Presentation is loading. Please wait.

Presentation is loading. Please wait.

TECHNOLOGY IN ACTION Chapter 9

Published byWhitney Owen Modified over 5 years ago

Similar presentations

Presentation on theme: "TECHNOLOGY IN ACTION Chapter 9"— Presentation transcript:

1 TECHNOLOGY IN ACTION Chapter 9
Alan Evans * Kendall Martin * Mary Anne Poatsy Chapter 9 In this chapter we explore how you can protect your system and yourself from various types of cybercrime. Securing Your System: Protecting Your Digital Data and Devices

2 Threats to Your Digital Assets
Identity Theft and Hackers Computer Viruses Online Annoyances and Social Engineering In this section, several key concepts about threats to your digital assets will be evaluated. These include: Identify Theft and Hackers, Computer Viruses, and Online Annoyances and Social Engineering.

3 Identity Theft and Hackers
Objectives 9.1 Describe how identity theft is committed and the types of scams identity thieves perpetrate. 9.2 Describe the different types of hackers and the tools they use. The two objectives involved in understanding identity theft and hackers are: 9.1 Describe how identity theft is committed and the types of scams identity thieves perpetrate. 9.2 Describe the different types of hackers and the tools they use.

4 Computer Viruses Objectives
9.3 Explain what a computer virus is, why it is a threat to your security, how a computing device catches a virus, and the symptoms it may display. 9.4 List the different categories of computer viruses, and describe their behaviors. The two objectives involved in understanding computer viruses are: 9.3 Explain what a computer virus is, why it is a threat to your security, how a computing device catches a virus, and the symptoms it may display. 9.4 List the different categories of computer viruses, and describe their behaviors.

5 Online Annoyances and Social Engineering
Objectives 9.5 Explain what malware, spam, and cookies are and how they impact your security. 9.6 Describe social engineering techniques, and explain strategies to avoid falling prey to them. The two objectives involved in understanding online annoyances and social engineering are: 9.5 Explain what malware, spam, and cookies are and how they impact your security. 9.6 Describe social engineering techniques, and explain strategies to avoid falling prey to them.

6 Identity Theft and Hackers
Cybercrime Cybercriminals Common types of cybercrimes Cybercrime is any criminal action perpetrated primarily through the use of a computer. Cybercriminals are individuals who use computers, networks, and the Internet to perpetrate crime. Four common categories of complaints received were FBI-related scams, identity theft, nonauction/non-delivery of merchandise, and advance fee fraud. Although the top four complaints all relate to some type of fraud, other complaints received involved equally serious matters such as computer intrusions—hacking—child pornography, and blackmail.

7 OWASP: Open Web Application Security Project
Worldwide not-for-profit charitable organization Focused on improving the security of software Issues software tools and knowledge-based documentation on application security The OWASP Top 10 provides: A list of the 10 Most Critical Web Application Security Risks

8 Identity Theft and Hackers Identity Theft (Objective 9.1)
Occurs when a thief steals personal information and poses as you Most financially damaging cybercrime for individuals Types of scams Counterfeiting credit and debit cards Requesting changes of address Opening new credit cards Obtaining medical services Buying a home Identity theft occurs when a thief steals personal information and poses as you. It is the most financially damaging cybercrime for individuals. Types of scams include: Counterfeiting credit and debit cards. Requesting changes of address. Opening new credit cards. Obtaining medical services. Buying a home.

9 Identity Theft and Hackers Hacking (1 of 4) (Objective 9.2)
Defined as anyone who unlawfully breaks into a computer system Types of hackers White-hat (ethical hackers) Black-hat hackers Grey-hat hackers Packet analyzer (sniffer) Keylogger A hacker is most commonly defined as anyone who unlawfully breaks into a computer system. Hackers may be identified as: White-hat hackers break into systems for nonmalicious reasons such as to test system security vulnerabilities or to expose undisclosed weaknesses. Black-hat hackers break into systems to destroy information or for illegal gain. Grey-hat hackers illegally break into systems to flaunt their expertise or to attempt to sell their services in repairing security breaches. A packet analyzer (sniffer) is a program deployed by hackers that looks at (or sniffs) each packet as it travels on the Internet. A keylogger is a program that captures all keystrokes made on a computer.

