NETWORK SECURITY

Malware: Trojan: Keyloggers can be downloaded or plugged into

the USB port.
Malware is any type of harmful program that A trojan is a harmful program that looks like
seeks to damage or gain unauthorised access legitimate software, so users are tricked into Ransomware:
to your computer system. installing it.
Ransomware locks files on a computer system
Virus: A trojan secretly gives the attacker backdoor using encryption so that a user can no longer
access to the system. access them.
A virus can replicate itself and spread from
system to system by attaching itself to Trojans do not self-replicate or infect other The attacker demands money from the victim
infected files. files. to decrypt (unlock) the data.

A virus is only activated when opened by a Spyware: Attackers usually use digital currencies like
human. bitcoin which makes it hard to trace them.
Spyware secretly records the activities of a
Once activated, a virus can change data or user on a computer. SQL Injection:
corrupt a system so that it stops working.
The main aim of spyware is to record SQL (Structured Query Language) is a
Worm: usernames, passwords and credit card programming language used for manipulating
information. data in databases.
A worm can replicate itself and spread from
system to system by finding weaknesses in All recorded information is secretly passed A SQL injection is when a malicious SQL query
software. back to the attacker to use. (command) is entered into a data input box on
a website.
A worm does not need an infected file or Keylogger:
human interaction to spread. If the website is insecure then the SQL query
A keylogger secretly records the key presses of
can trick the website into giving unauthorised
A worm can spread very quickly across a a user on a computer. Data is stored or sent
access to the website’s database.
network once it has infiltrated it. back to the attacker.
A SQL injection can be used to view and edit
The main aim of a keylogger is to record
the contents of a database or even gain
usernames, passwords and credit card
administrator privileges.
information.
 NETWORK SECURITY

DoS Attack: Interception:  Targeted tests are conducted by the

company’s IT department and the
A DoS (Denial of Service) attack is when a This is when data packets on a network are
penetration team cooperating to find
computer repeatedly sends requests to a intercepted by a third party (e.g. hacker) and
faults in the system.
server to overload the system. A server copied to a different location than the
overload will slow the system and may take intended destination. Anti-Malware Software:
websites offline temporarily.
Software called packet sniffers are used to Anti-malware software is used to locate and
A DDoS (Distributed Denial of Service) attack is intercept and analyse data packets. delete malware, like viruses, on a computer
a coordinated attack using a botnet of infected system. The software scans each file on the
systems to overload a server with requests. A Penetration Tests:
computer and compares it against a database
botnet is a large group of devices controlled Penetration tests are carried out as part of of known malware. Files with similar features
and used maliciously by attacker. ethical hacking. to malware in the database are identified and
deleted.
Brute-Force Attack: The purpose of a penetration test is to review
the system’s security to find any risks or There are thousands of known malwares, but
Every possible combination is tested in order
weaknesses and to fix them. new forms are created each day by attackers,
from start to finish. This is not a quick method,
so anti-malware software must be regularly
but it should break the password eventually There are four main types of penetration tests: updated to keep systems secure.
and can be sped up if multiple computer
systems are used at the same time.  Internal tests are to see how much Other roles of anti-malware software:
damage could be done by somebody
Social Engineering: within the company with a registered  Checking all incoming and outgoing emails
account. and their attachments.
Social Engineering means to trick others into  Checking files as they are downloaded.
 External tests are for white hat hackers to
revealing their personal data by posing as a  Scanning the hard drive for viruses and
try and infiltrate a system from outside
trusted source. deleting them.
the company.
e.g. Impersonating an IT technician of a school  Blind tests are done with no inside
via email and asking for a student´s username information, to stimulate what a real
and password. attacker would have to do to infiltrate the Firewall:
system.
 NETWORK SECURITY

A firewall manages incoming and outgoing length (at least 8 characters) and should be A lock can be used to prevent access to server
network traffic. regularly changed. rooms or locations that store confidential
data. Only authorised personnel will have
Each data packet is processed to check User Access Levels: access.
whether it should be given access to the
network by examining the source and Access levels are used to only show certain e.g. keycards, security staff, CCTV cameras and
destination address. users to access and edit particular files. alarms.

Unexpected data packets will be filtered out It is important to set access levels so that only
and not accepted to the network. authorized users can view and change data.
The more users who have access to a file, the
Other roles of a firewall include: more likely it is to be compromised. Certain
users may also have no access to a file – when
 Blocking access to insecure/malicious web
they can’t view or edit it.
sites.
 Blocking certain programs from accessing Encryption:
the internet.
 Blocking unexpected/unauthorized Encryption is the process of scrambling data
downloads. into an unreadable format so that attackers
 Preventing specific users on a network cannot understand it if intercepted during
accessing certain files. transmission.

Secure Passwords: The original data (known as plaintext) is

converted to scrambled ciphertext using an
Usernames must be matched with a secure encryption key. Only at the correct destination
password to minimize the chances of will the encryption key be used to convert the
unauthorized users accessing the system. ciphertext back into plaintext by the receiving
computer.
Passwords should contain a mix of uppercase
and lowercase letters, punctuation and
numbers. Passwords should be of a substantial
Physical Security: