4.1.3 Computer Misuse Act Flashcards
Fill The Blank:
The original focus of the CMA was to …………………. the act of accessing or ……………….. data stored on a computer system without appropriate consent or ……………….
Criminalise, Modifying, Permission
FIll The Blank:
Over time where the use of computers and ways to access ……../systems has increased there has been many ………………… to the CMA
Data, Amendments
State:
Why it is good that the CMA does not provide a definition of ‘computers’
Because a definition could quickly become outdated because of constant evolution
State:
3 original sections of the CMA
- Unauthorised access to computer material
- Unaurhtorised access to computer materials with intent to commit a further crime
- Unauthorised modification of data
State:
What 2 sections were added to the CMA later in 2006 and 2015
- Making supplying and obtaining any articles for use in a malicious act using a computer
- Unauthorised acts causing or creating risk of serious damage
Define:
Hacking
Examples of Offences
Finding weaknesses in an established system and exploiting them - a computer hacker finds weaknesses in a computer system
State:
3 examples of motivation for hackers
Examples of Offences
- Profit
- Protest
- Challenge
Define:
White hat hackers
Examples of Offences
Where hacker is given permission to hack into systems to identify any loopholes or vulnerabilities and tell the system owner. Because this is done with permission, it is legal.
Define:
Grey hat hackers
Examples of Offences
Where the hacker hacks into computer systems for fun or to troll but does not have malicious intent towards the computer systems - if they find a weakness, they may offer to fix the vulnerability for a fee
Define:
Black hat hackers
Examples of Offences
Where the hacker hacks into a computer system with malicious intent - stealing, exploiting stolen or seen data or selling the data
Fill The Blank:
British …………… suffered a hacking attack between ………………… and ……………………. in 20…. which led to a data breach with …… million customers affected - limited to the people who booked flights between these dates. This worked by redirected users to a ……….. site to enter the card details which were stolen by the attacker
Examples of Offences
Airways, August, September, [20]18, Fake
State:
The three categories which threats can be divided into
Threats
- DDoS
- Malware (including viruses)
- Social engineering
Explain:
DDoS attack
Threats
Attempt to make a computer or network system unavailable to users by flooding it with network traffic. A DDoS is usually focused on preventing internet website or service from either functioning efficiently, or at all. This may temporarily or indefinitely.
Explain:
Why adware is used and how it works
Threats - Malware
- Generates revenue for its author
- Any software package which automatically shows adverts, such as a pop-up, or may also be in the UI of a software package
Explain:
Why bot/botnets are used and how they work
Threats - Malware
- Bots take control of a computer system
- Type of malware that allows a cyber-security attacker to take control of a computer system that has been infected without the user’s knowledge and can result in a botnet which is an interconnected network of infected computer systems
Explain:
Why bugs are used and how they work
Threats - Malware
- Bugs areconnected to software and are the flaws that produce an unwanted outcome
- Usually result of human error during coding and can be fixed by the software creator issuing fixes or patches; security patches are the most severe and can result in attackers bypassing security
Explain:
Why ransomware is used and how it works
Threats - Malware
- Holds a system captive and demands a ransom to release it
- Restrict user access to the system by encrypting files or locking down the computer system; message usaully displayed to force user to give ransom
- Can be spread by a worm and can be started by downloading an infected file or by a vulnerability in the computer system
Explain:
Why rootkits are used and how it works
Threats - Malware
- Designed to remotely access or control a computer system without being detected by the security software or the users
- When a rootkit has been installed, it can enable an attacker to remotely access files, access/steal data and information, modify software configs, control the computer system as part of a botnet
Explain:
Why spyware is used and how it works
Threats - Malware
- Collect data from an infected computer (inc. personal info from websites)
- Usually hidden from user, and can be difficult to detect, and could be keyloggers or install additional software or redirect web browsers to different websites
Explain:
Why trojan horses are used and how they work
Threats - Malware
- Standalone malicious program designed to give full control of an infected PC to another (attacker) PC
- Often appear to be something which is wanted or needed by a user and can be hidden in valid programs and software; make copies of themselves, steal information or harm host computer
Explain:
Why viruses are used and how they work
Threats - Malware
- Virus attempts to make a computer system unreliable
- Computer program that replicates iteself and spreads from computer to computer; increase chances of spreading to other computers by infecting files on a network file system or file system that is accessed by other computers
Explain:
Why worms are used and how they work
Threats - Malware
- Standalone computer program that replicates itself so it can spread to other computers
- Worm can use a computer network to spread, unlike a computer virus it does not need to attach iself to an existing program - almost always cause some harm to a network
Explain:
Briefly, how to mitigate adware
Threats - Malware
- Install, run and keep updaed a security software package
- Do not open an files from an unkown source
- Do not click any links in an email
Explain:
Briefly, how to mitigate bot/botnet
Threats - Malware
- Install run and keep updated a security softwae package
- Do not open any files from an unkown source
- Do not click any links in an email