10 Identity Theft and Hackers Hacking (2 of 4) (Objective 9.2)
Trojan horses appear to be useful but run malicious code Backdoor programs and rootkits allow hackers to gain access to your computer Zombies are computers that a hacker controls A Trojan horse is a program that appears to be something useful or desirable, but does something malicious in the background without your knowledge. Backdoor programs and rootkits are programs that allow hackers to gain access to your computer and take almost complete control of it without your knowledge. A computer that a hacker controls is referred to as a zombie. Zombies are often used to launch denial-of-service attacks on other computers.

11 Identity Theft and Hackers Hacking (3 of 4) (Objective 9.2)
Denial-of-Service Legitimate users are denied access to a computer system System shuts down to refuse requests for information. DDoS: Distributed DoS Attacks from many zombie computers Botnet (large group of software running on zombie computers) In a denial-of-service attack, legitimate users are denied access to a system because a hacker is repeatedly making requests of that system through a computer the hacker has taken over as a zombie. A computer can handle only a certain number of requests for information at one time. When it is flooded with requests, it shuts down and refuses to answer any requests for information, even if the requests are from a legitimate user. A distributed denial-of-service (DDoS) attack, launches DoS attacks from more than one zombie at the same time. A botnet is a large group of software running on zombie computers.

12 Identity Theft and Hackers Hacking (4 of 4) (Objective 9.2)
Exploit kits - software that runs on servers searching for vulnerabilities Logical ports are virtual, not physical, communications paths Install Firewall Exploit kits are software programs that run on servers searching for vulnerabilities. Logical ports are virtual, not physical, communications paths.

13 Computer Viruses Virus Basics (Objective 9.3)
Program that attaches to another computer program to spread to other computers Main purpose - replicate itself and copy its code into as many other host files as possible Secondary objectives can be destructive Smartphones, tablets, and other devices can be infected with viruses Independent of OS platform A virus is a program that attaches to a computer program to spread to other computers. Their main purpose is to replicate itself and copy its code into as many other host files as possible. Secondary objectives can be destructive. Smartphones, tablets, and other devices can be infected with viruses.

14 Computer Viruses Virus Basics: Sources
Downloading infected files Shared flash drives Viewed in “preview” panes attachments

15 Computer Viruses: Virus Symptoms
Existing program icons or files suddenly disappear Unusual home page New toolbars Odd messages, pop-ups, or images Data files become corrupt Programs stop working properly System slows down or takes a long time to boot up

16 Computer Viruses: Types of Viruses
Viruses can come in many types, including: Boot sector viruses. Logic Bombs and Time Bombs. Worms. Script and macro viruses. viruses. Encryption viruses. Figure 9.7 summarizes the major types of viruses.

17 Computer Viruses: Types of Viruses
Boot sector viruses: activate during Boot process. Logic Bombs: activate when certain conditions or event occurs Time Bombs: triggered by a specific time and/or date Worms: can activate when files are transported. Work independent of other programs. Spread through networks to overload communications and slow/take down the network. Script: mini-program on websites that infect your computer with a virus. Macro virus: attach to documents that include a macro (small set of application commands) viruses: distributed by using an address book Encryption viruses (sometimes known as Ransomware)

18 Computer Viruses: Types of Viruses
Classified by methods used to avoid detection Polymorphic viruses changes their code or periodically rewrites themselves to avoid detection Multipartite viruses are designed to infect multiple file types Stealth viruses temporarily erase their code from the files where they reside and hide in active memory Viruses can be classified by the methods they take to avoid detection: A polymorphic virus changes its code to avoid detection. Most polymorphic viruses infect a particular type of file. A multipartite virus is designed to infect multiple file types in an effort to fool the antivirus software that is looking for it. Stealth viruses temporarily erase their code from the files where they reside and hide in the active memory of the computer.

19 Preventing Virus Infections
Popular antivirus software Symantec - Norton Kaspersky AVG McAfee

20 Online Annoyances and Social Engineering Online Annoyances
Malware has malicious intent Adware displays sponsored advertisements Spyware is an unwanted piggy-back program Transmits information Tracking cookies Keystroke logge Malware is software that has a malicious intent. Adware displays unsponsored advertisements. Spyware is an unwanted program that downloads with other software from the Internet and runs in the background. Spyware transmits information about you. Many spyware programs use tracking cookies. A keystroke logger program monitors keystrokes. Other anti-spyware programs are easy to install and update.

