Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Your System: Protecting Your Digital Data and Devices

Published byLeroy Smart Modified over 10 years ago

Similar presentations

Presentation on theme: "Securing Your System: Protecting Your Digital Data and Devices"— Presentation transcript:

1

2 Securing Your System: Protecting Your Digital Data and Devices
Technology in Action Chapter 9 Securing Your System: Protecting Your Digital Data and Devices This chapter covers threats to your computer such as viruses and the hardware and software we can use to help protect against them. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

3 Chapter Topics Computer virus types Protecting computers from viruses
Hackers Firewalls Passwords and password management Topics in this chapter include: Computer virus types Protecting computers from viruses Hackers Firewalls Passwords and password management Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

4 Chapter Topics (cont.) Biometrics Spyware and spam Backup methods
Protecting physical assets Chapter topics include: Biometrics Spyware and spam Backup methods Protecting physical assets Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

5 Computer Threats Cybercrimes are criminal acts conducted by cybercriminals through the use of computers Computer users need to protect themselves from becoming victims of cybercriminals Cybercrime is formally defined as any criminal action perpetrated primarily through the use of a computer. Cybercriminals are individuals who use computers, networks, and the Internet to perpetrate crime. The existence of cybercrime means that computer users must take precautions to protect themselves. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

6 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

7 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

8 Ways to lose your money Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

9 Types of Cybercrime Fraud-related Non-fraud-related
Nondelivery of ordered items Credit and debit card fraud Advanced fee scams Non-fraud-related Computer intrusions Unsolicited Child pornography The Internet Crime Complaint Center (IC3) processed more than 336,000 complaints related to Internet crime in 2009 in the United States. Many complaints were related to fraud, including nondelivery of ordered items, credit and debit card fraud, and advanced fee scams. Much of the credit card fraud was perpetrated when credit card numbers were stolen by criminals tricking people into revealing sensitive information or by computer programs that gather credit card data. Non-fraud-related complaints pertained to issues such as computer intrusions, unsolicited , and child pornography. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

10 Computer Threats: Viruses
Virus: A program that attaches itself to another program and spreads itself to other computers Viruses are hidden within the code of a host program Any computing device can be infected with a virus A computer virus is a computer program that attaches itself to another computer program (known as the host program) and attempts to spread itself to other computers when files are exchanged. Creating and disseminating computer viruses is one of the most widespread types of cybercrimes. Tens of thousands of new viruses or modified versions of old viruses are released each year. Viruses normally attempt to hide within the code of a host program to avoid detection. Viruses, by definition, have a method to spread themselves. Any computing device such as a smartphone, notebook, netbook, or iPad can be infected with a virus. Even your car, which now contains embedded computer systems, could catch a virus, especially if it connects to the Internet for software updates. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

11 Naked_britney.jpg is a virus!!!
Got you sucker!! Naked_britney.jpg is a virus!!! Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

12 What Viruses Do Replicate themselves Secondary objectives
Slow down networks Secondary objectives Display annoying messages Delete files on the hard drive Change computer settings A computer virus’s main purpose is to replicate itself and copy its code into as many other files as possible. Although virus replication can slow down networks, it is not usually the main threat. The majority of viruses have secondary objectives or side effects, ranging from displaying annoying messages on the computer screen to destroying files or the contents of entire hard drives. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

13 How Does a Computer Catch a Virus?
Viruses copy themselves and infect a file on your computer Spread by Sharing disks or flash drives Opening an attachment Downloading infected audio or video files If your computer is exposed to a file infected with a virus, the virus will try to copy itself and infect a file on your computer. If you never expose your computer to new files, it will not become infected. However, this would be the equivalent of a human being living in a bubble to avoid getting sick. Shared disks or flash drives are common sources of virus infection, as is . Just opening an message will not usually infect your computer with a virus, although some new viruses are launched when viewed in the preview pane of your software. Downloading or running a file that is attached to the is a common way that your computer becomes infected. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

14 Types of Viruses Boot-sector viruses Logic bombs Time bombs Worms
Replicate themselves in the boot sector of the hard drive Logic bombs Activate when certain conditions are met Time bombs Triggered by the passage of time or on a certain date Worms Travel between systems through networks Although thousands of computer viruses and variants exist, they can be grouped into broad categories based on their behavior and method of transmission. Boot-sector viruses replicate themselves into the hard drive’s master boot record, a program that executes whenever a computer boots up, ensuring that the virus is loaded immediately. Boot-sector viruses are often transmitted by a flash drive left in a USB port. Logic bombs are viruses that are triggered when certain logical conditions are met (such as opening a file). Time bombs are viruses that are triggered by the passage of time or on a certain date. The effects of logic bombs and time bombs range from annoying messages being displayed on the screen to reformatting of the hard drive, causing complete data loss. Worms attempt to travel between systems through networks to spread their infections. A virus infects a host file and waits for that file to be executed on another computer to replicate. A worm, however, works independently of host file execution and is much more active in spreading itself. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

