5.2.3: understand different forms of cyberattack (based on technical weaknesses and behaviour) including social engineering (phishing, shoulder surfing), unpatched software, USB devices, digital devices and eavesdropping
Keyword | Definition |
---|---|
DDOS | a type of computer attack where a computer or network service is shut down due to being overwhelmed by a high volume of traffic distributed from a large number of computers |
Digital devices | small computers (e.g Raspberry Pi) which can be connected to a network then hidden away whilst they harvest sensitive data |
DOS | a type of cyber attack where a computer or network service is shut down due to a being overwhelmed by a high volume of traffic from one computer |
Eavesdropping | the process of inspecting network traffic from other devices in order to find sensitive data like usernames and passwords |
Phishing | a form of cyberattack where users are asked to enter their personal details into a fake login form which will harvest their credentials |
Ransomware | type of malware which encrypts files and demands payment from a user before they can decrypt and access their data |
Shoulder surfing | a form of cyberattack where a person or device watches people as they enter their passwords in order to harvest their credentials |
Social engineering | a form of cyber attack (including phishing and shoulder surfing) where people are tricked into giving away their credentials |
Unpatched software | application or operating system software where a vulnerability has been identified that hasn't yet been fixed and could be exploited by hackers |
USB devices | hacking devices made to look like mice or keyboards which may install keyloggers, viruses or other malicious software |