21 Online Annoyances and Social Engineering Online Annoyances: Spam
Spam (junk ) Tactics to minimize spam (spam filter) Spam is unwanted or junk . There are several ways to help avoid spam: Create a free address Spam filters Buy third-party programs Reclassify s that have been misidentified as spam

22 Online Annoyances and Social Engineering Online Annoyances: Cookies
Cookies are small text files received when you visit a website Help companies determine the effectiveness of their marketing Do not search your hard drive for personal information May invade your privacy Pose no security threat Cookies are small text files that some websites automatically store on your hard drive when you visit them. Companies use this information to determine the traffic flowing through their website and the effectiveness of their marketing strategy. Cookies do not go through your hard drive in search of personal information. The main concern is that advertisers will use this information indiscriminately, thus invading your privacy. Cookies pose no security threat because it is virtually impossible to hide a virus or malicious software program in a cookie.

23 Online Annoyances and Social Engineering Social Engineering
Social engineering is any technique using social skills to generate human interaction Entices individuals to reveal sensitive information Pretexting involves creating a scenario that sounds legitimate to gain trust and personal information Social engineering is any technique using social skills to generate human interaction with the purpose of enticing individuals to reveal sensitive information. Pretexting involves creating a scenario that sounds legitimate.

24 Online Annoyances and Social Engineering Social Engineering
Phishing Luring people into revealing information Pharming Malicious code planted on your computer to gather information Guidelines to avoid schemes Phishing lures Internet users to reveal personal information. Pharming occurs when malicious code is planted on your computer. These guidelines help to avoid such schemes: Never reply directly to any asking for personal information. Don’t click on a link in an . Check with the company asking for information. Never give personal information over the Internet unless you know the site is secure. Use phishing filters. Use Internet security software that’s constantly being updated.

25 Online Annoyances and Social Engineering Social Engineering: Scareware
Type of malware that attempts to convince you something is wrong … and to pay money to fix it Scareware is a type of malware that downloads onto your computer and tries to convince you that your computer is infected with a virus or other type of malware. You’re then directed to a website where you can buy fake removal or antivirus tools that provide little or no value. Scareware is a social engineering technique because it uses people’s fear of computer viruses to convince them to part with their money.

26 Preventing Virus Infections: Antivirus Software
If computer is infected Boot up using antivirus installation/repair disc Virus is detected Research it Websites contain archives on viruses If you think your computer is infected with a virus, boot up your computer using the antivirus installation disc. This should prevent most virus programs from loading and will allow you to run the antivirus software directly from your disk drive. (Note: If you download your antivirus software from the Internet, copy it to a DVD in case you have problems in the future.) If the software does detect viruses, you might want to research them further to determine whether your antivirus software will eradicate them completely or whether you’ll need to take additional manual steps to eliminate the viruses. Most antivirus company websites, such as the Symantec site, contain archives of information on viruses and provide step-by-step solutions for removing them.

27 Preventing Virus Infections: Antivirus Software
Smartphones and other mobile devices are susceptible to viruses Antivirus software for mobile devices is available Trend Micro’s Mobile Security for Android Because smartphones and other mobile devices run operating systems and contain files, they are susceptible to infection by viruses. Cybercriminals are now hiding viruses in legitimate-looking apps for download to mobile devices. Most antivirus software companies now offer antivirus software specifically designed for mobile devices, such as Lookout Mobile Security, which Samsung is now installing on its Android phones.

28 Preventing Virus Infections: Software Updates
Be sure to update OS with latest security patch(es) Drive-by downloads Virus downloaded from malicious website Windows operating system Automatic update utility: Windows Update Many viruses exploit weaknesses in operating systems. Malicious websites can be set up to attack your computer by downloading harmful software onto your computer. According to research conducted by Google, this type of attack, known as a drive-by download, affects almost 1 in 1,000 web pages. To combat these threats, make sure your OS is up to date and contains the latest security patches. You can update your Windows OS with an automatic update utility called Windows Update. When you enable automatic updates, your computer searches for updates on the Microsoft website every time it connects to the Internet. Mac OS X has a similar utility for gathering updates.

29 Preventing Virus Infections: Software Updates
Default option in Windows Receive updates automatically Other options available The default option in Windows is to receive updates automatically. There are several other options you can choose from in Windows. The following are noteworthy: Option 1: Install updates automatically. Selecting this option will automatically download and install updates at a time you have specified. We strongly recommend that you select this option. Option 2: Check for updates but let me choose whether to download and install them. This is an appropriate choice only if you have low-bandwidth Internet access. Because downloads over dial-up can take a long time, you need to control when they will occur. But you need to be extra vigilant with this option because you might forget to install important updates. Option 3: Give me recommended updates. This option ensures you receive recommended (optional) updates as well as critical (necessary) updates. Option 4: Microsoft Update. This option ensures you receive updates for other Microsoft products besides Windows, such as Microsoft Office. If you keep both your antivirus and OS software up to date, you’ll help prevent viruses from infecting your computer.