15 ZIP Bombs via !!! Many systems try to protect us by scanning attachments If the attachment has a compressed file, the system will decompress/expand the file onto the server for checking… What if the attachment is 1-billion “X” in a row? It compresses to about 30k but when expanded, can cause the system to crash to do lack of disk space Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

16 Types of Viruses (cont.)
Script viruses Hidden on Web pages as miniprograms Macro viruses Attached to documents viruses Use address books to distribute themselves Encryption viruses Compress files using a complex encryption key Some viruses are hidden on Web sites in the form of scripts. Scripts are miniprograms that are often used to perform legitimate functions on Web sites. However, some scripts are malicious. For example, say you receive an encouraging you to visit a Web site full of useful programs and information. Unbeknownst to you, clicking a link to display a video runs a script that infects your computer with a virus. Macro viruses are attached to documents (such as Word files) that use macros. A macro is a short series of commands that usually automates repetitive tasks. However, macro languages are now so sophisticated that viruses can be written with them. viruses use the address book in the victim’s system to distribute a virus. Encryption viruses search for common data files and then compress them using a complex encryption key. The user then has to pay to get the files unlocked. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

17 Virus Classifications
Polymorphic viruses Periodically rewrite themselves to avoid detection Multipartite viruses Infect multiple file types Stealth viruses Erase their code from the hard drive and reside in the active memory Viruses can also be classified by the methods they take to avoid detection by antivirus software. Polymorphic viruses change their code (or periodically rewrite themselves) to avoid detection. Most polymorphic viruses infect one particular type of file (.exe files, for example). Multipartite viruses are designed to infect multiple file types in an effort to fool the antivirus software that is looking for them. Stealth viruses temporarily erase their code from the files where they reside and hide in the active memory of the computer. This helps them avoid detection if only the hard drive is searched for viruses. Current antivirus software scans memory as well as the hard drive. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

18 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
Antivirus Software Programs designed to detect viruses Scan files looking for virus signatures (unique code) Provide options for deleting or fixing infected files Inoculate files against further infection Needs to be updated frequently The best defense against viruses is antivirus software. Although antivirus software is designed to detect suspicious activity on your computer at all times, you should run an active virus scan on your entire system at least once a week. Most antivirus software looks for virus signatures in files. Signatures are portions of the virus code that are unique to that particular computer virus. Antivirus software scans files for these signatures and thereby identifies infected files and the type of virus that is infecting them. Antivirus software scans files when they’re opened or executed. If it detects a virus signature or suspicious activity, it stops the execution of the file and notifies you it has detected a virus. Usually it gives you the choice of deleting or repairing the infected file and places the virus in a secure area. This is called quarantining. Through inoculating, an antivirus program records key attributes about files and rechecks these statistics during a scan. Antivirus software catches known viruses effectively. Thus, your computer can still be attacked by a virus that your antivirus software does not recognize. To minimize this risk, you should keep your antivirus software up to date. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

19 Antivirus vendors Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

20 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

21 Dealing with an Infected Computer
Boot computer with antivirus installation disc. Run directly from DVD/CD. Allow software to delete or quarantine infected files. Research viruses found to ensure further manual steps are not needed. Boot up your computer with the antivirus installation disc. (Note: If you download your antivirus software from the Internet, it is a good idea to copy your antivirus software to a DVD in case you have problems in the future.) This should prevent most virus programs from loading and will allow you to run the antivirus software directly from the DVD drive. If the software does detect viruses, you might want to research them further to determine whether your antivirus software will eradicate them completely or if you need to take additional manual steps to eliminate the virus. Most antivirus company Web sites contain archives of information on viruses and provide step-by-step solutions for removing viruses. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

22 Prevent Instant Messaging Viruses
Allow contact from Buddy or Friends List users only. Never automatically accept transfers of data. Avoid using instant messaging programs on public computers. Virus attacks and other forms of malicious hacking can be perpetrated via instant messenger (IM) programs such as Google Talk, Skype, Facebook chat, and iChat. You should try to hide your instant messaging activity from everyone but people you know. To keep your IM sessions safe, follow these precautions: Allow contact only from users on your Buddy or Friends List. This prevents you from being annoyed by unknown parties. Restrict your profile information to be viewed only by friends and only accept friend requests from people that you know and trust. Never automatically accept transfers of data. Although video IMs and file transfers are potentially useful for swapping files over IM, they are a common way of receiving malicious files, which can then infect your computer with viruses. Avoid using instant messaging programs on public computers. If you use a shared computer, such as one in a computer lab at school, be sure you don’t select any features that remember your password or connect you automatically. The next person who uses the computer might be able to connect to the instant messaging service as you and impersonate you. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

