Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

Similar presentations


Presentation on theme: "Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall"— Presentation transcript:

1 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Power Point Presentation to accompany Visualizing Technology, by Debra Geoghan. Chapter 10 Security & Privacy Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

2 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Objectives Discuss various types of cybercrime. Differentiate between different types of malware. Explain how to secure a computer. Discuss safe computing practices. Discuss laws related to computer security and privacy. This chapter explains and discusses security and privacy. The chapter objectives are: Discuss various types of cybercrime. Differentiate between different types of malware. Explain how to secure a computer. Discuss safe computing practices. Discuss laws related to computer security and privacy. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

3 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Objective 1: Overview Cybercrime: They Are Out to Get You Define cybercrime and discuss how it affects online activity Discuss the various types of cybercrime, including harassment, phishing, pharming, fraud, identity theft, and hacking Key Terms Computer fraud Cyberbullying Cybercrime Cyberstalking Cyberterrorism Hacking Hacktivism Identify theft Pharming Phishing This objective discusses the various types of cybercrime including harassment, phishing, pharming, fraud, identity theft, and hacking. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

4 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Cybercrime Criminal activity on the Internet Personal cybercrime Harassment Phishing and pharming Fraud Identity theft Cybercrime against organizations Hacking Cyberterrorism Cybercrime is criminal activity on the Internet. There are two types of cybercrime, personal and against organizations. Harassment, phishing and pharming, fraud, and identity theft are all types of personal cybercrimes. Hacking is the number one cybercrime against organizations. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

5 Personal Cybercrime Harassment
Cyberbullying Harassment involving minors Cyberstalking Harassment involving adults Harassers use , IM, chat, text messages, and social networks Cyberbullying occurs when online harassment involves minors. Cyberstalking occurs when the harassment involves adults. Harassers use , IM, chat, text messages, and social networks to embarrass, torment, or threaten someone. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

6 Personal Cybercrime Phishing and Pharming
messages and IMs Appear to be from someone with which you do business Designed to trick you into providing usernames and passwords Pharming Redirects you to a phony website even if you type the URL Hijack company domain Phishing uses messages and IMs that appear to be from someone with which you do business, like a bank or online shopping website. They are designed to trick you into providing usernames and passwords to your accounts. Pharming redirects you to a phony website even if you type the right address into your browser. They do this by hijacking the company’s domain that had not been renewed or had security-compromised Web servers. Both phishing and pharming work because they seem to be messages from legitimate sites. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

7 Personal Cybercrime Fraud and Identity Theft
Computer fraud Schemes that convince you to voluntarily and knowingly give money or property to a person Identity theft Someone uses your name, Social Security number, or bank or credit cards for financial gain Computer fraud involves schemes that convince you to voluntarily and knowingly give money or property to a person. Identity theft occurs when someone uses your name, Social Security number, or bank or credit cards for financial gain. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

8 Social Network Attacks
Adware and other malware Suspicious s and notifications Phishing and "Please send money" scams Clickjacking Malicious script scams Social networks provide ways for cybercriminals to contact and scam you. Common threats include adware and other malware, suspicious and notifications, phishing and other “send money” scams, clickjacking, and malicious script scams. Keep in mind that you must protect yourself. If a message appears to be from the administrator, asking for your password or threatening to suspend your account, it may be a threat. Usually administrators do not ask for passwords. Phishing and “send money” scams may seem real, but they are meant to fool you into downloading malware or sending money to cybercriminals. Clickjacking occurs when you click a link in malware that posts unwanted links on your Facebook page. Malicious scripts can create pages, events, or send spam to your friends when you copy and paste some text into your browser address bar. Facebook provides information about social network attacks at facebook.com/help/security. Social Networking Attacks (Facebook) facebook.com/help/security Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

