Always look out for https or the green padlock symbol in address bar.
User should check online accounts regularly and as well as maintaining passwords
on a regular basis.
User should make sure an up-to-date browser is running on computer device
which contains all of latest security upgrades.
User should use firewall in background at all times.
Be very distrustful of pop-ups and use browser to block them.
Spear Phishing where cybercriminal targets specific individuals or companies to gain access to
sensitive financial information. Regular phishing is not specific regarding who the victims are.

Pharming Hacker creates a fake website which appears similar to original website and
installed malicious code on your hard drive or on an infected website. When user types
URL of the original website in the browser. DNS server directs User to the fake website
designed by hacker. User not knowing that it is a fake website, shares his confidential

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

information such as login, password... etc. Hacker gets the user confidential information
from his fake web site and uses it to access the original website. Hacker exploits user's
confidential information leading to fraud or identity theft.
DNS Cache Poisoning:
Every time a user types in a URL, their browser contacts DNS server; IP address of the website
will then be sent back to their browser. DNS cache poisoning changes real IP address values to
those of the fake website; consequently, the user’s computer will connect to the fake website.
Protection against Pharming:
Use up to date antivirus software.
If DNS server itself has been infected rather than user’s computer it is much more
difficult to mitigate risk.
Use up to date web browser. Web browsers can alert users to pharming attacks.
Check the spelling of websites to ensure the web address used is correct.
Always look out for https or the green padlock symbol in the address bar.
User should use firewall in background at all times. A combination of a desktop
firewall and a network firewall reduces risk of pharming on network computers.
Loss of Data
Apart from malware, data can be accidentally lost through following situations.
Accidental data loss, such as accidental deletion of a file.
Hardware fault, such as a head crash on a hard disk drive.
Software fault, due to installation of software incompatible with existing
software.
Incorrect operation of the computer, such as using incorrect procedure for the
removal of a memory stick from a computer.
In each case, safeguards and recovery methods are used to prevent loss or
corruption of data.

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

********************
Exam Style Questions

ESQ#1: Security terms are shown on left and eight descriptions are shown on right. Draw
lines to connect each security term to its correct description. [8]

ESQ# 2 Explain what is meant by the following two types of malware.

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

Trojan horse: …………………………………………………………………………………………………………………


…………..…………………………………………………………………………………………………………………………
………………………………………………………………………………………………………………………………………
……………………………………………………………………………………………………………………………………..
Adware: ………………………………………………………………………………………………………………………
…………..…………………………………………………………………………………………………………………………
………………………………………………………………………………………………………………………………………
ESQ#3 Company has offices in four different countries. Communication and data sharing
between the offices is done via computers connecting over the internet.
❖ Describe two data security issues the company might encounter during their day-
to-day communications and data sharing.
………………………………………………………………………………………………………………………………..
…………..……………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………………
❖ For each issue described, explain why it could be a threat to security of company.
…………………………………………………………………………………………………………………………………
………..………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………………
❖ For each issue described, describe way to mitigate threat that has been posed.
…………………………………………………………………………………………………………………………………
………..………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………………
ESQ#4 John works for a car company. He maintains the database that contains all
the personal data of the people working for the car company. John was born on 28th
February 1990 and has two pet cats called Felix and Max.
❖ John needs to use a password and a user name to log onto the database. Why
would the following passwords not be a very good choice:
❖ 280290………………………………………………………………………………………………………………
❖ FiLix1234……………………………………………………………………………………………………………
❖ John04………………………………………………………………………………………………………………
❖ Describe how John could improve his passwords and also how he should maintain
his passwords to maximise database security.

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716


5.3 Cyber Security

………..…………………………………………………………………………………………………………………
……………………………………………………………………………………………………………………………
……………………………………………………………………………………………………………………………
❖ When John enters a password on his computer he is presented with the following
❖ question on his screen: Would you like to save the password on this device? Why
is it important that John always says No to this question?
………..………………………………………………………………………………………………………………………
…………………………………………………………………………………………………………………………………
………………………………………………………………………………………………………………………………..

************

Computer Science IGCSE, O & A level By Engr M Kashif 03345606716

You might also like