23 Other Ways to Protect Your System
Keep your antivirus and operating system (OS) software up to date Load security patches as soon as they are available Enable automatic updates Keep your computer’s antivirus and operating system (OS) software up to date. Load security patches as soon as they are available. Enable automatic updates for both the OS and all other software loaded on your computer. Many viruses take advantage of known software vulnerabilities. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

24 Hackers Anyone who unlawfully accesses a computer system
Types of hackers White hat Black hat Script kiddies A hacker is defined as anyone who unlawfully breaks into a computer system, whether an individual computer or a network. Many hackers who break into systems do so just for the challenge of it (and who don’t wish to steal or wreak havoc on the systems) refer to themselves as white-hat hackers. They tout themselves as experts who are performing a needed service for society by helping companies realize the vulnerabilities that exist in their systems. White hat hackers call hackers who use their knowledge to destroy information or for illegal gain black-hat hackers. Amateur hackers are referred to as script kiddies. Script kiddies don’t create programs used to hack into computer systems; instead, they use tools created by skilled hackers. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

25 Hackers WikiLeaks Publish private & classified documents from hacked government & business computers Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

26 Hackers WikiLeaks Albert Gonzalez
Publish private & classified documents from hacked government & business computers Albert Gonzalez Obtained and sold 170 million credit card & ATM numbers ( ) using packet sniffing. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

27 Hackers WikiLeaks Albert Gonzalez George Hotz – “geohot” (born 1989)
Publish private & classified documents from hacked government & business computers Albert Gonzalez Obtained and sold 170 million credit card & ATM numbers ( ) using packet sniffing. George Hotz – “geohot” (born 1989) Unlocking the iPhone – use on any carrier Hacking “jailbreaking” Playstation 3 Sued by Sony Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

28 What Hackers Steal Hackers try to steal data stored on hard drives:
Credit card numbers Bank account numbers Also can steal information through packet sniffing or a keylogger Use information to purchase items illegally or to commit identity theft If you perform financial transactions online, credit card and bank account information can reside on your hard drive and might be detectable by a hacker. Even if this data is not stored on your computer, a hacker might be able to capture it when you’re online by using a packet sniffer. A packet sniffer is a computer program deployed by hackers that looks at each packet as it travels on the Internet—not just those that are addressed to a particular computer, but all packets. Some packet sniffers are configured to capture all the packets into memory, whereas others capture only those packets that contain specific content (such as credit card numbers). A keylogger is a program that captures all keystrokes made on a computer. Once a hacker has your credit card information, he or she can either use it to purchase items illegally or sell the number to someone who will. If hackers can gather enough information in conjunction with your credit card information, they might be able to commit identity theft. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

29 How Computers Are Attacked
Trojan horse Backdoor program Zombies Denial of service attacks (DoS) Distributed denial of service attacks (DDoS) To perpetrate widespread computer attacks, hackers need to control many computers at the same time. To this end, hackers often use Trojan horses to install other programs on computers. A Trojan horse is a program that appears to be something useful or desirable (like a game or a screen saver) but does something malicious in the background without your knowledge. Often, the malicious activity perpetrated by a Trojan horse program is the installation of backdoor programs, which allow hackers to take almost complete control of your computer without your knowledge. Using a backdoor program, hackers can access and delete all files on your computer, send , run programs, and do just about anything else you can do with your computer. Computers that hackers control in this manner are referred to as zombies. Hackers can also launch an attack from your computer, called a denial of service (DoS) attack, in which legitimate users are denied access to a computer system because a hacker is repeatedly making requests of that computer system through a computer he or she has taken over as a zombie. Because DoS attacks from a single computer are easy to track, savvy hackers launch coordinated attacks from many zombies at once. These are known as distributed denial of service attacks (DDoS). Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

30 Anatomy of a Denial of Service Attack
Ask the remote computer a simple question Ask it many Many MANY times !!! The remote computer is so pre-occupied in telling me to go away, nothing else gets done Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

31 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

32 How Hackers Gain Access
Direct access Hacking software Indirect access Internet connection Logical ports Hackers can gain access to computers directly or indirectly. Direct access involves sitting down at a computer and installing hacking software. The most likely method hackers use to access a computer indirectly is through its Internet connection. When connected to the Internet, your computer is potentially open to attack by hackers. Logical ports are virtual communications gateways that allow a computer to organize requests for information from other networks or computers. Open logical ports, like open windows in a home, invite intruders. Unless you take precautions to restrict access to your logical ports, other people on the Internet might be able to access your computer through them. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

