CYBERSECURITY - A WORLD OF EXPERTS AND CRIMINALS Flashcards
(39 cards)
This group of criminals breaks into computers or networks to gain access for various
reasons
Hackers
attackers break into networks or computer systems to discover weaknesses in order to
improve the security of these systems.
White hat
attackers are somewhere between white and black hat attackers. The gray hat attackers may
find a vulnerability and report it to the owners of the system if that action coincides with their agenda.
Gray hat
attackers are unethical criminals who violate computer and network security for personal gain,
or for malicious reasons, such as attacking networks.
Black Hat
- Teenagers or hobbyists mostly limited to pranks and vandalism, have little or
no skill, often using existing tools or instructions found on the Internet to launch attacks.
Script Kiddies
Grey hat hackers who attempt to discover exploits and report
them to vendors, sometimes for prizes or rewards.
Vulnerability Brokers
Grey hat hackers who rally and protest against different political and social
ideas. Hacktivists publicly protest against organizations or governments by posting articles,
videos, leaking sensitive information, and performing distributed denial of service (DDoS)
attacks.
Hacktivists
These are black hat hackers who are either self-employed or
working for large cybercrime organizations.
Cyber Criminals
Depending on a person’s perspective, these are either
white hat or black hat hackers who steal government secrets, gather intelligence, and
sabotage networks. Their targets are foreign governments, terrorist groups, and
corporations
State Sponsored Hackers
is a weakness that makes a target susceptible to an attack
Cyber vulnerability
recognize the threat that data poses if used against people
Cybersecurity specialists
is the possibility that a harmful event, such as an attack, will occur
cybersecurity threat
are particularly dangerous to certain industries and the type of
information they collect and protect
Cyber threats
possess the insight to recognize the influence of data and
harness that power to build great organizations, provide services and protect people
from cyberattacks
- Cybersecurity specialists
are an example of Information Security
Management Standards. The standards provide a framework for implementing
cybersecurity measures within an organization.
ISO 27000 standards
The following examples are just a few sources of data that can come from established
organizations:
Personal Information
Medical Records
Education Records
Employment and Financial Records
Criminals use _______-______ tools to capture data streams over a network. Packet
sniffers work by monitoring and recording all information coming across a network.
Packet Sniffing Tools
interferes with an established network
communication by constructing packets to appear as if they are part of a communication.
Packet Injection
An internal user, such as an employee or contract partner, can accidently or intentionally
Internal Security Threats
Big data is the result of data sets that are large and complex, making traditional
data processing applications inadequate
Impact of Big Data
Big data poses both challenges and opportunities based on three
dimensions:
The amount of data
The speed of data
The range of data types and sources
is a continuous computer hack that occurs under the radar against a specific object. Criminals usually
choose an APT for business or political motives.
Advanced Persistent Threat
can track system self-reporting data, like how much energy a computer is using, and use that information to select
targets or trigger false alerts
Algorithm Attacks
are more devious because they exploit designs used to improve energy savings,
decrease system failures, and improve efficiencies.
Algorithm Attacks