9 Cybercrime & Business Hacking
Unauthorized access to a computer system or network Hacktivism Hacking to make a political statement White-hat or “sneakers” Prevent future hacking Black-hat or “cracker” Has malicious intent Gray-hat Illegal but not malicious intent Hacking is the act of gaining unauthorized access to a computer system or network. Hacking is classified into three categories. White-hat hackers are motivated to find security holes in a system for the purpose of preventing future hacking. “Sneakers” are security experts who are paid to hack systems. Black-hat hackers hack into systems for malicious purposes, such as theft or vandalism. Black-hat hackers are sometimes referred to as “crackers.” Gray-hat hackers fall somewhere in between. They hack into systems illegally but not for malicious intent. They might break into a system just to prove they can or to expose a system’s vulnerability. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

10 Cybercrime & Business Cyberterrorism
Unlawful attack against computers or networks To intimidate a government or its people Political or social agenda Attack information systems to cause harm Majority of attacks are unsuccessful and unreported Potential targets include: Financial sector Infrastructure: Communications Utilities Cyberterrorism is an unlawful attack against computers or networks undertaken to intimidate a government or its people for a political or social agenda. Cyberterrorists are not just attacking computers; they are actually attacking the information systems to cause harm. The majority of attacks are unsuccessful and unreported, yet experts believe threats are growing. Potential targets include the financial sector and infrastructure, such as communications, utilities, transportation, and hospitals. Congress proposed and discussed a number of bills designed to improve cybersecurity in the United States. Currently the government agencies spend millions of dollars protecting their systems against cyberterrorism and other cybercrimes. Transportation Hospitals Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

11 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
What steps should you take to prevent identity theft? How have you implemented these in your activities? Are there other things you should be doing? What steps should you take to prevent identity theft? How have you implemented these in your activities? Are there other things you should be doing? Answers will vary, but should look something like this: Steps to prevent identity theft: Review monthly statements from your checking and other financial accounts Review credit card bills each month Create online accounts on a computer you trust Order and review your credit reports from the three credit agencies: TransUnion, Equifax, and Experian Be sure to shred old bank statements, applications for new credit cards, and other documents that have personal information Secure your personal information online and offline Do not carry your Social Security card in your wallet Be careful about online passwords and change them often Be vigilant about sharing personal information when opening new accounts online Students should follow this list with reasoning as to how they have implemented these measures in their daily activities and anything else they might be doing to prevent identity theft. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

12 Steps to prevent identity theft
Review monthly statements from your checking and other financial accounts Review credit card bills each month Create online accounts on a computer you trust Order and review your credit reports from the three credit agencies: TransUnion, Equifax, and Experian Be sure to shred old bank statements, applications for new credit cards, and other documents that have personal information Secure your personal information online and offline Do not carry your Social Security card in your wallet Be careful about online passwords and change them often Be vigilant about sharing personal information when opening new accounts online Students should follow this list with reasoning as to how they have implemented these measures in their daily activities and anything else they might be doing to prevent identity theft. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

13 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Objective 2: Overview Malware: Pick Your Poison Define the different types of malware Differentiate among the different types of malware Key Terms Adware Botnet Cookie Denial-of-service attack Keylogger Logic bomb Malware Payload Rootkit Spam Spyware Time bomb Trojan horse Virus Worm This objective defines and discusses the different types of malware. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

14 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Malware Malicious software Includes: Spam Adware and spyware Viruses Worms Trojan horses Rootkits Malware is malicious software that includes spam, adware and spyware, viruses, worms, Trojan horses, and rootkits. The following slides discuss these types of malware. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

15 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Spam Mass, unsolicited Easy and inexpensive Other forms: Fax spam IM spam Text spam Spam is mass, unsolicited . It is popular because it is easy and inexpensive to implement. Other forms include fax spam, IM spam, and text spam. Spam in Gmail Account Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

16 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Cookies Small text files Help websites identify you when you return Useful, yet could collect information A cookie is a small text file that allows the website to recognize the user and personalize the site. Although they are useful, they could be used to collect information that you do not want to share. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