33 Firewalls Software programs or hardware designed to close logical ports to invaders Most current operating systems include reliable firewalls Security suite often include firewalls Network routers can contain a hardware firewall Firewalls are critical if you have an always- on broadband connection Test your computer’s vulnerability Firewalls are software programs or hardware devices designed to keep computers safe from hackers. By using a firewall, you can close off open logical ports to invaders and potentially make your computer invisible to other computers on the Internet. Most current operating systems include a reliable firewall. Many security suites such as Norton Internet Security, McAfee Internet Security, and ZoneAlarm Internet Security Suite also include firewall software. Two firewalls running at the same time can conflict with each other and can cause your computer to slow down or freeze up. Many routers sold for home networks include firewall protection. For peace of mind (and to ensure that your firewall setup was successful), you can visit several Web sites that offer free services that test your computer’s vulnerability. One popular site is Gibson Research (grc.com). If the testing program detects potential vulnerabilities and you don’t have a firewall, you should install one as soon as possible. If the firewall is already configured and common ports are detected as being vulnerable, consult your firewall documentation for instructions on how to close or restrict access to those ports. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

34 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

35 Nasty Tools - Cain and Able
Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

36 Bluetooth Attacks Bluesnarfing Bluebugging Make your device invisible
Exploits flaw in access software to steal information contained on the device Bluebugging Hacker takes control of the device Make your device invisible Bluesnarfing involves exploiting a flaw in the Bluetooth access software for the purpose of accessing a Bluetooth device and stealing the information contained on it. Unfortunately, Bluesnarfing is relatively easy (and cheap) because a lot of Bluesnarfing software is available on the Internet. Although much more difficult and expensive to execute, Bluebugging presents more serious dangers. The process involves a hacker actually taking control of a Bluetooth-enabled device. Once a hacker gains control of the device, he or she can make phone calls; establish Internet connections; read phonebook entries; set call forwarding; or send, receive, and read short message service (SMS) messages. Most devices with Bluetooth capability give you the option of making your device invisible to unauthorized Bluetooth devices. By making your device invisible to unauthorized devices (say a hacker’s headset), you prevent hackers from connecting to your equipment (your phone) because the hacker’s headset is not an authorized device for your phone. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

37 Bluetooth attacks Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

38 Passwords Create a strong password
At least 14 characters, including numbers, symbols, and upper- and lowercase letters Not a single word or a word from a dictionary Not easily associated with you (birthday, name of pet, nickname) Use different passwords for different sites Do not tell anyone or write down password Change password regularly (every month) Creating strong passwords that are difficult for hackers to guess is an essential piece of security that individuals sometimes overlook. To create strong passwords, follow these basic guidelines: •Your password should contain at least 14 characters and include numbers, symbols, and upper- and lowercase letters. •Your password should not be a single word or any word found in the dictionary. •Ideally, use a combination of several words with strategically placed uppercase characters. •Your password should not be easily associated with you (such as your birth date, the name of your pet, or your nickname). •Use a different password for each system or Web site you need to access. This prevents access to every account you maintain if one of your passwords is discovered. (If you can’t remember them all, use the password management feature of Windows or the Firefox browser.) •Never tell anyone your password or write it down in a place where others might see it. •Change your password on a regular basis (say every month) or if you think someone might know it. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

39 Copyright © 2011 Pearson Education, Inc. Publishing as Prentice Hall

40 Wireless Networks on the Road
Beware “Evil twins” Free Internet access in paid locations Protect yourself Check with authorized personnel for official name of hotspot Do not use free access from unknown sources Hackers know the areas where people are likely to seek access to wireless networks. They will often set up their own wireless networks in these areas with sound-alike names to lure unsuspecting Web surfers and get them to enter credit card information to gain access. Other times these “evil twins” offer free Internet access and the hackers just monitor traffic looking for sensitive information they can use. Check with authorized personnel at places where you will be connecting to hotspots to determine the names of the legitimate hotspots. If you run across “free” access to a hotspot that isn’t provided by a legitimate merchant, you are better off not connecting at all because you can’t be sure your information won’t be used against you or that malicious files won’t be downloaded to your computer. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

41 Password Managers Remember all your different passwords Built into
Operating systems Web browsers Some security packages The problem with well-constructed passwords is that they can be hard to remember. Password management tools can take the worry out of forgetting passwords because the password management software does the remembering for you. Most current Internet security suites and Web browsers make it easy to keep track of passwords by providing password management tools. However, you generally have to turn this feature on. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

42 Anonymous Web Surfing Public computers Portable privacy devices
Shared computers risk subsequent user viewing your data Might already have viruses or hacking tools installed Portable privacy devices Linux OS on a flash drive If you use shared computers in such public places as libraries, coffee shops, and college student unions, you should be concerned about a subsequent user of the computer spying on your surfing habits. You also never know what nefarious tools have been installed by hackers on a public computer. Many newer Web browsers include privacy tools that help you surf the Internet anonymously. Portable privacy devices help to protect your privacy when working on computers away from your home or office. Simply plug the device into an available USB port on the machine on which you will be working. All sensitive Internet files, such as cookies, Internet history, and browser caches, are stored on the privacy device, not the computer you are using. Take the Linux OS with you on a flash drive and avoid using the public computer’s operating system. This significantly reduces the chance that your flash drive will pick up viruses or other malicious programs running on the public computer. You also avoid reading and writing to the hard disk and thus avoid leaving traces of your activity behind. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

