Network Security & Threats (OCR A Level Computer Science)

Network Security & Threats

What are Common Network Threats?

Hackers

• Individuals or groups who exploit system vulnerabilities to gain unauthorised access to data
  Hacking involves gaining unauthorised access to a system or network to steal or manipulate data, disrupt services, or cause damage
  The aim of hacking can vary from personal gain to activism or cyber espionage

Viruses

• Malicious software programs designed to spread from one computer to another and interfere with normal operations

• A virus attaches itself to a legitimate program or file and then replicates itself to spread to other programs or files on the computer. It can cause damage to the system, including deleting data or damaging hardware

Malware

• Malware is malicious software designed to harm or gain unauthorised access to a system or network. Types of malware include:
  

  • A worm is similar to a virus but is a standalone program that can spread and replicate itself over computer networks. It can take up storage space or bandwidth

  • A Trojan horse is a program that disguises itself as a legitimate program or file, but when installed, it can delete data or damage hardware

  • Spyware is software that records all key presses and transmits these to a third-party

  • Adware is software that displays unwanted advertisements on the computer without the user's consent. Some of these may contain spyware, and some may link to viruses when clicked

  • Ransomware is malware that encrypts the user's files and demands a ransom payment to decrypt them. It can cause data loss and financial damage and disrupt business operations

• The aim of malware attacks can range from data theft to extortion or disruption of services

Denial of Service (DoS)

• A DoS attack is where a computer floods a server with lots of requests at the same time, which the server can’t respond to, causing it to crash or become unavailable to users

• A DoS attack aims to disrupt the normal functioning of a system or network by denying users access

Distributed Denial of Service (DDoS) Attack

• A DDoS attack is where similar to a DoS attack but instead multiple computers are used as bots which send the requests to the server

SQL Injection

• An attack technique used to exploit security vulnerabilities in a website, where malicious SQL statements are inserted into an entry field for execution

• This can potentially expose a company’s database to hackers

Phishing

• Attempting to acquire sensitive information by masquerading as a trustworthy entity in an electronic communication

• Phishing involves the user being sent an email that looks legitimate

• This email contains a link to a fake website where the user is encouraged to enter their details

• Phishing aims to steal sensitive information for personal gain or to use it for further cyber attacks

Pharming

• This is a cyber attack intended to redirect a website's traffic to another bogus site

• Pharming involves malware being downloaded without the user’s knowledge

• This redirects the user to a fake website where they’re encouraged to enter their personal details

• Pharming aims to steal sensitive information for personal gain or to use it for further cyber attacks

Social Engineering

• Social engineering involves manipulating individuals to gain access to confidential information or to perform an action that benefits the attacker

• This can include techniques such as:

  • Posing as someone else to gain trust or access to sensitive information - attackers might pretend to be a co-worker, IT support personnel, or a law enforcement officer to get people to divulge sensitive information or perform an action they wouldn't otherwise do

  • Enticing a victim with the promise of a desirable item to extract sensitive information or gain access to a system

  • Leaving a USB drive with a tempting label, like "salary information," in a public place and waiting for someone to pick it up and plug it into a computer - once the drive is connected to the computer, the attacker can access sensitive information or install malware

  • Posing as a bank representative and asking for personal information to "verify your account”

Network security

There are many different methods and techniques that have been developed to make networks more secure. Some of these include:

• Firewalls: Network security systems that monitor and control incoming and outgoing network traffic based on predetermined security rules

• Secure Passwords: Using strong, complex, and unique passwords helps to protect against unauthorised access

• Anti-virus Software: Programs designed to detect and neutralise or remove malicious software like viruses, worms, and Trojans

• Anti-spyware Software: Tools to detect and remove spyware and other kinds of malware

• Two-factor Authentication (2FA): Adds an additional layer of security by requiring users to provide two forms of identification - usually a code sent to their phone or email as well as their password

• Regular Software Updates: Keeping all systems and software up-to-date ensures you have the latest security patches

• Employee training can be essential to instil a culture of security consciousness within the company

• A strong security policy (e.g. insisting on regular password changes) can further help in maintaining a secure network environment