powerpoint presentationcbafaculty.org/visualizing_technology/vt5e_ppt_ch10.pptx · ppt file · web...

PowerPoint Presentation to Accompany

Chapter 10

Security and Privacy

Copyright © 2017 Pearson Education, Inc. 2

Objectives

1. Recognize Different Types of Cybercrime2. Differentiate between Various Types of Malware3. Explain How to Secure a Computer4. Practice Safe Computing5. Discuss Laws Related to Computer Security and

Privacy


Recognize Different Types of Cybercrime

O b j e c t i v e 1


Cybercrime: They Are Out to Get YouPersonal Cybercrime

HarassmentCyberbullying: between two minorsCyber-harassment: between adultsCyber-stalking:• More serious in nature• Stalker demonstrates a pattern of harassment• Poses a credible threat of harm

O b j e c t i v e 1


Cybercrime: They Are Out to Get YouPersonal Cybercrime

Phishing Email messages and IMs Appears to be from someone with

whom you do businessDesigned to trick you into providing

usernames and passwordsPharming

Redirects you to a phony website even if you type the URL

Hijacks a company’s domain nameO b j e c t i v e 1

6

Cybercrime: They Are Out to Get YouSocial Network Attacks

Adware and other malwareSuspicious emails and notifications

Appear to be from a site administrator• Asking for your password• Threatening to suspend your account

Phishing and "Please send money" scams

Copyright © 2017 Pearson Education, Inc.O b j e c t i v e 1

7


ClickjackingClicking on a link allows this malware to post unwanted

links on your pageMalicious script scams

Copy and paste some text into your address barIt might execute a malicious script• Creates pages and events• Sends spam out to your friends




Fraud Schemes that convince you to give money or property to a

personShill bidding is fake bidding to drive up the price of an item

O b j e c t i v e 1

9


Identity theftThe use of your name, Social Security number, bank, or

credit cards for financial gainKeyloggers• Programs or devices that

capture what is typed


10

Cybercrime: They Are Out to Get YouCybercrime Against Organizations

HackingWhite-hat or “sneakers”• Attempt to find security holes in a system to prevent future

hackingBlack-hat or “cracker”• Malicious intent

Gray-hat• Illegal but not malicious intent


11

Cybercrime: They Are Out to Get YouCybercrime Against Organizations

HacktivismHacking to make a political statement

Data breachSensitive data is stolen or viewed by someone not

authorizedCyber-terrorism


12

Differentiate betweenVarious Types of Malware



Malware: Pick Your PoisonSpam and Cookies

Includes different types of programs designed to be harmful or maliciousSpamAdware and spywareVirusesWormsTrojan horsesRootkits

O b j e c t i v e 2


SpamSpamming is sending mass unsolicited emailsMessages are called spamOther forms:• Fax spam• IM spam• Text spam


O b j e c t i v e 2


CookiesInstalled without your

permissionHelp websites identify you

when you return• Track websites and pages

you visit to better target ads• May collect information you

don’t want to share


O b j e c t i v e 2


Malware: Pick Your PoisonAdware and Spyware

Adware Pop-ups or banner adsGenerate incomeUse CPU cycles and Internet bandwidthReduce PC performance

O b j e c t i v e 2


Malware: Pick Your PoisonAdware and Spyware

SpywareMalwareSecretly gathers personal informationUsually installed by accidentBrowser hijacker

O b j e c t i v e 2


Malware: Pick Your PoisonViruses, Worms, Trojans, and Rootkits

Virus - A program that replicates itself and infects computersNeeds a host fileMay use an email program to infect

other computersThe attack is called the payloadCheck to see if message is a hoax

O b j e c t i v e 2



Logic BombBehaves like a virus Performs malicious actDoes not replicateAttacks when certain conditions are met

Time BombA logic bomb with a trigger that is a specific time or date• April Fool’s Day• Friday the 13th