17 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Adware and Spyware Adware Pop-ups or banner ads Generate income Use CPU cycles and Internet bandwidth Reduce PC performance Spyware Malware Secretly gathers personal information Usually installed by accident Click on a pop-up Install freeware program Adware shows you ads, usually in the form of pop-ups or banner ads in websites and in software. Ads generate income for the software developer. When these ads use CPU cycles and Internet bandwidth, it can reduce PC performance. Spyware is a form of malware that secretly gathers personal information about you. It is usually installed by accident by a user who clicks on a pop-up or installs a freeware program that installs a tracking feature. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

18 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Adware Generates money Provides users with something free This image illustrates adware. This is different from adware that gives you continual pop-up screens. Spotify makes money on the advertisements and provides music to people who view the ads. This type of ad is very common and typically imposes no harm. Many mobile apps are ad supported—meaning the app is free to use and the developer earns money by displaying ads on your screen. The revenue from the ads allows the software publisher to distribute the software for free. Spotify Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

19 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Virus Needs a host file Program that replicates itself Infects computers May corrupt or delete files May even erase an entire disk May use program to infect other computers A computer virus needs a host file on which to travel, such as a game. A virus is a program that replicates itself and infects computers. The attack, also known as the payload, may corrupt or delete files, or it may even erase an entire disk. A virus may use the program on the infected computer to send out copies of itself and infect other machines. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

20 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Bombs Logic Bomb Behaves like a virus Performs malicious act Does not replicate Attacks when certain conditions are met Time Bomb Trigger is a specific time or event April Fool’s Day Friday the 13th A logic bomb is like a virus in that it performs a malicious act, yet it does not replicate itself like a virus. It attacks when certain conditions are met, for example, when an employee name is removed from a database. These are often used by disgruntled IT employees. When the trigger is a specific time or event, a logic bomb is called a time bomb. Examples of triggers include April Fool’s Day or Friday the 13th. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

21 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Worms Self-replicating Do not need a host to travel Travel over networks to infect other machines Conficker worm First released in 2008 Reemerged in 2010 with new behaviors Like a virus, worms are self-replicating, but they do not need a host to travel. Worms travel over networks and once a network is infected, the worm travels throughout the network looking for other machines to infect. Conficker is a worm that was first released in It prevented infected computers from connecting to software update websites and disabled antivirus software. In 2010 it reemerged with new disruptive behaviors. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

22 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Trojan Horse Appears to be legitimate program Malicious Might install: Adware Toolbar Keylogger Captures information entered on keyboard Can open back door A Trojan horse, or Trojan, is a program that appears to be legitimate but it is actually something malicious instead. Trojans might install adware, a toolbar, or a keylogger, or open a back door. A keylogger is a computer program that captures information a user enters on a keyboard. Keyloggers might be installed as a Trojan and reside unnoticed on an infected machine. They wait for the user to enter usernames, passwords, and credit card numbers and gather this information. A famous Trojan is the Sinowal Trojan horse, which was used by criminals to steal more than 500,000 banking passwords and credit card numbers over three years. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

23 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Rootkit Set of programs Allows someone to gain control over system Hides the fact that the computer has been compromised Almost impossible to detect Masks behavior of other malware A rootkit is a set of programs that allows someone to gain control over a computer system while hiding the fact that the computer has been compromised. A rootkit is almost impossible to detect. It allows the machine to become further infected by masking behavior of other malware. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

24 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Botnet Network of computer zombies or bots Controlled by a master Fake security notifications Launch denial-of-service attacks Cripples a server or network A botnet, like the Conficker worm, is a network of computer zombies or bots controlled by a master. Fake security notifications are one of the most common ways to infect computers with bots. A botnet could send out spam and viruses, or launch a denial-of-service attack, which is perpetrated by sending out so much traffic that it cripples a server or network. Denial-of-service attacks have taken down Twitter, Yahoo, CNN, eBay, and Amazon, just to name a few sites. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

