Unit 1.6 Systems security Lesson 1
This lesson covers the following from specification 1 This lesson covers the following from specification 1.6 System Security: Forms of attack Threats posed to networks: Malware Phishing People as the weak point in secure systems (social engineering) Brute force attacks DDOS Data interception and theft SQL injection Poor network policy Identifying and preventing vulnerabilities Penetration testing Network forensics Network policies Anti-malware software Firewalls User access levels Passwords Encryption
Key Words Malware Viruses Worms Trojan Horses Phishing Social Engineering Data Interception Network Policies
Big Picture What computing threats are out there in the world? https://www.youtube.com/watch?v=dVW1FNWSaTg
Learning Objectives Explain the different types of malware Discuss a real life malware-related event Understand how phishing operates Discuss how data can be intercepted
Engagement Activity What technological threats do modern companies face?
Malware Otherwise known as ‘malicious software’ Software which can be malicious if damaging to a computer or network Examples include viruses, worms and trojan horses
Viruses Malicious software designed to cause harm to a network or computer system Attaches itself to programs or files on a computer or server Can affect all components of an operating system Around 82,000 viruses are made each day Famous viruses include Stuxnet and CryptoLocker Source: https://uk.norton.com/norton-blog/2016/02/the_8_most_famousco.html
Worms Replicates itself in order to spread to other computers Often using a computer network In order to achieve this, the worm exploits vulnerabilities across the computer network Unlike a virus, it does not need to attach to a program
Trojan Horses Malicious computer program Designed to access a computer by misleading users of its intent Example: Email appearing to have been sent from a bank asking to download security software which would improve security where in fact the software intention is to give unauthorised access to the system
Activity 1 Complete Activity 1 – Table Explain the different types of malware and use resources in order to expand on your answers.
Social Engineering Relies on human interaction (social skills) Commonly involves tricking users into breaking normal security procedures Method does not revolve around technical cracking techniques such as worms or viruses
Computer Phishing Form of social engineering Designed to acquire sensitive information such as usernames, passwords, card details etc. Most common phishing attacks are sent through email
Phishing To: John Smith <john.smith@email.com> From: MyBank <banking.services@mdhebznuyw.ru> Subject: IMPORTANT – Update your banking informations!!!!!! Message: Dear valued customer, We are writing to inform you that there may have been some fraudulent activity on your account. In order to verify your details and identify any issues with your banking service, please click on the link below in order to access your online account and confirm your information. You will need to confirm your card information, so please have these details ready. Click here to log in Regards, MyBank
Telephone (IVR) Phishing Telephone system mirroring – direct phone calls that pretend to be an official service For example, a telephone phishing system would request similar prompts to a bank if the exploit was to gain banking information User could be asked to enter bank number, expiry, CCV, PIN and system may reject or ask for re-entry to ensure original digits are correct
Activity 2 Look at the Activity 2 email Identify how you could tell this email may be a phishing email What are the ‘tell-tale’ signs?
Data Interception and Theft Data travels across networks in packets Packets can be intercepted If packets are encrypted, they cannot be read without a key Unencrypted packets can be re-assembled using signatures Data can also be intercepted physically, for example portable hard drives and other external hardware can be stolen
Network Policies Outlines rules for network access Most common is Acceptable Use Policy (AUP) You may have been asked to agree to an AUP when joining your school Other policies more suitable for contractors and those in charge of maintaining the network Find out more: https://www.youtube.com/watch?v=Kk-58HULBYM
Poor Network Policy Could expose a network to numerous threats Users could be unaware of the risks of: using software opening emails turning off firewalls etc. Most networks restrict users to what they can/cannot do Can you install software on your school PC? Do you have filters on your email and internet browser?
Activity 3 Short research, discussion and present findings What different ways are there to intercept data? What risks are there to the following stakeholders: Individuals Companies Governments Military
Plenary What is Phishing? Are there different types of phishing? If so, what are they?
OCR Resources: the small print OCR’s resources are provided to support the teaching of OCR specifications, but in no way constitute an endorsed teaching method that is required by the Board, and the decision to use them lies with the individual teacher. Whilst every effort is made to ensure the accuracy of the content, OCR cannot be held responsible for any errors or omissions within these resources. © OCR 2017 - This resource may be freely copied and distributed, as long as the OCR logo and this message remain intact and OCR is acknowledged as the originator of this work. OCR acknowledges the use of the following content: n/a Please get in touch if you want to discuss the accessibility of resources we offer to support delivery of our qualifications: resources.feedback@ocr.org.uk