43 Biometric Authentication Devices
Read unique personal characteristics Fingerprint Iris patterns Voice patterns Face patterns Biometric authentication devices are devices you can attach to your computer that read a unique personal characteristic, such as a fingerprint or the iris pattern in your eye, and convert that pattern to a digital code. When you use the device, your pattern is read and compared to the one stored on the computer. Only users having an exact fingerprint or iris pattern match are allowed to access the computer. Because no two people have the same biometric characteristics, these devices provide a high level of security. They also eliminate the human error that can occur in password protection. (You might forget your password, but you won’t forget to bring your fingerprint to the computer!) Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

44 Malware Software that has a malicious intent Antispyware software
Grayware (nondestructive) Adware Spyware Viruses (destructive) Antispyware software Included in many Internet security suites Stand-alone spyware removal available Malware is software that has a malicious intent (hence the prefix mal). There are three primary forms of malware: adware, spyware, and viruses. Adware and spyware are not physically destructive like viruses and worms that can destroy data. Known collectively as grayware, they are primarily intrusive, annoying, or objectionable online programs that are downloaded to your computer when you install or use other online content such as a freeware program, game, or utility. Adware is software that displays sponsored advertisements in a section of your browser window or as a pop-up ad box and is considered a legitimate (although sometimes annoying) means of generating revenue for those developers who do not charge for their software or information. Spyware is an unwanted piggyback program that usually downloads with other software you want to install from the Internet. It runs in the background of your system. Without your knowledge, spyware transmits information about you, such as your Internet surfing habits, to the owner of the program so that the information can be used for marketing purposes. Many spyware programs use tracking cookies (small text files stored on your computer) to collect information, whereas others are disguised as benign programs that are really malicious programs (such as Trojan horses). One type of spyware program known as a keystroke logger monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information. Many Internet security suites now include antispyware software. However, you can also obtain stand-alone spyware removal software and run it on your computer to delete unwanted spyware. It is a good idea to install one or two additional stand-alone antispyware programs on your computer. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

45 Spam or Spim Spam: Unwanted or junk e-mail
To avoid SPAM Create free Web-based account for filling out online forms or making online purchases Use a spam filter Do not try to “unsubscribe” from spam s Use an forwarding service Spim: Unsolicited instant messages Spam is unwanted or junk . Companies find your address either from a list they purchase or with software that looks for addresses on the Internet. One way to avoid spam in your primary account is to create a free Web-based address that you use only when you fill out forms or purchase items on the Web. Another way to avoid spam is to filter it. A spam filter is an option you can select in your account that places known or suspected spam or junk mail messages into a folder other than your inbox. Don’t reply to spam to remove yourself from the spam list. By replying, you are confirming that your address is active. Instead of stopping spam, you might receive more. You can also subscribe to an forwarding service, such as ias ( ias.com) or Sneak .com (sneak .com). These services screen your messages, forwarding only those messages you designate as being okay to accept. SPIM are unsolicited instant messages. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

46 Cookies A Web site assigns an ID number to your computer, stored in a cookie file Each time you log in to the site, it notes the visit and keeps track of it in a database Provide info about browsing habits Identify user preferences Pose some privacy risks, but low security threat Cookies, or tracking cookies, are small text files that some Web sites automatically store on your computer’s hard drive when you visit the site. When you log on to a Web site that uses cookies, a cookie file assigns an ID number to your computer. The unique ID is intended to make your return visit to a Web site more efficient and better geared to your interests. The next time you log on to that site, the site marks your visit and keeps track of it in its database. Cookies can provide Web sites with information about your browsing habits, such as the ads you’ve opened, the products you’ve looked at, and the time and duration of your visits. Companies use this information to determine the traffic flowing through their Web site and the effectiveness of their marketing strategy and placement on Web sites. Because cookies pose no security threat (it is virtually impossible to hide a virus or malicious software program in a cookie), take up little room on your hard drive, and offer you small conveniences on return visits to Web sites, there is no great reason to delete them. However, some sites sell the personal information their cookies collect to Web advertisers who are building huge databases of consumer preferences and habits, collecting personal and business information such as phone numbers, credit reports, and the like. The ultimate concern is that advertisers will use this information indiscriminately, thus infiltrating your privacy. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

