Cyber Security & Threats (AQA GCSE Computer Science)

What is cyber security?

• Cyber security is the processes, practices and technologies designed to protect networks, computers, programs and data from attack, damage or unauthorised access
• The main cyber security threats are:
  • Social engineering techniques
  • Malicious code (malware)
  • Pharming
  • Weak and default passwords
  • Misconfigured access rights
  • Removable media
  • Unpatched and/or outdated software

What is social engineering?

• Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them
• Social engineering is the art of manipulating people so they give up confidential information 

Blagging (pretexting)

• The art of creating and using an invented scenario to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances
• E.g. a scammer will send a fake text message, pretending to be from the government or human resources of a company, this scam is used to trick an individual into giving out confidential data

Phishing

• Sending fraudulent emails/SMS to a large number of people, claiming to be from a reputable company or trusted source to try and gain access to your details, often by coaxing the user to click on a login button/link

Shouldering

• Observing a person's private information over their shoulder e.g. cashpoint machine PIN numbers

How can you protect against it?

• The best way to protect an individual from the threat of social engineering is to ensure the proper training/education has taken place
  • What questions to ask to determine authenticity (blagging)
  • What to look for in an email/SMS (phishing)
  • Being aware of surroundings/location (shouldering)

Why is malware a threat?

• Malware (malicious software) is the term used for any software that has been created with malicious intent to cause harm to a computer system
• Examples of issues caused by malware include
  • Files being deleted, corrupted or encrypted
  • Internet connection becoming slow or unusable
  • Computer crashing or shutting down 
• Malware can exist in many forms, each designed to perform its role in different ways

Malware	What it Does
Computer virus	A program which can replicate itself on a user's computer. It contains code that will cause unwanted and unexpected events to occur Examples of issues a user may experience are Corrupt files Delete data Prevent applications from running correctly
Trojan	Sometimes also called a Trojan Horse Trojans disguise themselves as legitimate software but contain malicious code in the background
Spyware	Software which will allow a person to spy on the users' activities on their devices This form of software will be embedded into other software such as games or programs that have been downloaded from illegitimate sources Spyware can record your screen, log your keystrokes to gain access to passwords and more

How can you protect against it?

• To protect against the threat of malware:
  • Ensure code is written correctly
  • Keep anti-malware software up to date
  • Install a firewall
  • Educate users

Why is pharming a threat?

• Pharming is typing a website address into a browser and it being redirected to a 'fake' website in order to trick a user into typing in sensitive information such as passwords
• An attacker attempts to alter DNS settings, the directory of websites and their matching IP addresses that is used to access websites on the internet or change a users browser settings

How can you protect against it?

• To protect against the threat of pharming:
  • Keep anti-malware software up to date
  • Check URLs regularly
  • Make sure the padlock icon is visible

Why are weak/default passwords a threat?

• A week password is a password with less than 8-12 characters and does not contain a combination of:
  • Upper case characters
  • Lower case characters
  • Numbers
  • Special characters (*, #. ! etc.)
• Predictable patterns make a weak password, for example, using birthdays, names and/or keyboard patterns (qwerty)

How you can protect against it?

• To protect against the threat of week/default passwords:
  • Use a 'strong' password
  • Regularly change passwords

Why are access rights a threat?

• Access rights are pre-determined levels of access for how a user can and cannot interact with resources on a computer system
• Common examples of access rights are linked to basic file operations, such as:
  • Read only
  • Write
  • Modify
  • Delete
• Access rights can control a users ability to launch/share programs
• Incorrect/misuse of user access rights are a huge threat to network security

How can you protect against it?

• To protect against the misuse of access rights:
  • Grant minimum access rights unless proven to need more

Why is removable media a threat?

• Removable media is a secondary storage device that is designed to be portable and allow movement of data between computer systems
• Examples of removable media are:
  • USB memory stick
  • External hard drive
  • Optical disks
  • Memory cards
• Removable media poses a threat to networks in two main ways:
  • Data in - Malware infected removable media being used on a network can lead to
    • spread of infection across the network
    • data loss/corruption
    • network disruption
  • Data out - Sensitive data being intentionally/unintentionally leaked/lost

How do you protect against it?

• To protect against the threat of removable media:
  • Restrict/block the use
  • Encryption
  • Training

Why is unpatched/outdated data a threat?

• Software is often released in a less than perfect state and flaws/vulnerabilities may exist which can provide an opportunity for hackers
• Unpatched/outdated data can lead to:
  • Data breaches
  • Installation of malware

How can you protect against it?

• To protect against the threat of unpatched/outdated data:
  • Ensure all software is kept up to date