IT Social & Professional Issues Lecture 2

Questions and Answers

What is cybersecurity?

The protection of internet-connected systems from threats (correct)

The practice of malicious hacking

The management of data privacy

A type of social engineering

What is social engineering?

A broad range of malicious activities accomplished through human interactions.

Phishing is a type of social engineering.

True

What does SMiShing involve?

Phishing that uses mobile phones as the attack platform.

Ransomware allows access to a computer system until a payment is made.

True

Ransomware examples include WannaCry, NotPetya, and _____ .

Locky

What is cryptojacking?

Using target's computing resources to mine cryptocurrencies

What is spyware?

Malicious software installed without consent to access personal information.

Which of the following is a way to protect your data privacy?

Secure your accounts

Study Notes

Introduction to Data & Information Security

• Acknowledge potential interception of information during online interactions.
• Cybersecurity is crucial for protecting systems from cyber threats.

Cybersecurity Overview

• Definition: Protection of internet-connected systems (hardware, software, data).
• Sources of data include:
  • Call data records from mobile phones.
  • Social networks (Facebook, Twitter, Instagram).
  • GPS data from mobile devices and photos.
  • License plate and congestion charge camera data.
  • Financial transactions (credit/debit cards, PayPal, ATM).
  • Airline passenger and loyalty program records.
  • User identification and device details (MAC address, IP address).
  • Loyalty cards, shipping info, and passport scanners.

Social Engineering

• Definition: Malicious activities through human interactions and psychological manipulation.
• Techniques can lead to security mistakes and disclose sensitive information.

Phishing Types

• Phishing: Fraudulent messages aimed at revealing sensitive information or deploying malware.
• Smishing: Phishing via mobile devices, targeting personal data such as bank information.
• Vishing: Phishing through phone calls, seeking personal information via direct interaction or voicemails.

Protection Strategies

• Education on cybersecurity practices.
• Verify sources before sharing information.
• Maintain caution during online engagements.

Malicious Software

• Ransomware: Blocks access to systems until a ransom is paid.
  • Notable examples:
    • WannaCry (2017)
    • NotPetya (2017)
    • Locky (2016)
    • Cryptolocker (2013)
    • Ryuk (2018)
    • Sodinokibi (REvil) (2019)
    • DoppelPaymer (2019)
    • Maze (2019)
    • DarkSide (2020)
    • Medusa (2023)

Other Malware Types

• Cryptomining Malware/Cryptojacking: Uses target’s resources to mine cryptocurrencies.
• Spyware Viruses: Collect personal information without consent and relay it to unauthorized parties.

Internet Data Privacy

• Refers to individual's privacy protection while online.
• Strategies to enhance data privacy include:
  • Securing accounts.
  • Protecting web browsing activities.
  • Utilizing antivirus software.

Description

This quiz covers key concepts from Lecture 2 of IT Social and Professional Issues, focusing on data and information security. It explores the fundamentals of cybersecurity and the various threats posed to internet-connected systems. Test your understanding of the measures required to protect hardware, software, and data from cyberattacks.