47 Protecting Your Personal Information
Protect information from identity thieves Social Security number Phone number Street address Check privacy settings on social networking sites: Keep your information as private as possible Your Social Security number, phone number, and street address are three key pieces of information that identity thieves need to steal an identity. This information should never be shared in a public area on any Web site. Social networking sites make privacy settings available in their account menus. If you have never changed your privacy settings, you are probably sharing information more widely than you should. Because these sites are designed to foster social interaction, the default privacy settings make it easy to search for people. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

48 Backing Up Your Data Backup Types of files to back up Backup routine
A copy of a file that can be used to replace the original Types of files to back up Program Data Backup routine Frequency Changed files Making file backups—copies of files that you can use to replace the originals if they are lost or damaged—is important. When you back up your files, remember to store the copy in a different place than the original. Removable storage media such as DVDs, CDs, and flash drives are popular choices for backing up files because they hold a lot of data and can be easily transported. Two types of files need backups, program files and data files: Program files are files you use to install software. They should be on the CDs or DVDs that they originally came on. If any programs came preinstalled in your computer, you should still have received a CD or DVD that contains them. As long as you have the original media in a safe place, you shouldn’t need to back up these files. Data files are files you create (such as Word files), as well as contact lists, address books, archives, and your Favorites list from your browser. You should back up your data files frequently, depending on how much work you can afford to lose. You should always back up data files when you make changes to them, especially if those changes involve hours of work. To make backups easier, store all your data files in one main folder on your hard drive. Then, to back up your files, you simply copy that folder and all of its subfolders onto an alternate storage media. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

49 Backing Up Your Data (cont.)
Software programs for easy backup Schedule automatic backups Can back up files, folders, or entire drives Back up to external hard drive, USB device, or DVD Entire system backup software Takes an image of the entire system Stores on a separate hard drive In case of failure, a new drive is inserted There are plenty of software programs designed for easy file backup. Backup software allows you to schedule regular backups that occur automatically, with no intervention on your part. They can back up individual files, folders, or an entire hard drive to another hard drive, such as an external drive connected to your computer by a USB port, or to a CD/DVD in the CD/DVD drive. A full backup will back up all files in a specified location. An incremental backup will back up only files that have changed since the last time a backup was performed on the files. For complete protection, you should create an image backup of your entire system. Windows 7 backup utilities also provide you with the option of making a copy of your system image for restoration purposes. Taking an image of your entire system and storing it on another hard drive provides you with the ultimate protection. With a backup of your entire hard drive, including your system image, you won’t need to reinstall all of the program software from the original media. Instead, you just replace the broken hard drive with the backup hard drive (or copy the contents of the backup drive to a new drive). Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

50 Backing Up Your Data (cont.)
Store backups offsite Online backups Store backup files on Internet servers Some services free Windows Live Sky Drive ADrive Fees for some services Network attached storage (NAS) devices To be truly secure, backups must be stored away from where your computer is located. A final backup solution is to store backups of your files online. For a fee, companies can provide you with such online storage. If you store a backup of your entire system on the Internet, you don’t need to buy an additional hard drive for backups. This method also takes the worry out of keeping your backups in a safe place because they’re always stored in an area far away from your computer. However, if you’d like to store your backups online, make sure you have high-speed Internet access; otherwise, your computer could be tied up as you transfer files. Backups can also be made to network attached storage devices. The NAS devices are essentially large hard drives that are connected to a network of computers instead of one computer, and they can be used to back up multiple computers simultaneously. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

51 Social Engineering Uses social skills to generate human interaction to entice individuals to reveal sensitive information Usually does not use a computer or face-to-face interaction Pretexting Social engineering is any technique that uses social skills to generate human interaction that entices individuals to reveal sensitive information. Social engineering often doesn’t involve the use of a computer or face-to-face interaction. Telephone scams are common because it is often easier to manipulate someone when you don’t have to look at them. Most social engineering schemes use a pretext to lure their victims. Pretexting involves creating a scenario that sounds legitimate enough that someone will trust you. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

52 Phishing and Pharming Phishing Pharming
Uses to lure user to fake Web sites Tricks user into revealing private data Pharming Malicious code changes Web browser’s ability to find Web addresses Phishing lures Internet users to reveal personal information such as credit card numbers, Social Security numbers, or other sensitive information that could lead to identity theft. The scammers send messages that look like they are from a legitimate business such as an online bank. The states that the recipient needs to update or confirm his or her account information. When the recipient clicks the provided link, he or she goes to a Web site. The site looks like a legitimate site but is really a fraudulent copy the scammer has created. Once the recipient confirms his or her personal information, the scammers capture it and can begin using it. You should never reply directly to any asking you for personal information. Never click on a link in an to go to a Web site. Instead, type the Web site address in the browser. Check with the company asking for the information and only give the information if you are certain it is needed. Also, never give personal information over the Internet unless you know the site is secure. Pharming is when malicious code is planted on your computer that alters your browser’s ability to find Web addresses. Users are directed to bogus Web sites even when they enter the correct address of the real Web site or follow a bookmark that they previously had established for the Web site. So instead of ending up at your bank’s Web site when you type in its address, you would end up at a fake Web site that looks like your bank’s site but is expressly set up for the purpose of gathering information. Most Internet security packages can detect and prevent pharming attacks. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

