Unit 4: Data Security and Integrity Processes

However, issues can arise with this method of

Terminology Definition storage/backup: Biometrics • People objecting to having to carry biometric
identity and having to show this to officials on
• If an Internet connection is lost during Biometrics is the measurement and recording of demand; there might be a worry that the police
Data integrity is a term used synchronisation then the file stored on the cloud certain physical characteristics of a person that would use this as an excuse to stop members
Data integrity to describe the accuracy and will be incomplete. can be used to uniquely and digitally identify that of particular groups (e.g. teenagers, ethnic
consistency of data. person. minorities).
• If data is corrupted when the user is working on
the client machine, then the corrupted file may Examples of biometric data • The facial recognition database could allow
A checksum is a calculated be synchronised by the cloud. officials to carry out unauthorised surveillance
item that is used to check that Relevant biometric data might include: by monitoring CCTV pictures.
checksum • If a file is used across many devices, there
stored data matches the data may be mismatches in data stored across the • facial recognition data - measurements of the • Possible errors in the system, (e.g. through
entered. devices and that stored online. distances between key points on the face, e.g. misidentifying persons in poorly lit street fol-
eyes, nose, ears lowing a crime).
Cryptography is a process Cryptography • fingerprint data - patterns of whirls and loops in
Malicious software and
Cryptography where text is converted into the fingerprint pattern
Cryptography is the science of protecting informa-
unintelligible code and back
again. tion by transferring it into a format that is unintel- • iris scan data - colour pattern of the iris at the mechanisms of attack and
ligible. This process is called encryption and has front of the eye defence
Biometrics uses physical been in use, manually, for thousands of years. • hand geometry – identifies users by the shape Malicious software
Biometrics characteristic to uniquely One of the best-known methods is called The Cae- of their hand
identify a person attempting to In cybersecurity, a vector is a pathway or means
sar Cypher. Caesar used a very simple cipher of • palm vein – patterns of the blood vessels in by which an attacker can gain unauthorised ac-
access a computer system. moving letters along by an offset. their palms cess to a computer system to introduce malicious
Malware is a term used to In the diagram an offset of two has been used so • signature recognition – characteristic writing software.
describe a wide range of that A becomes C and B becomes D etc. The word style
Common attack vectors include malware, viruses,
Malicious malicious software. Malicious ‘bag’ would become ‘dci’. Ciphers that use this • voice pattern recognition – characteristic email attachments, web pages, pop-ups and text
software software is software created method are known as rotational ciphers. As long frequencies of spoken sounds messages.
to cause damage to data and as the offset is known, the message can be coded
computer systems. and decoded. The offset, which in this case is 2, is • human gait – the way they walk Types of Malware
known as the key. • ear canal • Virus – a virus is malicious software attached
Hacking describes a • body odour identification. to a document or file that supports macros to
This is a very simple cipher and may have be
situation where an run the code that allows the virus to spread
Hacking sufficient for the Romans, but modern ciphers are Biometric data can allow access to a secure area
unauthorised person attempts from computer to computer. The virus will not
computerised and very complex indeed. or computer system, as follows:
to enter a computer system. run until the document or file is opened. Virus-
• Data capture (e.g. by photography or scanning). es are designed to disrupt the operation of the
Data integrity • The data would be digitised and stored on a computer; they can stop a computer running
and can cause data loss.
database.
Data integrity maintains the accuracy and • Worm – a worm is malicious software that
constancy of data. For example, a well-designed • During access, data would again be captured
and compared to the reference record stored in replicates itself and will spread to any machine
database will enforce data integrity wherever in a network. Unlike viruses, worms do not
possible. This is achieved through the use of Cryptography is now used to protect digital data the database.
need to be attached to a file to run. A worm
validation rules and double entry of data. by translating the data into a format that cannot • A decision would be made, based upon the infects a computer by being downloaded or
Many users, from individuals to large corporate be accessed by unauthorised users. Very complex comparison. over a network connection. It will also disrupt a
networks, make use of cloud storage. The use of algorithms are used to encrypt the data. Some people may have reservations about the use machine or network and can cause data loss.
this type of storage introduces issues in terms of There are two types of encryption: of such personal data. These reservations could • Spyware – spyware is malicious software that
data integrity. • Symmetric encryption uses only one key include:
runs secretly on a computer, unknown to the
When users save to the cloud, (online) providers that is used both to encrypt and decrypt the • Inconvenience and intrusion of privacy in
use a range of measures to ensure the security user. Rather than disrupting a computer or
data.The sender must send the message and having to be photographed/fingerprinted.
and safety of the stored data: the key to the receiver, although they will not be causing data loss, spyware seeks out sensitive
sent together. • Cost of the system, e.g. in increasing the fee information and allows unauthorised users
• Use of RAID technology
• Asymmetric encryption is also known as that individuals will have to pay for a biometric access to financial and personal information.
• Retention of multiple versions of files passport. This allows the unauthorised user access to
• Checksums to ensure data integrity public key encryption. It uses two keys, one to
encrypt the data and one to decrypt the data. bank details and sufficient information about
• Synchronisation across users’ devices and the
The keys are separate but mathematically the user to carry out frauds.
cloud storage.
connected.
