System Security

System Security is the process by which you install software onto a computer/ device in order to prevent damage to the system e.g. viruses.

Malware is types of programs which can attack digital devices. By combining the words ‘malicious’ (meaning ‘harmful’) and ‘software’ we get the word ‘malware’. A virus is a type of malware that is designed to gain access to someone’s personal computer. They often copy personal files or slow down a computer. A Trojan horse is a program that disguises itself as safe only to later prove to be dangerous and in turn attack your device. Lastly, Spyware is again simply another type of malware, it usually steels a person personal information from their device such as passwords and email addresses. Some spyware can even use your webcam.

Phishing is when you try and trick someone into giving you their personal information through and email, for example their bank details. You might receive an email claiming to be from your bank or from a social networking site. They usually include a link to a fake website that looks identical to the real one. When you log in it sends your username and password to someone who will use it to access your real accounts. They might steal your money or your identity.

Social attacks are when someone goes after a person not a machine. For example, banks today have many layers of security to get through if you try and hack a computer but it is possible to phone the bank pretending to be someone’s family and ask for access, a lot of the time tricking the staff through sympathy is relatively easy and definitely a lot easier than trying to get through their system. Some Examples of social Engineering are:

●        Bribing a user into allowing an attacker access to a system

●        Putting a thumb-drive full of malware somewhere a user might pick it up, and labelling it so that they would want to open it on their system. Something like "Salary Records" or "Staff redundancies".

●        Phoning up a user at work and convincing them to break policy and give them the information they want directly, like patient information records.

This the most basic way to guess a password. A computer program is coded to go through ever possibly combination of letters and numbers (or whatever parameters the website sets) until it guesses correctly. However a brute force attack requires the login platform to allow an infinite amount of guesses so it can be easily stopped by a limit on the amount of incorrect guesses you can have before you are locked out and asked something like a security question or the registered email is emailed or the registered number is text etc…

This is a method of stopping legitimate users from accessing a server, it can be used to block websites. It floods a targeted server with millions of false requests to the point where the CPU crashes. Criminals may demand money from the web site owner to stop the attack. The DoS attack may also have been carried out as a punishment for 'unethical' behaviour in the view of the attackers.

This is often called the “passive attack” because it doesn’t actually damage the data.  This is when data packets are intercepted and fitted with something that means the hacker can spy on the user. Said packets are then sent to the final destination with the user none the wiser. The data within each packet, such as passwords or confidential information, is then extracted from the copied packets. An effective defence against this to encrypt each data packet. The eavesdropper would then have the extra task of decrypting the information.

This is a form of database attack with the aim of getting a user’s personal information, for example their passwords. With SQL injection, the attacker tries to insert extra SQL commands into the input boxes, hoping that these commands will be carried out by the server.

The usual way to protect against this is for the server to validate the information properly before the SQL request is formed. For example, the user name and password may only be a certain length and not to allow spaces.

This is when the network administrator doesn’t have sufficient security causing a risk to users. The network policy is mainly aimed at helping users use the network well. The Policy may state, for example, that passwords must be hard to guess or that no one is allowed to share their login. Often users will have to sign a document agreeing to these terms.

Penetration testing (sometimes called pen test) is used by companies or other organisations to assess the security of their computer systems, networks and websites. During the test, a simulated attack takes place, specifically looking for weak points that might make it easier for hackers to access their system. Penetration tests are ALWAYS authorised by the company. The aim is to identify weaknesses so that they can be fixed.

Network forensics refers to the watching and analysing of data on a computer system. This is done to help flag up when a network attack is occurring, to gather information as part of a police or security service investigation or to monitor the network, to ensure it is running optimally. This also means that attacks can be tracked back to their original location.

A network policy is a document that sets out the rules of a network in order to protect it. Every network manager should make sure that they have a set of network policies in place.

Anti-malware software is designed to detect and block attacks from malware. Some operating systems have their own inbuilt anti-virus software.

In a large organisation, a network manager should make sure that all the computers under their control are secure and the anti-virus software is up to date.

A firewall is software that will block unexpected connections coming in to the network. Most operating systems include a firewall.

In a large company or school, many people will be using computers on the same network. A network manager will normally control the level of access people have to the network. General users will not have the ability to download any software they want or to make changes to any part of the system, as that could affect other users.

The more people have access to sensitive parts of the network, the more likely it is that a hacker or a virus might be able to cause damage.

You can set user access levels on your home computer. For example, a parent may prevent a child from being able to install software.

When more than one person uses a network it is important to have user IDs and passwords. Only someone with a login and password can access that network. It also helps the network manager trace unusual activity to a specific user.

A weak password makes it easy for someone to try to guess your login details. A good password will have a mix of upper case and lower case letters, numbers and special characters.

Any message sent over a network can be intercepted. Encryption is a method of changing the original numbers and characters so that they are hidden or disguised. This is important if you are sending sensitive information.

One method of encryption is the Caesar Cipher Algorithm. In this method, each letter of the alphabet is simply replaced by another letter in the alphabet that might be one or more letter positions away.

It is possible to send unauthorised SQL queries to a database by typing extra data into some input fields. This is called 'SQL injection'. A good defence against this is to 'sanitise' the input to render it harmless.