Forms of attack on a network

  • Computers face a variety of forms of attack and they can cause a large number of issues for a network
  • The main threats posed to a network to know about are
    • Malware
    • Social engineering
    • Brute-force attacks
    • Denial of service attacks
    • Data interception & theft
    • SQL injection


What is malware?

  • Malware (malicious software) is the term used for any software that has been created with malicious intent to cause harm to a computer system
  • Examples of issues caused by malware include
    • Files being deleted, corrupted or encrypted
    • Internet connection becoming slow or unusable
    • Computer crashing or shutting down 
  • There are various types of malware and each has slightly different issues which they cause

Malware What it Does
  • A program which can replicate itself on a user's computer. It contains code that will cause unwanted and unexpected events to occur
  • Examples of issues a user may experience are
    • Corrupt files
    • Delete data
    • Prevent applications from running correctly
  • Worms are very similar to viruses, with the main difference being that they will spread to other drives and computers on the network
  • Worms can infect other computers from
    • Infected websites
    • Instant message services
    • Email
    • Network connection
  • Sometimes also called a Trojan Horse
  • Trojans disguise themselves as legitimate software but contain malicious code in the background 
  • Software which will allow a person to spy on the users' activities on their devices
  • This form of software will be embedded into other software such as games or programs that have been downloaded from illegitimate sources
  • Spyware can record your screen, log your keystrokes to gain access to passwords and more
  • A form of malware that locks your computer or device and encrypts your documents and other important files
  • Often a demand is made for money to receive the password that will allow the user to decrypt the files
  • There is no guarantee paying the ransom will result in the user getting their data back

Social Engineering

What is social engineering?

  • Social engineering is exploiting weaknesses in a computer system by targeting the people that use or have access to them
  • There are many forms of social engineering, some examples include
    • Fraudulent phone calls: pretending to be someone else to gain access to their account or their details
    • Phishing: Sending fraudulent emails to a large number of email addresses, claiming to be from a reputable company or trusted source to try and gain access to your details, often by coaxing the user to click on a login button
    • Pretexting: A scammer will send a fake text message, pretending to be from the government or human resources of a company, this scam is used to trick an individual into giving out confidential data
  • People are seen as the weak point in a system because human errors can lead to significant issues, some of which include
    • Not locking doors to computer/server rooms
    • Not logging their device when they're not using it
    • Sharing passwords
    • Not encrypting data
    • Not keeping operating systems or anti-malware software up to date

Brute-Force Attacks

What is a brute-force attack?

  • A brute force attack works by an attacker repeatedly trying multiple combinations of a user's password to try and gain unauthorised access to their accounts or devices
  • An example of this attack would be an attacker finding out the length of a PIN code, for example, 4-digits
  • They would then try each possible combination until the pin was cracked, for example
    • 0000
    • 0001
    • 0002
  • A second form of this attack, commonly used for passwords is a dictionary attack
  • This method tries popular words or phrases for passwords to guess the password as quickly as possible
  • Popular words and phrases such as 'password', '1234' and 'qwerty' will be checked extremely quickly.

Denial of Service Attacks

What is a denial of service attack?

  • A Denial of Service Attack (DOS attack) occurs when an attacker repeatedly sends requests to a server to flood the server with traffic, causing it to overload the system
  • The server will slow down to the point of becoming unusable 
  • There is also a larger-scale version of this known as a Distributed Denial of Service (DDOS) attack
  • This works in a s similar way to a DOS attack, with the main difference being that the traffic comes from multiple distributed devices in a coordinated attack on a single server/network

What is the purpose of a DOS attack?

  • A DOS attack will prevent customers from accessing or using a service
  • This will result in companies losing money and not being able to carry out their daily duties
  • A DOS attack can cause damage to a company's reputation

Data Interception & Theft

What is data interception & theft?

  • Data interception and theft is when thieves or hackers can compromise usernames and passwords as well as other sensitive data
  • This is done by using devices such as a packet sniffer
  • A packet sniffer will be able to collect the data that is being transferred on a network
  • A thief can use this data to gain unauthorised access to websites, companies and more 

SQL Injection

What is SQL?

  • Structured Query Language (SQL) is a language used to create, access and manipulate a database

What is SQL injection?

  • SQL injection is entering an SQL command into a web text field to manipulate the SQL query
  • The goal is to insert, modify or delete data from the database
  • An example of SQL injection would be a user typing in a query such as
    • SELECT UserId, Name, Password FROM Users WHERE UserId = 100 or 1=1;
    • This would return all of the User IDs, Names and passwords because 1 is always equal to 1