 Unit 4: Data Security and Integrity Processes
• Trojans – trojans are malicious software • IP spoofing – IP address spoofing involves • Use the latest versions of web browsers - As White Hat Hacking - Not all hackers have
that are disguised as being useful software an attacker changing the IP address of a legit- with operating systems, the manufacturers of malicious intentions when they
that the user may want to install on a user’s imate host so that a visitor who types in the web browsers seek to continually improve their attempt to hack into a computer
computer. The virus will attempt to access URL of a legitimate site is taken to a fraudulent products and remove possible security vulner- system.
sensitive data and can modify or delete or spoofed web page. The attacker can then abilities. Most browsers will download updates
use the hoax page to steal sensitive data, such automatically but will need a restart for the Hackers who use their skills to protect computer
data. Trojans do not attempt to replicate
as a credit card number, or install malware. update to be installed. systems and networks are called ‘white hat’
themselves but can cause significant
hackers. White hat hackers target organisation’s
damage to the performance of a computer • Social engineering – internet users frequent- Identifying vulnerabilities systems to gain unauthorised access. However,
system. ly receive messages that request password
or credit card information to “set up their ac- Footprinting their aim is to identify weaknesses in the
• Ransomware – ransomware is malicious This is the first step in the evaluation of the organisation’s network security.
count”. Social engineering involves tricking a
software that attempts to gain access to user into giving out sensitive information such security of any computer system. It involves
sensitive data within a computer system. The Organisations employ white hat hackers to stress
as a password, by posing as a legitimate sys- gathering all available information about the test their systems. They run scans on the system
data will be encrypted by the ransomware tem administrator. Social engineering includes computer system or network and the devices that
so the user cannot access it. The owner of for malware and attempt to hack into the network
phishing and pharming, where users are un- are attached to it.
the ransomware will then demand payment knowingly re-directed to a fake website, again using conventional hacking strategies. They may
Footprinting should enable a penetration tester even try to trick staff into clicking on links that in
from the computer user to allow them access with the intention of committing identity theft.
to discover how much detail a potential attacker real life would release malware into the system.
to their own data. Ransomware is often
delivered as part of a phishing process.
Protection against malware could find out about a system and allow an The identification of these vulnerabilities allows
• Install virus protection software, also called organisation to limit the technical information an organisation to strengthen their security and to
Forms of cyberattack anti-virus software - each virus has its own about its systems that is publicly available. limit down time and potential data loss.
• Shoulder surfing – using direct observation unique ‘signature’ that is known to virus Penetration testing -This is a subset of
to get information. It is relatively simple to
Black Hat Hacking - Black hat hackers
protection software and stored in a database. ethical hacking that deals with the process of attempt to gain access to a
stand next to someone and watch as they Data stored on a computer system is scanned testing a computer system, or network, to find computer network with malicious
fill out a form or enter a PIN number, but to see if any of the virus signatures within the vulnerabilities an attacker could exploit. The tests intent. A black hat hacker has no
shoulder surfing can also be carried out long database exist on the system. There are many can be automated with software applications or permission to access the network
distance with the aid of binoculars or even thousands of known viruses, and new viruses they can be performed manually. that they are attacking.
CCTV. are created daily. Virus protection software
Penetration testing strategies include: Black hat hackers attempt to inflict damage
• SQL injection – a technique where malicious therefore needs to be updated regularly to
• targeted testing – testing carried out by the to organisations by compromising security
users can inject SQL commands into an SQL combat these.
organisation’s ITC team and the penetration systems, corrupting and deleting data, altering
statement via webpage input. Injected SQL • Use a firewall - A firewall can be a software or testing team working together the function of websites and networks or shutting
commands can alter SQL statements and hardware security system that controls the • external testing - to find out if an outside down systems. The hackers often gain access
compromise the security of information held incoming and outgoing network traffic. Packets attacker can get in and how far they can get in to passwords, financial information and other
in a database. of data are analysed to determine whether they once they have gained access personal data that they would be able to use for
• Password-based attacks – Cyber criminals should be allowed through or not. • internal testing - to estimate how much their own financial benefit.
have ways of finding out your password: • Keep your operating system up to date - New damage a dissatisfied employee could cause
• Dictionary attack - This uses a simple file ways to bypass the operating system’s built- • blind testing - to simulate the actions and Protecting software systems - secure
containing words found in a dictionary. in security are often discovered and can be procedures of a real attacker by severely by design
This attack uses exactly the kind of words covered by installing the security patches limiting the information given to the team
This is an approach that seeks to make software
that many people use as their password. issued by the operating system manufacturer. performing the test.
systems as free of vulnerabilities as possible,
• Brute force attack - Similar to the
dictionary attack but able to detect
Hacking through such measures as continuous testing and
INTERESTING FACT A hacker is the name given to a person who breaks adherence to best programming practices. At the
non-dictionary words by working through design stage, malicious practices are taken for
In May 2017 the NHS was attacked by passwords and codes to gain unauthorised access
all possible alphanumeric combinations granted and it is assumed that the new system
the WannaCry virus (WanaCrypt0r 2.0/ to a computer system or network.
from aaa1 to zzz10. will have invalid data entered or will be the subject
• Guess - A user-generated password is WCry). This infection held user files Ethical hacking - This is carried out with of hacking attempts. These issues are taken
unlikely to be random. Passwords are at ransom. It happened because NHS the permission of the system owner to cover all into account and security measures are taken
likely to be based upon our interests, systems were still using Windows XP computer attack techniques. An ethical hacker to ensure security is not an afterthought. This
hobbies, pet names, family names etc. which had gone out of date in 2014. attempts to bypass system security and search reduces the need for addressing vulnerabilities
Educated guesses often work. for any weak points that could be exploited by and patching security holes as they are discovered
malicious hackers. This information is then used in use.
by the system owner to improve system security.