Cybersecurity
Threats to a networkA group of interconnected computers/devices. can take many forms.
- social engineeringTricking people into giving sensitive data such as PINs or passwords.
- unpatched softwareThe programs, applications and data in a computer system. Any parts of a computer system that aren't physical.
- USBUniversal serial bus (USB): connects peripheral devices to a computer, eg a camera, memory stick, keyboard, mouse or mobile. and digital devices
- eavesdropping
- key loggers
Social engineering
Social engineering is where users are manipulated by cyber criminals into giving access to the network. This might be done with or without their knowledge. Some of the most common forms of social engineering are phishingAn attempt to gain personal information about someone by way of deception, eg sending an email pretending to be from their bank asking them for their bank details. and shoulder surfing.
Phishing
In the most common form of phishing, a hackerA person who tries to gain unauthorised access to a computer. pretends to be somebody in order to trick the user into disclosing sensitive dataUnits of information. In computing there can be different data types, including integers, characters and Boolean. Data is often acted on by instructions. such as their user ID and password. For example, this might be an email pretending to be a genuine message from the user鈥檚 bank containing a link to a website that looks like the real bank鈥檚 website. When the user clicks on the link it takes them to a fake website, designed to catch data such as their ID and password.
Shoulder surfing
A hacker watches a user to record the password or PIN they enter. This might be by looking over their shoulder at a cashpoint before stealing their bank card and using it to withdraw money. It might involve watching a user as they enter a door code to allow the hacker to gain access to the physical network.
Unpatched software
Occasionally a software manufacturer identifies potential security breaches in their own software and sends out patchAn update to a piece of software, usually to fix bugs or improve the software in some way. to their registered users. The patches update the software and fix the potential hazards. A network manager is responsible for keeping up to date with the latest patches. They must ensure that the patches are installed on the system before a cyber criminal can use the security loopholes to gain access to their data.
USB and digital devices
The network policy should identify if users are allowed to connect USB devices and digital devices to the network and how this can be done safely. These devices can contain malwareSoftware that is designed to cause harm or damage to a computer. This includes viruses that might damage files, adware that causes pop-ups, and spyware that collects and shares login details., which may infect the network, causing damage to hardwareThe physical parts of a computer system, eg a graphics card, hard disk drive or CD drive., software and data.
Eavesdropping
A hacker monitors a network in order to gain information. An example of this is wiretapping, where communications are monitored. The hacker can use this data later to gain access to the system by pretending to be an authorised user. This is also known as a 鈥榤an-in-the-middle鈥 attacks.
Key loggers
Key loggers are programs that capture user inputData which is inserted into a system for processing and/or storage.. This data is then sent on to people with malicious intent.
More guides on this topic
- The CPU - Eduqas
- Primary storage - Eduqas
- Secondary storage and embedded systems - Eduqas
- Networks - Eduqas
- Data representation - Eduqas
- Storage and data organisation - Eduqas
- Operating systems - Eduqas
- Principles of programming - Eduqas
- Algorithms - Eduqas
- Sorting, searching and validation - Eduqas
- Software development - Eduqas
- Impacts of digital technology on wider society - Eduqas