53 Hoaxes An attempt to make someone believe something that is untrue
Target large audiences Practical joke, agents of social change, or time wasters Mostly A hoax is an attempt to make someone believe something that is untrue. Hoaxes target a large audience and are generally perpetrated as practical jokes, agents of social change (poking fun at the established norm in an effort to change it), or merely to waste people’s time. Most cyberspace hoaxes are perpetrated by . Before using the forward button and sending an to all your friends, first check it out at one of the many Web sites that keep track of and expose hoaxes. Check sites such as Snopes (snopes.com), Hoax Slayer (hoax-slayer.com), or TruthOrFiction.com (truthorfiction.com). Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

54 Protect Physical Assets
Environmental factors Avoid Sudden movement Excessive heat or cold Dust Food and liquids Use padded case for notebooks Computers are delicate devices and can be damaged by the adverse impact of keeping them in a poor environment or by abusing them. Sudden movements (such as a fall) can damage your notebook computer or mobile device’s internal components. Electronic components do not like excessive heat or excessive cold. Unfortunately, computers generate a lot of heat, which is why they have fans to cool their internal components. Make sure that you place your desktop computer so that the fan’s input vents (usually found on the rear of the system unit) are unblocked so that air can flow inside. Chill mats that contain cooling fans and sit underneath notebook computers are useful accessories for dissipating heat. A fan drawing air into a computer also draws in dust and other particles, which can wreak havoc on your system. Therefore, keep the room in which your computer is located as clean as possible. Food crumbs and liquid can damage keyboards and other computer components, so consume food and beverages away from your computer. Carry your notebook in a padded case to protect it. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

55 Power Surges Occur when electrical current is supplied in excess of normal voltage (120 volts in the United States) Caused by: Old or faulty wiring Downed power lines Malfunctions at electric substations Lightning strikes Use surge protectors Power surges occur when electrical current is supplied in excess of normal voltage (120 volts in the United States). Old or faulty wiring, downed power lines, malfunctions at electric company substations, and lightning strikes can all cause power surges. Surge protectors are devices that protect your computer against power surges. Surge protectors contain two components that are used to protect the equipment that is connected to them. Metal-oxide varistors (MOVs) bleed off excess current during minor surges and feed it to the ground wire where it harmlessly dissipates. The MOVs can do this while still allowing normal current to pass through the devices plugged into the surge protector. Because the ground wire is critical to this process, it is important to plug the surge protector into a grounded power outlet. Over time, the MOVs lose their ability to bleed off excess current, which is why you should replace your surge protectors every two to three years. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

56 Deterring Theft Alarms Locks Software alerts
Three approaches to deterring computer theft include alarming computers, locking them down, or installing devices that alert you when they are stolen (or destroy data). To prevent your notebook from being stolen, you can attach a motion alarm to it. If your notebook is moved while the alarm is activated, it emits a wailing 85-decibel sound. Chaining a notebook to your work surface can be another effective way to prevent theft. Tracking software such as Computrace Complete or Computrace LoJack for Laptops (absolute.com) and PC or Mac PhoneHome (pcphonehome.com) enables the computer it is installed on to alert authorities as to its location if it is stolen. This software can be installed in notebook or desktop computers. The files and directories holding the software are not visible to thieves looking for such software so they probably won’t know the software is there. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

57 E-waste Computer technology advances rapidly. Every 3-5 years we replace our systems. What do we do with the old one? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

58 E-waste Computer technology advances rapidly.
Every 3-5 years we replace our systems. What do we do with the old one? Reduce, Re-use, Recycle The world produces ~ 50 million tonnes of E-waste each year. Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

59 E-waste Computer technology advances rapidly.
Every 3-5 years we replace our systems. What do we do with the old one? Reduce, Re-use, Recycle The world produces ~ 50 million tonnes of E-waste each year. Re-use Give old computers to those that can’t afford them Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

60 E-waste Recycle About 90% of your computer can be recycled – plastics, metals, etc Problems? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

61 E-waste Recycle About 90% of your computer can be recycled – plastics, metals, etc Problems? Recycling has become big business Labour intensive Some components are made of toxic materials Who disassembles the components? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

62 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

63 What components did you recycle? CPU, RAM, Harddrive, etc.
Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

64 What components did you recycle? CPU, RAM, Harddrive, etc.
Anything on your harddrive you might not want someone else to have? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