30 Protecting Your Digital Property
Restricting Access to Your Digital Assets Keeping Your Data Safe Protecting Your Physical Computing Assets In this section, several key concepts about mobile devices will be evaluated. These include Restricting Access to Your Digital Assets, Keeping Your Data Safe, and Protecting Your Physical Computing Assets.

31 Restricting Access to Your Digital Assets
Objectives 9.7 Explain what a firewall is and how a firewall protects your computer from hackers. 9.8 Explain how to protect your computer from virus infection. 9.9 Describe how passwords and biometric characteristics can be used for user authentication. 9.10 Describe ways to surf the web anonymously. The four objectives involved in understanding how to restrict access to your digital assets are: 9.7 Explain what a firewall is and how a firewall protects your computer from hackers. 9.8 Explain how to protect your computer from virus infection. 9.9 Describe how passwords and biometric characteristics can be used for user authentication. 9.10 Describe ways to surf the web anonymously.

32 Keeping Your Data Safe Objectives
9.11 Describe the types of information you should never share online. 9.12 List the various types of backups you can perform on your computing devices, and explain the various places you can store backup files. The two objectives involved in understanding how to keep your digital data safe are: 9.11 Describe the types of information you should never share online. 9.12 List the various types of backups you can perform on your computing devices, and explain the various places you can store backup files.

33 Protecting Your Physical Computing Assets
Objectives 9.13 Explain the negative effects environment and power surges can have on computing devices. 9.14 Describe the major concerns when a device is stolen and strategies for solving the problems. The two objectives involved in understanding how to protect your physical computing assets are: 9.13 Explain the negative effects environment and power surges can have on computing devices. 9.14 Describe the major concerns when a device is stolen and strategies for solving the problems.

34 Restricting Access to Your Digital Assets Firewalls
Firewall—hardware/software Network Address Translation (NAT) Windows and macOS include firewalls Security suites include firewall software A firewall is a software program or hardware device designed to protect computers from hackers. Both Windows and macOS include reliable firewalls. The Windows Action Center is a good source of information about the security settings on your computer, including the status of your firewall. Security suites such as Norton Internet Security, McAfee Internet Security, and ZoneAlarm Internet Security Suite also include firewall software.

35 Restricting Access to Your Digital Assets Firewalls
Packet filtering Filter out packets sent to logical ports Logical port blocking Completely refuses requests from the Internet asking for access to specific ports Firewalls can be configured so that they filter out packets sent to specific logical ports in a process known as packet filtering. Firewalls can also be configured to completely refuse requests from the Internet asking for access to specific ports in a process known as logical port blocking. Figure 9.17 illustrates some logical port numbers and the services they are associated with.

36 Restricting Access to Your Digital Assets Preventing Virus Infections
Antivirus software Detects viruses and protects your computer If computer is infected Boot up using antivirus installation/repair disc Virus detected Research it Websites contain archives on viruses Popular programs Symantec-Norton Kaspersky AVG McAfee Antivirus software is specifically designed to detect viruses and protect your computer and files from harm. Symantec, Kaspersky, AVG, and McAfee are among the companies that offer highly rated antivirus software packages.

37 Restricting Access to Your Digital Assets Preventing Virus Infections
Virus signature Portion of the virus code that’s unique to a particular computer virus Quarantining Placing virus in a secure hard drive area so it won’t spread to other files Inoculation Records key attributes about your computer files and keep stats in secure place preventing future infection A virus signature is a portion of the virus code that’s unique to a particular computer virus. Quarantining involves placing virus in a secure area so it won’t spread to other files. During inoculation, key attributes about your computer files are recorded and keep stats in secure place.

38 Restricting Access to Your Digital Assets Authentication: Passwords and Biometrics
Need strong passwords Password strength tests : Password Meter Operating systems have built-in password protection Managing passwords Strong passwords are difficult for someone to guess. There are many password generators available for free, such as the Strong Password Generator. You can use online password strength testers, such as the Password Meter, to evaluate your passwords. To restrict access to your computer, Windows, macOS, and most other operating systems have built-in password (or passcode) protection for files as well as the entire desktop. Password-management tools are now available to help recall the passwords used.