25 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Visit the U.S. Computer Emergency Readiness Team website Select the Guidelines for Publishing Information Online link (http://www.us-cert.gov/ncas/tips/st05-013) and read about it. Write a 2- to 3-paragraph summary of the tip. Which of these suggestions do you follow? Are there any that you disagree with? Visit the U.S. Computer Emergency Readiness Team website at us-cert.gov/cas/tips. Select the Guidelines for Publishing Information Online link and read about it. Write a 2- to 3-paragraph summary of the tip. Which of these suggestions do you follow? Are there any that you disagree with? Answers will vary, but should look something like this: In the General security section, there are several links that help remind users of what they should be doing to protect themselves when online. These security issues include, but are not limited to, choosing the best passwords, understanding antivirus software and firewalls, coordinating virus and spyware defense, knowing the common myths, learning tips on how to safeguard data, learning good security habits, keeping children safe online, and heeding real-world warnings to help keep users safe online. As a user I still need to take additional steps to protect myself from some online threats. Some of these include updating my OS software and coordinating my antivirus software and spyware. I found this site to be very informative and have already bookmarked it to my toolbar so I have easy access to it. The common myths and safeguarding tips were helpful as well as the real-world warnings. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

26 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
What guidelines can you follow when publishing information on the Internet? View the Internet as a novel, not a diary Make sure you are comfortable with anyone seeing the information you put online. Expect that people you have never met will find your page; even if you are keeping an online journal or blog, write it with the expectation that it is available for public consumption. Some sites may use passwords or other security restrictions to protect the information, but these methods are not usually used for most websites. If you want the information to be private or restricted to a small, select group of people, the Internet is probably not the best forum. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

27 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
What guidelines can you follow when publishing information on the Internet? Be careful what you advertise In the past, it was difficult to find information about people other than their phone numbers or address. Now, an increasing amount of personal information is available online, especially because people are creating personal web pages with information about themselves. When deciding how much information to reveal, realize that you are broadcasting it to the world. Supplying your address may increase the amount of spam you receive (see Reducing Spam for more information). Providing details about your hobbies, your job, your family and friends, and your past may give attackers enough information to perform a successful social engineering attack (see Avoiding Social Engineering and Phishing Attacks for more information). Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

28 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
What guidelines can you follow when publishing information on the Internet? Realize that you can't take it back Once you publish something online, it is available to other people and to search engines. You can change or remove information after something has been published, but it is possible that someone has already seen the original version. Even if you try to remove the page(s) from the Internet, someone may have saved a copy of the page or used excerpts in another source. Some search engines "cache" copies of web pages; these cached copies may be available after a web page has been deleted or altered. Some web browsers may also maintain a cache of the web pages a user has visited, so the original version may be stored in a temporary file on the user's computer. Think about these implications before publishing information—once something is out there, you can't guarantee that you can completely remove it. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

29 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Objective 3: Overview Shields Up! Discuss the important steps to keep a system secure List the different software needed to keep your system secure List the different hardware needed to keep your system secure Discuss why it is important to keep the OS up-to-date Key Terms Antispyware software Antivirus program Firewall NAT This objective discusses the various software and hardware needed to keep your system secure. Router Security suite SSID Wireless encryption Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

30 How to Protect Your Computer Software
Firewall Blocks access to individual machine Included with Windows Antivirus programs Protect against viruses, Trojans, worms, spyware Antispyware software Prevents adware and spyware from installing Security suites Packages of security software Combination of features A firewall is designed to block unauthorized access to your network, but a software firewall blocks access to an individual machine. Windows monitors incoming and outgoing network requests and protects you from local network threats as well as those from the Internet. Antivirus programs protect against viruses, Trojans, worms, and even some spyware. Antispyware software prevents adware and spyware software from installing itself on your computer. Security suites are packages of security software that include a combination of features. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