65 What components did you recycle? CPU, RAM, Harddrive, etc.
Anything on your harddrive you might not want someone else to have? Personal information & documents Web browser history Stored passwords Banking info Even if you delete your files, they can sometimes be recovered!!! Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

66 Chapter 9 Summary Questions
From which types of viruses do I need to protect my computer? From which types of viruses do I need to protect my computer? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

67 Chapter 9 Summary Questions
What can I do to protect my computer from viruses? What can I do to protect my computer from viruses? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

68 Chapter 9 Summary Questions
How can hackers attack my computing devices, and what harm can they cause? How can hackers attack my computing devices, and what harm can they cause? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

69 Chapter 9 Summary Questions
What is a firewall, and how does it keep my computer safe from hackers? What is a firewall, and how does it keep my computer safe from hackers? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

70 Chapter 9 Summary Questions
How do I create secure passwords and manage all of my passwords? How do I create secure passwords and manage all of my passwords? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

71 Chapter 9 Summary Questions
How can I surf the Internet anonymously and use biometric authentication devices to protect my data? How can I surf the Internet anonymously and use biometric authentication devices to protect my data? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

72 Chapter 9 Summary Questions
How do I manage online annoyances such as spyware and spam? How do I manage online annoyances such as spyware and spam? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

73 Chapter 9 Summary Questions
What data do I need to back up, and what are the best methods for doing so? What data do I need to back up, and what are the best methods for doing so? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

74 Chapter 9 Summary Questions
What is social engineering, and how do I avoid falling prey to phishing and hoaxes? What is social engineering, and how do I avoid falling prey to phishing and hoaxes? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

75 Chapter 9 Summary Questions
How do I protect my physical computing assets from environmental hazards, power surges, and theft? How do I protect my physical computing assets from environmental hazards, power surges, and theft? Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall

76 Copyright © 2012 Pearson Education, Inc. Publishing as Prentice Hall
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Copyright © 2012 Pearson Education, Inc.   Publishing as Prentice Hall 76

Download ppt "Securing Your System: Protecting Your Digital Data and Devices"

Similar presentations

Create an Application Title 1Y - Youth Chapter 5.

Create an Application Title 1Y - Youth Chapter 5.
Add Governors Discretionary (1G) Grants Chapter 6.

Add Governors Discretionary (1G) Grants Chapter 6.
CALENDAR.

CALENDAR.
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
The 5S numbers game..

The 5S numbers game..
© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.

© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.
Welcome. © 2008 ADP, Inc. 2 Overview A Look at the Web Site Question and Answer Session Agenda.

Welcome. © 2008 ADP, Inc. 2 Overview A Look at the Web Site Question and Answer Session Agenda.
A sample problem. The cash in bank account for J. B. Lindsay Co. at May 31 of the current year indicated a balance of $14,691.80 after both the cash receipts.

A sample problem. The cash in bank account for J. B. Lindsay Co. at May 31 of the current year indicated a balance of $14, after both the cash receipts.
Employee & Manager Self Service Overview

Employee & Manager Self Service Overview
Dynamic Access Control the file server, reimagined Presented by Mark on twitter 1 contents copyright 2013 Mark Minasi.

Dynamic Access Control the file server, reimagined Presented by Mark on twitter 1 contents copyright 2013 Mark Minasi.
Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.

Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.
Biology 2 Plant Kingdom Identification Test Review.

Biology 2 Plant Kingdom Identification Test Review.
SLP – Endless Possibilities What can SLP do for your school? Everything you need to know about SLP – past, present and future.

SLP – Endless Possibilities What can SLP do for your school? Everything you need to know about SLP – past, present and future.
MaK_Full ahead loaded 1 Alarm Page Directory (F11)

MaK_Full ahead loaded 1 Alarm Page Directory (F11)
Facebook Pages 101: Your Organization’s Foothold on the Social Web A Volunteer Leader Webinar Sponsored by CACO December 1, 2010 Andrew Gossen, Senior.

Facebook Pages 101: Your Organization’s Foothold on the Social Web A Volunteer Leader Webinar Sponsored by CACO December 1, 2010 Andrew Gossen, Senior.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Speak Up for Safety Dr. Susan Strauss Harassment & Bullying Consultant November 9, 2012.

Speak Up for Safety Dr. Susan Strauss Harassment & Bullying Consultant November 9, 2012.
Static Equilibrium; Elasticity and Fracture

Static Equilibrium; Elasticity and Fracture
FIGURE 12-1 Op-amp symbols and packages.

FIGURE 12-1 Op-amp symbols and packages.
1 DIGITAL INTERACTIVE MEDIA Wednesday, October 28, 2009.

1 DIGITAL INTERACTIVE MEDIA Wednesday, October 28, 2009.

Similar presentations

Ads by Google