forms of computer attacks watch the video below of an
TRANSCRIPT
Y8 Formsofcomputerattacks
Watchthevideobelowofanoverviewofthetopic
Readtheslidesandwatchthevideostogiveyouabetterunderstandingonthetopic
https://www.youtube.com/watch?v=bPVaOlJ6ln0
• Understand forms of attack and threats posed to a network:
• Malware
• Phishing
• Social engineering
• Brute force attacks
• Denial of service attacks
• Data interception and theft
• SQL injection
• Poor network policy
Objectives
Forms of cyber attack • https://www.youtube.com/results?search_query=what+is+a+cyber+attack
• Cybercrime can take many forms including planting viruses, acquiring and using personal or confidential data and disrupting a website or service
• Cyber attacks take advantage of: • Human weakness or gullibility
• Technical weaknesses in computer systems, networks or digital devices
Social engineering • https://www.youtube.com/watch?v=Vo1urF6S4u0
• Humans are often the weakest point in security
• Social engineering is the art of manipulating or ‘conning’ individuals into giving away private information or login IDs and passwords
• Two common techniques are: • Phishing
• Shoulder surfing
Phishing – what’s this? • https://www.youtube.com/watch?v=9TRR6lHviQc
• A phishing email is one that tricks you into handing over sensitive or personal information (login details, bank details, etc.)
• You receive what looks like a legitimate email, for example from a bank or an organisation such as PayPal or eBay
• The website urges you to visit a bogus website and enter your personal details, which are then captured by the phishers
Does it work? • Phishers send out hundreds of thousands
of emails that look as though they are from legitimate companies
• For phishing to be successful, the criminals must get you to click on a link in the email to go to a website
• A successful phishing campaign has around a 5% response rate – meaning 5% of recipients are conned!
A typical phishing email
Protecting yourself against email scams
• Use a SPAM filter to prevent common scams ever reaching your inbox
• Be suspicious! If you aren’t completely certain it’s genuine, NEVER click any links or download attachments
Brute force attacks • https://www.youtube.com/watch?v=SaAwW-6wV_Q
• In a brute force attack, a hacker may go through a list of different passwords until access to an account is gained
• Alternatively, the attacker may try every combination of characters until the correct password is found
Setting a secure password • Validation checks on a new password may specify
that it must be: • between 10 and 15 characters (length check)
• a mixture of numbers, lower and uppercase characters and symbols (format check)
• You should never include your name, DOB or personal details
Worst passwords of 2015 • The top ten most commonly used passwords in 2015 in the USA were:
1. 123456
2. Password
3. 12345678
4. Qwerty
5. 12345
6. 123456789
7. Football
8. 1234
9. 1234567
10. baseball
One in six people in Britain use their pet’s name as a password!
Default passwords • Most devices come with a default password or PIN to gain access
• The default PIN is frequently 0000 or 1234
• Research has shown that 20% of all passwords and PINs have never been changed
• Do you always change default passwords and PINs?
Always change the default! • The mobile phone hacking scandal, concluded in 2012, involved the
use of default PIN numbers • Journalists used the mobile phone numbers of prominent people to gain access to
their voicemail remotely, using a public voicemail access number
• When asked for a PIN to listen to their messages, they tried the default PIN number which was frequently unchanged
Technical weaknesses • Technical weaknesses can make computer
systems vulnerable to: • Malware
• Denial of Service (DoS) attacks
• Data interception and theft
Viruses https://www.youtube.com/watch?v=fKxuKWsA_JI • A computer virus is one type of malware (malicious software) which is
installed without your knowledge, with the purpose of doing harm
• A virus is a program which infects (embeds itself in) other programs or data files
• It is easily spread if a user innocently sends an infected file to someone else
• It is commonly found in email attachments with macros
Worms • A worm is another type of
malware
• It is a standalone program that does need to attach itself to an existing program in order to spread
• It may scan the Internet looking for vulnerable computers to infect
How do systems become infected?
• Technical weaknesses in a computer or a network can open the door to cybercrime
• Common sources and forms of attack include: • USB devices
• digital devices
• eavesdropping
Found – a USB stick! • Criminals sometimes leave a USB
stick contaminated with a virus lying, for example, in the car park of a company that they wish to infect with a virus or steal data from
• An unsuspecting employee may pick it up and insert it into their computer
Viruses • It is estimated that 25% of malware is spread through USB storage
devices
• Other portable devices such as mobile phones, memory cards and SSD drives also create risk
• How can you minimise these risks?
• Scan all devices, never use a found device and disable the autorun facility for removable media
Protect your mobile phone! • Use the password feature and choose a
strong password
• Do not follow links in suspicious emails
• Think carefully before posting your mobile phone number on public websites
• Don’t install apps without researching them first – if they require extra permissions, don’t install them
• Delete all information stored on your mobile before discarding