Unit 10 - Cybersecurity Review
Multi-Factor Authentication
which requires multiple pieces of information to authenticate.
Spear-Phishing
a phishing expedition in which the emails are carefully designed to target a particular person or organization
Caesar Cipher
a technique for encryption that shifts the alphabet by some number of characters
Cryptomining Malware
utilizes a computer's resources to mine for cryptocurrency Allows the creators to earn cryptocurrency without needing to spend money on powering their own computers.
Benefits of Geolocation
Find our lost phone Discover a local café to satisfy our craving for a quiche Document an epic cross-country bike ride Law enforcement agencies can locate violent offenders Ambulances can rush to a caller's location
Electronic Frontier Foundation (EFF)
A nonprofit organization that seeks to increase the understanding of civil liberties and other legal issues in cyberspace, or what it called the electronic frontier.
Geolocation
An HTML5 application programming interface that allows developers to retrieve the geographical location information for a client-side device.
PII theft
Attackers can steal PII from companies. Once attackers had access to that data, they could use the Social Security numbers to impersonate people or use the credit card numbers to make unauthorized purchases
Virtual Private Network (VPN)
Companies can establish direct private network links among themselves or create private, secure Internet access, in effect a "private tunnel" within the Internet
third-party cookies
Cookies put on a computer by those other than the website being visited, such as advertisers inserting their own cookies on a web page. A website can also include resources from other domains, like an image, iframe, or script. When the browser requests those resources, their servers can also send back cookies, which will now be associated with their domain
Techniques to Crack the Cipher
Frequency Analysis, Known Plaintext, Brute force
Ransomware
Holds a computer hostage by encrypting user data or blocking access to applications Then, demands the user pay a ransom to the anonymous malware creators.
Personally Identifiable Information (PII)
Information about individuals that can be used to trace a person's identity, such as a full name, birthdate, biometric data, and identifying numbers such as a Social Security number (SSN). Organizations have an obligation to protect PII and often identify procedures for handling and retaining PII in data policies.
PII regulations
Laws regulate how institutions store and process PII to prevent PII to fall into wrong hands
Digital Certificate/ Public Key Certificate/ Identity Certificate
Proves the ownership of an encryption key.
Signs of Phishing
Suspicious email, URL, Non-secured HTTP connections, Requests for sensitive information, Urgency/Scare attacks in emails
Types of Malware
Trojan Horse, Virus, Worm
Cell tower trilateration
can estimate the distance between the tower and a phone by measuring the round-trip delivery time and signal strength improve that estimate by knowing which of the three antenna arrays sent the signal Single tower enough improve that estimate by knowing which of the three antenna arrays sent the signal
Session cookies
cookies stored in memory and deleted when the browser is closed
Certificate Verification: Server's Digital Certificate
the server's way of saying "Yes, I really am who you think I am".
First-Party Cookie
A cookie that is created from the website currently being viewed. When you visit a website and its server sends back an HTTP response with a cookie, the browser associates that cookie with the domain of the server
Passive Interception
A rogue access point can read your data but cannot manipulate it If connect to a network with a rogue access point and enter password on a site over HTTP, the rogue access point can read the password. Also collect a user's Internet footprint by monitoring DNS requests and other Internet traffic Since rogue access point profile Internet Behavior, expose private information about you such as the types of websites you visit.
Search engine
A software program you can use to find Web sites, Web pages, and Internet files.
Global positioning system (GPS)
A system that determines the precise position of something on Earth through a series of satellites, tracking stations, and receivers.
Firewall
A system that monitors incoming and outgoing network traffic to a computer or internal network, and determines what traffic to allow. Perform automated detection of suspicious traffic and can also be configured manually. Cannot identify and block all malware, but they are a useful line of defense for what they can identify.
Malware is...
A virus is a type of computer malware, but there are other types of malware. Malware can affect desktops, laptops, phones, and servers.
Password
A word or phrase that you must type for access to an encrypted file
Security Patch
An update to the code of an application or the entire operating system, and often fixes a bug that's been exploited by malware. Computers, including mobile phones and hardware devices, should always keep up to date with security patches to reduce the risk of malware.
Rogue Access Point
An access point installed on a network w/o the network owner's permission If an attacker owns the access point, they can intercept the data (e.g. PII) flowing through the network.
Public key encryption
An asymmetric encryption technique which uses different keys for encryption and decryption, allowing computers over the Internet to securely communicate with each other
Phishing Attack
An attempt to trick a user into divulging their private information.
Browsing History
List of all websites you have visited over a period of time. it isn't very private => can be tracked by websites, browsers, ISPs, and even the government
Antivirus software
Once an antivirus program finds a piece of malware, guides the user through deleting or repairing the file to be safe again. Since new kinds of malware are invented all the time, antivirus programs must constantly update their list of known malware.
Keylogging Software
Records keystrokes with the aim of gaining access to confidential such as passwords. It typically sends the data to the attacker somehow, so that they can use the confidential information to break into user accounts
Encrypting Data
Scramble the original data to hide the meaning of the text, while still making it possible for the data to be unscrambled using a secret key Enables two people or computers to share private information over open networks preventing the hacker to read the text because they can only read the scrambled data
Difference Between Session and Persistent cookies
Session expires once browser is exited while persistent cookies can be set for long periods of time
Fingerprinting
The systematic survey of a targeted organization's Internet addresses collected during the footprinting phase to identify the network services offered by the hosts in that range.
Risks of Geolocation
There have been multiple cases of people using publicly accessible geolocation data to stalk a former partner or a stranger. Law enforcement agencies have been accused of using an inaccurate geolocation to wrongly accuse someone of a crime. Websites can choose to censor information based on where they think a user lives.
Standard HTTP connections
URLs start with "http://".
Secure HTTP connections
URLs that start with "https://".
Femke went to a computer lab and connected her laptop to the WiFi network. She later received an email from the lab administrator warning that the WiFi network was in fact a rogue access point. What could have occurred while she was connected to the rogue access point?
When she used her laptop to submit an online form, the rogue access point could have modified her form submission on its way to the server. Rogue can intercept a packet, change its contents, and then forward the changed packet to the website server
Internet Service Provider (ISP)
a company that provides access to the internet for a monthly fee
Active Interception
a rogue access point can also manipulate your data can read the incoming user data, modify the data however they want, and send the modified user data to the destination endpoint.
Two-factor authentication (2FA)
a security process that requires two means of identification from separate categories of credentials; usually one form of identification is a physical token (a credit card) while the other is memorized (a PIN)
HTTP Cookies
a small piece of data sent from a website and stored in a user's web browser while the user is browsing that website.
Wi-Fi Positioning System
a strategy that works well in dense, urban areas filled with Wi-Fi networks (nearly the opposite of where GPS works well)
Adware
pops up advertisements to users.
GPS receivers
record positions of multiple satellites simultaneously to determine latitude, longitude, altitude, and time
Malware
software that is intended to damage or disable computers and computer systems.
Spyware
steals data and sends it back to the malware creators.
Persistent cookies
stored on the browser-side (client-side) computer even after the browser is closed