Forms of Attack on a Network (OCR GCSE Computer Science)

Forms of attack on a network

• Computers face a variety of forms of attack and they can cause a large number of issues for a network
• The main threats posed to a network to know about are
  • Malware
  • Social engineering
  • Brute-force attacks
  • Denial of service attacks
  • Data interception & theft
  • SQL injection

What is malware?

• Malware (malicious software) is the term used for any software that has been created with malicious intent to cause harm to a computer system
• Examples of issues caused by malware include
  • Files being deleted, corrupted or encrypted
  • Internet connection becoming slow or unusable
  • Computer crashing or shutting down 
• There are various types of malware and each has slightly different issues which they cause

Malware	What it Does
Virus	A program which can replicate itself on a user's computer. It contains code that will cause unwanted and unexpected events to occur Examples of issues a user may experience are Corrupt files Delete data Prevent applications from running correctly
Worms	Worms are very similar to viruses, with the main difference being that they will spread to other drives and computers on the network Worms can infect other computers from Infected websites Instant message services Email Network connection
Trojan	Sometimes also called a Trojan Horse Trojans disguise themselves as legitimate software but contain malicious code in the background
Spyware	Software which will allow a person to spy on the users' activities on their devices This form of software will be embedded into other software such as games or programs that have been downloaded from illegitimate sources Spyware can record your screen, log your keystrokes to gain access to passwords and more
Ransomware	A form of malware that locks your computer or device and encrypts your documents and other important files Often a demand is made for money to receive the password that will allow the user to decrypt the files There is no guarantee paying the ransom will result in the user getting their data back

What is social engineering?

• Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them
• There are many forms of social engineering, some examples include
  • Fraudulent phone calls: pretending to be someone else to gain access to their account or their details
  • Phishing: Sending fraudulent emails to a large number of email addresses, claiming to be from a reputable company or trusted source to try and gain access to your details, often by coaxing the user to click on a login button
  • Pretexting: A scammer will send a fake text message, pretending to be from the government or human resources of a company, this scam is used to trick an individual into giving out confidential data
• People are seen as the weak point in a system because human errors can lead to significant issues, some of which include
  
  • Not locking doors to computer/server rooms
  • Not logging their device when they're not using it
  • Sharing passwords
  • Not encrypting data
  • Not keeping operating systems or anti-malware software up to date

What is a brute-force attack?

• A brute force attack works by an attacker repeatedly trying multiple combinations of a user's password to try and gain unauthorised access to their accounts or devices
• An example of this attack would be an attacker finding out the length of a PIN code, for example, 4-digits
• They would then try each possible combination until the pin was cracked, for example
  • 0000
  • 0001
  • 0002
• A second form of this attack, commonly used for passwords is a dictionary attack
• This method tries popular words or phrases for passwords to guess the password as quickly as possible
• Popular words and phrases such as 'password', '1234' and 'qwerty' will be checked extremely quickly.

What is a denial of service attack?

• A Denial of Service Attack (DOS attack) occurs when an attacker repeatedly sends requests to a server to flood the server with traffic, causing it to overload the system
• The server will slow down to the point of becoming unusable 
• There is also a larger-scale version of this known as a Distributed Denial of Service (DDOS) attack
• This works in a s similar way to a DOS attack, with the main difference being that the traffic comes from multiple distributed devices in a coordinated attack on a single server/network

What is the purpose of a DOS attack?

• A DOS attack will prevent customers from accessing or using a service
• This will result in companies losing money and not being able to carry out their daily duties
• A DOS attack can cause damage to a company's reputation

What is data interception & theft?

• Data interception and theft is when thieves or hackers can compromise usernames and passwords as well as other sensitive data
• This is done by using devices such as a packet sniffer
• A packet sniffer will be able to collect the data that is being transferred on a network
• A thief can use this data to gain unauthorised access to websites, companies and more 

What is SQL?

• Structured Query Language (SQL) is a language used to create, access and manipulate a database

What is SQL injection?

• SQL injection is entering an SQL command into a web text field to manipulate the SQL query
• The goal is to insert, modify or delete data from the database
• An example of SQL injection would be a user typing in a query such as
  • SELECT UserId, Name, Password FROM Users WHERE UserId = 100 or 1=1;

  • This would return all of the User IDs, Names and passwords because 1 is always equal to 1