Cybersecurity
Threats to a A group of interconnected computers/devices. can take many forms.
- Tricking people into giving sensitive data such as PINs or passwords.
- unpatched The programs, applications and data in a computer system. Any parts of a computer system that aren't physical.
- Universal serial bus (USB): connects peripheral devices to a computer, eg a camera, memory stick, keyboard, mouse or mobile. and digital devices
- eavesdropping
- key loggers
Social engineering
Social engineering is where users are manipulated by cyber criminals into giving access to the network.
Phishing
In the most common form of phishing, a A person who tries to gain unauthorised access to a computer. pretends to be somebody in order to trick the user into disclosing sensitive Units of information. In computing there can be different data types, including integers, characters and Boolean. Data is often acted on by instructions. such as their user ID and password. This might be done with or without their knowledge. Some of the most common forms of social engineering are An attempt to gain personal information about someone by way of deception, eg sending an email pretending to be from their bank asking them for their bank details. and shoulder surfing. For example, this might be an email pretending to be a genuine message from the user’s bank containing a link to a website that looks like the real bank’s website. When the user clicks on the link it takes them to a fake website, designed to catch data such as their ID and password.
Shoulder surfing
A hacker watches a user to record the password or PIN they enter. This might be by looking over their shoulder at a cashpoint before stealing their bank card and using it to withdraw money. It might involve watching a user as they enter a door code to allow the hacker to gain access to the physical network.
Unpatched software
Occasionally a software manufacturer identifies potential security breaches in their own software and sends out An update to a piece of software, usually to fix bugs or improve the software in some way. to their registered users. The patches update the software and fix the potential hazards. A network manager is responsible for keeping up to date with the latest patches. They must ensure that the patches are installed on the system before a cyber criminal can use the security loopholes to gain access to their data.
USB and digital devices
The network policy should identify if users are allowed to connect USB devices and digital devices to the network and how this can be done safely. These devices can contain Software that is designed to cause harm or damage to a computer. This includes viruses that might damage files, adware that causes pop-ups, and spyware that collects and shares login details., which may infect the network, causing damage to The physical parts of a computer system, eg a graphics card, hard disk drive or CD drive., software and data.
Eavesdropping
A hacker monitors a network in order to gain information. An example of this is wiretapping, where communications are monitored. The hacker can use this data later to gain access to the system by pretending to be an authorised user. This is also known as a ‘man-in-the-middle’ attacks.
Key loggers
Key loggers are programs that capture user Data which is inserted into a system for processing and/or storage.. This data is then sent on to people with malicious intent.
More guides on this topic
- The CPU - Eduqas
- Primary storage - Eduqas
- Secondary storage and embedded systems - Eduqas
- Networks - Eduqas
- Data representation - Eduqas
- Storage and data organisation - Eduqas
- Operating systems - Eduqas
- Principles of programming - Eduqas
- Algorithms - Eduqas
- Sorting, searching and validation - Eduqas
- Software development - Eduqas
- Impacts of digital technology on wider society - Eduqas