39 Restricting Access to Your Digital Assets Authentication: Passwords and Biometrics
Fingerprint Iris pattern in eye Voice authentication Face pattern recognition Provide a high level of security A biometric authentication device is a device that reads a unique personal characteristic such as a fingerprint or the iris pattern in your eye and converts it to a digital code. Because no two people have the same biometric characteristics, these devices provide a high level of security. Other biometric devices, including voice authentication and facial recognition systems, are now widely offered in notebook computers, tablets, and smartphones.

40 Restricting Access to Your Digital Assets Anonymous Web Surfing: Hiding from Prying Eyes
Privacy tools Private Browsing InPrivate Incognito Portable privacy devices IronKey Personal Flash Drives Virtual private networks (VPNs) Secure networks that are established using the public Internet infrastructure Privacy tools connected with web browsers include: Private Browsing. InPrivate. Incognito. Portable privacy devices are available, for example: IronKey Personal Flash Drives. Virtual private networks (VPNs) are secure networks that are established using the public Internet infrastructure.

41 Keeping Your Data Safe Protecting Your Personal Information
Reveal as little information as possible In Facebook change your privacy settings Reveal as little information as possible in social media. In Facebook change your privacy settings. Figure 9.30 shows Internet Information-Sharing precautions.

42 Keeping Your Data Safe Backing Up Your Data
Backups are copies of files used to replace the originals if they’re lost or damaged Files to backup Data files Program files Types of backups Full Incremental Image Backups are copies of files used to replace the originals if they’re lost or damaged. Files to backup include: Data files. Program files. Types of backups include: Full. Incremental. Image.

43 Keeping Your Data Safe Backing Up Your Data
Figure 9.32 shows a comparison of various backup locations.

44 Protecting Your Physical Computing Assets Environmental Factors and Power Surges
Old or faulty wiring Downed power lines Lightning strikes Malfunctions at electric company substations Surge protector Replace every 2–3 years Use with all devices that have solid-state components Power surges occur when an electrical current is supplied in excess of normal voltage. Old or faulty wiring, downed power lines, malfunctions at electric company substations, and lightning strikes can all cause power surges. A surge protector protects your computer. Replace surge protectors every 2–3 years or after a major surge. All electronic devices that have solid-state components, such as TVs, stereos, printers, and cell phones should be connected to a surge protector.

45 Protecting Your Physical Computing Assets Preventing and Handling Theft
Three main security concerns with mobile devices: Keeping them from being stolen Keeping data secure in case they are stolen Finding a device if it is stolen You have three main security concerns with mobile devices: Keeping them from being stolen. Keeping data secure in case they are stolen. Finding a device if it is stolen.

46 ? Questions

47 Copyright All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America.

Download ppt "TECHNOLOGY IN ACTION Chapter 9"

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Ninth Edition Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall.

Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Ninth Edition Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.

1 Protecting Your Computer Internet Annoyances (Already done in Chapter 3) Spam Pop-ups Identity theft phishing hoaxes Spyware.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
1 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses Networking fundamentals Network architecture Network components.

1 Networking and Security: Connecting Computers and Keeping Them Safe from Hackers and Viruses Networking fundamentals Network architecture Network components.
Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Eleventh Edition Copyright © 2015 Pearson Education, Inc.

Technology in Action Alan Evans Kendall Martin Mary Anne Poatsy Eleventh Edition Copyright © 2015 Pearson Education, Inc.
Viruses & Destructive Programs

Viruses & Destructive Programs
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
1. 2 Technology in Action Chapter 9 Securing Your System: Protecting Your Digital Data and Devices Copyright © 2012 Pearson Education, Inc. Publishing.

1. 2 Technology in Action Chapter 9 Securing Your System: Protecting Your Digital Data and Devices Copyright © 2012 Pearson Education, Inc. Publishing.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.

1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.
1 Chapter 9 - Protecting Digital Data, Devices Computer virus types Protecting computers from viruses Hackers Firewalls Passwords (skip) Malware, Spyware.

1 Chapter 9 - Protecting Digital Data, Devices Computer virus types Protecting computers from viruses Hackers Firewalls Passwords (skip) Malware, Spyware.
1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.

1 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Cyber Crimes.

Cyber Crimes.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.

Similar presentations

Ads by Google