O b j e c t i v e 2



WormsSelf-replicatingDo not need a host to travelTravel over networks to infect other machinesConficker worm• First released in 2008• Reemerged in 2010 with new behaviors

O b j e c t i v e 2



BotnetNetwork of computer zombies or bots controlled by a master Fake security notificationsDenial-of-service attacks

• Cripples a server or network by sending out excessive trafficTrojan horse

Appears to be legitimate program Actually maliciousMight install adware, toolbar, keylogger, or open a backdoor

O b j e c t i v e 2

22


RansomwareMalware that prevents you from using your computer until

you pay a fine or feeBitcoin is an anonymous, digital, encrypted currency

RootkitSet of programs Allows someone to gain control over system Hides the fact that the computer has been compromisedNearly impossible to detect Masks behavior of other malware


23

Explain How to Secure a Computer



Shield’s UpSoftware

Drive-by downloadA visited website installs a program in the background

without your knowledgeFirewall

Hardware device that blocksaccess to your network

Software that blocks accessto an individual machine

O b j e c t i v e 3


Shield’s UpSoftware

Antivirus programProtects against viruses, Trojans, worms, spywareWindows 8 includes Windows Defender• An antispyware program that performs both real-time protection

and system scanningAntispyware software

Prevents adware and spyware from installingSecurity suite

Package of security softwareCombination of features

O b j e c t i v e 3


Shield’s UpHardware

RouterConnects two or more networks togetherHome router acts like firewall

Network address translation (NAT) Security feature of a router Shields devices on private network from public network

SSID (Service Set Identifier)Wireless network name

Wireless encryptionAdds security by encrypting transmitted dataWi-Fi Protected Setup (WPS) is one option

O b j e c t i v e 3


Shield’s UpOperating System

Most important piece ofsecurity software

Keep patched andup-to-date

O b j e c t i v e 3

28

Practice Safe Computing



An Ounce of Prevention is Worth a Pound of Cure

User AccountsThree user account types:

StandardAdministratorGuest

User Account Control (UAC) notifies you prior to changes made to your computer Do not turn this feature off Always read message before clicking Yes

Malware tricks users into clicking fake Windows notifications

O b j e c t i v e 4



Passwords

O b j e c t i v e 4



EncryptionConverts plain text into ciphertext

Must have a key to decrypt it

O b j e c t i v e 4



Safely Installing SoftwareCopies files to the computerAlters settings

O b j e c t i v e 4



Updating and Installing SoftwareProtect yourself from downloading problems

Only download from reliable sourcesZero-day exploit

Attack that occurs on the day an exploit is discovered before the publisher can fix it

BugsFlaws in the programming of softwarePatch or hotfixService pack

O b j e c t i v e 4



Acceptable Use Policies (AUP)Common in businesses and schools Rules for computer and network usersDepend on:

Type of business Type of information

Force users topractice safe computing

O b j e c t i v e 4


Discuss Laws Related toComputer Security and Privacy

O b j e c t i v e 5


No single authority responsible for investigating cybercrime

Internet Crime Complaint Center (IC3)Place for victims to report

cybercrimesic3.govReports processed and forwarded

to appropriate agency

The Law is on Your SideThe Enforcers

O b j e c t i v e 5

http://ic3.gov/


The Law is on Your SideCurrent Laws

Computer Fraud and Abuse ActMakes it a crime to access classified informationPassed in 1986; amendments between 1988 and 2002

added additional cybercrimesUSA Patriot Antiterrorism Legislation (2001) Cyber Security Enhancement Act (2002)

Provisions for fighting cybercrimeConvention on Cybercrime Treaty

Drafted by Council of EuropeSigned by more than 40 countries

O b j e c t i v e 5

39

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical,

photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America.

Copyright © 2017 Pearson Education, Inc.

powerpoint presentationcbafaculty.org/visualizing_technology/vt5e_ppt_ch10.pptx · ppt file · web...

Documents