Cyber Security is an approach to computer security covering processes, practices, and technologies designed to protect networks, computers, programs, and data from attack, damage, and unauthorised access.
Cyber Security is an approach to computer security covering processes, practices, and technologies designed to protect networks, computers, programs, and data from attack, damage, and unauthorised access.
It would be nice to learn the whole thing, but in an exam you would get away with saying "the processes of protecting networks from attacks". [See June 2023, Paper 2, Question 16.1]
There are four main threats that we will look at in detail.
Using weak or default passwords provides an easy way into a network for hackers.
When a device needs a username and password to log on, a default password is usually provided that allows the device to be accessed during setup. Some users are careless and do not change this default password.
The top four most common passwords are: 123456, password, 12345678,
and qwerty. Hackers will often have lists of the most common passwords and check these first.
Using a common password therefore significantly increases the likelihood of a hacker correctly guessing your
password.
Misconfigured access rights can open up a network to an insider attack.
In an organisation, different users should be able to access different things. This idea is called user access levels. For example, students and teachers will have different access rights on a school network.
Misconfigured access rights are when a user can access something they're not supposed to be able to access. For example, students on a school network should not be able to access the terminal. But, by running the Python code in Example 1, they might have access. And, if a malicious student used the code, they may be able to coordinate an insider attack.
Example 1 shows some Python code which may or may not be able to load up a terminal window.
Example 1
import os
os.system("powershell")
Removable media devices pose two main risks to network security.
They allow users to bring malware into the network, and to take data out of the network.
Organisations can protect themselves by disabling USB read/write to users altogether.
Using unpatched or outdated software can leave devices vulnerable to attack through known exploits in that software.
When exploits are discovered, patches are released almost immediately, but devices that haven't updated the software are still vulnerable.
Antivirus software must be kept up-to-date to be able to provide protection against the latest viruses and malware. This is because antivirus software relies on an up-to-date database of virus 'signatures' to help it detect and remove new viruses.
How would an ethical hacker test a network's security?
Tap/click to reveal By attempting to hack into the network in what's called a penetration test: we'll learn more about them on the next page.