The document discusses various types of network security threats including malware, phishing, data interception, denial of service attacks, and SQL injection. Malware includes viruses, worms, trojan horses, and spyware. Phishing uses social engineering to acquire sensitive information from users. Data can be intercepted as it travels across unencrypted networks. Denial of service attacks flood servers with requests to overload them, while distributed denial of service uses multiple compromised computers to generate more traffic. SQL injection allows executing malicious code on databases if not properly secured.
The document discusses various types of network security threats including malware, phishing, data interception, denial of service attacks, and SQL injection. Malware includes viruses, worms, trojan horses, and spyware. Phishing uses social engineering to acquire sensitive information from users. Data can be intercepted as it travels across unencrypted networks. Denial of service attacks flood servers with requests to overload them, while distributed denial of service uses multiple compromised computers to generate more traffic. SQL injection allows executing malicious code on databases if not properly secured.
The document discusses various types of network security threats including malware, phishing, data interception, denial of service attacks, and SQL injection. Malware includes viruses, worms, trojan horses, and spyware. Phishing uses social engineering to acquire sensitive information from users. Data can be intercepted as it travels across unencrypted networks. Denial of service attacks flood servers with requests to overload them, while distributed denial of service uses multiple compromised computers to generate more traffic. SQL injection allows executing malicious code on databases if not properly secured.
• Understand how phishing operates • Discuss how data can be intercepted • Understand the meaning of DoS and brute force attacks and how to protext against them • Understand the concept of SQL injection KEYWORDS
• Malware • Social Engineering • SQL Injection
• Virus • Data Interception • Worm • Brute Force • Trojan Horse • [Distributed] Denial of • Spyware Service
• Phishing • Botnet MALWARE
• Malware is a catch-all term meaning
“malicious software” • It refers to any software which can be damaging to a computer or network, or be used to illegally obtain data from a computer or network • Viruses, worms, trojan horses, and spyware are all types of malware VIRUSES • Malware designed to cause harm to a network or computer system • Attaches itself to programs or files on a computer or server • Often received by downloading files from unsafe websites, or opening attachments from malicious emails • Around 82,000 viruses are created every day • Famous viruses include Stuxnet and CryptoLocker WORMS • Worms are similar to viruses but replicate and spread themselves to other computers using a LAN or the Internet • The worm does this by exploiting vulnerabilities within the network • Worms do not need to attach to a program, and a user may not realise they have received one • Mydoom was a worm which caused £38bn worth of damage in 2004 (by adding infected machines to a botnet for DDOS attacks) and was responsible for 25% of all emails sent that year TROJAN HORSES
• So named because they are
designed to access a computer by misleading users of their intent • Very commonly attached to phishing emails SPYWARE
• Designed to steal information rather
than cause damage • Spyware might scrape data from a system’s secondary storage, or log keypresses, and send it to a separate location so it can be used • Can be harder to detect as it typically does no damage SOCIAL ENGINEERING • Also known as scamming • This technique relies on human interaction, usually tricking users into breaking normal security procedures and revealing or sending sensitive information to the criminal • This could happen via phishing emails or a phone call claiming to be from a tech support company or a bank, for example • This method does not involve technical cracking techniques PHISHING • A form of social engineering designed to acquire sensitive information such as usernames, passwords, card details, etc • Most commonly done via email DATA INTERCEPTION
• Data travels across networks in packets
• These packets are technically accessible to anyone connected to any device on their route • If the packets are unencrypted, the information sent alongside the packets can be used by the interceptor to reassemble the original data • If the packets are encrypted, the interceptor could still do this, but the resulting data would be unintelligible and therefore useless (as they would not have the decryption key) • Data interception can also be carried out physically – for example by stealing a portable hard drive • This is using trial and error to gain access to password-based entry systems • The attacker tries possible passwords repeatedly until the correct one is found • The time this takes depends on the length and complexity of the password used, and whether the user has chosen a common or BRUTE guessable password FORCE • Dictionary attacks are a common form of brute force attacks – using ATTACKS a list of the most commonly used passwords (obtained from data leaks) rather than trying every possible combination of characters DENIAL OF SERVICE
• Every time a client makes a request to a server, the
server has to use processing time, RAM space, and network bandwidth to service that request • A DoS attack works by flooding the server with so many requests that it cannot process them in a timely manner • This may fill up the RAM of the server and cause it to crash, or simply cause it to take long enough to service genuine requests that people give up DENIAL OF SERVICE • These are usually malicious attacks intended to prevent a website from being accessible • This could be to take down a website the criminal does not like • Or to extort money by threatening a DoS attack and the resulting downtime • Or as a smokescreen to hide another malicious attack happening at the same time • Sometimes this can happen unintentionally – e.g. when Glastonbury tickets are released, or when a small website is linked on a large social media site DISTRIBUTED DENIAL OF SERVICE
• A DDoS attack seeks to more effectively
carry out a DoS attack by using a large number of computers spread over a large area • This is more effective because more computers can generate more traffic at once • DDoS attacks make use of botnets – collections of “zombie” computers that have been infected with code giving a malicious user control over that machine SQL INJECTION
• If a database system is not properly
secured, an attacker can use specific inputs to execute malicious SQL statements • Virtually all database-driven websites will use SQL based databases • Basic injection attacks are easy to protect against but new vulnerabilities are being discovered all the time • SQL injection can be used to steal, access, or destroy data