31 How to Protect Your Computer Hardware
Router Connects two or more networks together Acts like firewall Network address translation (NAT) Security feature of a router Shields devices on private network (home) from public network (Internet) At home you should use a router, a device that connects two or more networks together. The router acts like a firewall, as it prevents unauthorized access to your network. A router can be customized to allow certain applications through, especially if you like to play online games. Network address translation (NAT) is another security feature of a router. A NAT shields devices on a private network (home) from the public network (Internet). The devices inside your network can communicate with each other directly, but any outside communication must go through the router. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

32 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Wireless Security Router setup utility Change the SSID Enable and configure wireless encryption Adds security to network by encrypting transmitted data Wireless routers have security features which protect your network and provide a wireless access point to your network. Wireless can be a potential security risk if it’s not properly secured. Use the router setup utility to change the SSID (service set identifier), or wireless network name, and enable and configure wireless encryption. Wireless encryption adds security to a wireless network by encrypting transmitted data. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

33 How to Protect Your Computer Operating System
Most important piece of security software Keep patched and up-to-date The operating system is the most important piece of security software. It is best to keep it patched and up-to-date. By default, Windows and OS X computers are configured to automatically install updates. Users need to be proactive and diligent in protecting their computer systems. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

34 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Use the Internet to find out what might happen if you use the Windows firewall and another firewall at the same time. Use the Internet to find out what might happen if you use the Windows firewall and another firewall at the same time. Answers may vary, but might look something like this: I found the following information on the Microsoft Windows FAQs page: Can I use more than one firewall on my computer? Yes, but running more than one firewall program at the same time could cause conflicts. It's best to just use one firewall program. If I have a router with a built-in firewall, should I also turn on Windows Firewall? Yes, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network, your router-based firewall won't be able to prevent the spread of the worm. However, a firewall running on each computer on your network can help control the spread of worms. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

35 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Firewall Conflicts Can I use more than one firewall on my computer? Yes, but running more than one firewall program at the same time could cause conflicts. It's best to just use one firewall program. If I have a router with a built-in firewall, should I also turn on Windows Firewall? Yes, because router-based firewalls only provide protection from computers on the Internet, not from computers on your home network. For example, if a mobile computer or guest computer connects to some other network, becomes infected with a computer worm, and then connects to your home network, your router-based firewall won't be able to prevent the spread of the worm. However, a firewall running on each computer on your network can help control the spread of worms. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

36 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Objective 4: Overview An Ounce of Prevention Is Worth a Pound of Cure Discuss why practicing safe computing is critical to protecting your system and your personal information Discuss strong passwords and encryption Discuss the importance of an acceptable use policy Key Terms Acceptable use policy (AUP) Ciphertext Encryption User Account Control (UAC) This objective discusses why practicing safe computing is critical to protecting your system and your personal information. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

37 Safe Computing User Accounts
Standard Administrator Guest User Account Control notifies you before changes are made to computer Do not turn this feature off Always read message before clicking Yes Malware tricks users into clicking fake Windows notifications There are three types of user accounts: Standard, Administrator, and Guest. User Account Control (UAC) will notify you before changes are made to your computer. Do not turn the UAC feature off and remember to always read the message before clicking Yes. Malware can trick users into clicking fake Windows notifications. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

38 Safe Computing Passwords
At least eight characters At least one number Use special characters Mix uppercase and lowercase letters Use different passwords for different accounts Use difficult passwords for banks and credit cards Change default passwords Change passwords on regular basis Do not use words found in dictionary Do not use personal identifiers Do not write passwords down There are many rules to use when creating strong passwords. Follow these guidelines for creating passwords to ensure safe computing: Use at least eight characters Use at least one number If allowed, use special characters Mix uppercase and lowercase letters Use different passwords for different accounts Use difficult passwords for banks and credit cards Change default passwords Change passwords on regular basis Do not use words found in dictionary Do not use personal identifiers Do not write them down Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

39 Safe Computing Encryption
https Padlock Encryption converts unencrypted, plain text into code called ciphertext. To read encrypted information you must have a key to decrypt it. You also need to be sure it is a secure website. You can for check this by confirming that https occurs in the URL and there is a padlock in the address bar. Encryption converts plain text into ciphertext Must have a key to decrypt it Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

40 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
File Encryption File and drive encryption Secure data in files Windows includes Encrypting File System Enables encryption of individual files OS X has FileVault Encrypts contents of hard disk File and drive encryption secure the data in your files. Windows includes Encrypting File System (EFS), which enables you to encrypt individual files. OS X has a similar feature called FileVault. FileVault, when turned on encrypts the contents of your hard disk. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

41 Safe Computing Acceptable Use Policies
Common in businesses and schools Rules for computer and network users Depend on: Type of business Type of information Force users to practice safe computing Many businesses and schools have an acceptable use policy (AUP) by which computer and network users must abide. Restrictions depend on the type of business and type of information you need access to. Although these policies can be restrictive and annoying, they force users to practice safe computing. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

42 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Visit staysafeonline.org/teach-online-safety/higher-education/ and read the Internet Higher Education tips and the STOP.THINK.CONNECT. tips and advice sheet. Visit staysafeonline.org/teach-online-safety/higher-education/ and read the Internet Higher Education tips and the STOP. THINK.CONNECT. tips and advice sheet. Use this advice to craft an AUP for your college classmates. Answers will vary, but might should include information on the following: Requirements for keeping computers updated How to protect personal information How to connect to school networks Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

43 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Objective 5: Overview The Law Is on Your Side Discuss the responsibility of the Internet Crime Complaint Center (IC3) Discuss current laws in place to protect users on the Internet Key Term Internet Crime Complaint Center (IC3) This objective discusses the laws related to computer security and privacy. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

44 Laws, Security, and Privacy
No single authority responsible for investigating cybercrime Internet Crime Complaint Center (IC3) Place for victims to report cybercrimes ic3.gov Reports processed and forwarded to appropriate agency Agencies include: FBI Secret Service Immigration and Customs Postal Inspection Service ATF Because crimes are varied, there is no single authority responsible for investigating cybercrime. The Internet Crime Complaint Center (IC3) is a place for victims to report cybercrimes. At its website, ic3.gov, a report is processed and forwarded to the appropriate agency. Agencies include the FBI, U.S. Secret Service, U.S. Immigration and Customs, U.S. Postal Inspection Service, and the Bureau of Alcohol, Tobacco, Firearms, and Explosives (ATF). Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

45 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Current Laws Computer Fraud and Abuse Act Makes it a crime to access classified information Passed in 1986, amendments between 1988 and 2002 added additional cybercrimes USA Patriot Antiterrorism Legislation (2001) Cyber Security Enhancement Act (2002) Provisions for fighting cybercrime Convention on Cybercrime Treaty Drafted by Council of Europe Signed by over 40 countries In 1986 the Computer Fraud and Abuse Act was passed, making it a crime to access classified information. There were several amendments between 1988 and 2002 that added additional cybercrimes. The USA Patriot Antiterrorism Legislation in 2001 and Cyber Security Enhancement Act in 2002 also include provisions for fighting cybercrime. Countries around the world have been trying to create a united system. The Council of Europe drafted the Convention on Cybercrime Treaty. It has been signed by over 40 countries including the United States, Canada, and Japan. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

46 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
As of this writing, the Cybersecurity Enhancement Act of 2010 was still being debated. What is the status of this act? Have there been any other cybercrime laws passed since then? As of this writing, the Cybersecurity Enhancement Act of 2010 was still being debated. What is the status of this act? Have there been any other cybercrime laws passed since then? Answers may vary, but might look something like this: There's a 2013 version of this act: Referred to a Senate committee on Science, and Technology. Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall <#>

47 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
Cybersecurity Enhancement Act of 2013: https://www.govtrack.us/congress/bills/113/hr756 Referred to a Senate committee on Science, Space, and Technology Passed House of Representatives Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall

48 Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Copyright © 2014 Pearson Education, Inc.   Publishing as Prentice Hall Visualizing Technology Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall


Download ppt "Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall"

Similar presentations


Ads by Google