tia12e_ch09 copy.pptx

Full Transcript

Technology
in Action
Alan Evans • Kendall Martin
Mary Anne Poatsy
Twelfth Edition
Global Edition

Technology in Action
Chapter 9
Securing Your System:
Protecting Your Digital Data and Devices

Major Threats to Your
Digital Assets
• Cybercrime and Identity Theft
• Protecting Yourself from Computer
Viruses
• Protecting Digital Assets from Hackers
Copyright © 2016 Pearson Education, Ltd.

9-3

Cybercrime and Identity Theft
Objective
1. What is cybercrime, and who perpetrates it?

Copyright © 2016 Pearson Education, Ltd.

9-4

Protecting Yourself from
Computer Viruses
Objectives
2. What are the types of viruses from which I
need to protect my computer?
3. What can I do to protect my computer from
viruses?

Copyright © 2016 Pearson Education, Ltd.

9-5

Protecting Digital Assets
from Hackers
Objectives
4. How can hackers attack my computing
devices, and what harm can they cause?
5. What is a firewall, and how does it keep my
computer safe from hackers?
6. How do I create secure passwords and
manage all of my passwords?
7. How can I surf the Internet anonymously and
use biometric authentication devices to
protect my data?
Copyright © 2016 Pearson Education, Ltd.
9-6

Cybercrime and Identity Theft
• Cybercrime
any criminal action perpetrated primarily
through the use of a computer.

• Cybercriminals
individuals who use computers, networks,
and the Internet to perpetrate crime

Copyright © 2016 Pearson Education, Ltd.

9-7

Cybercrime and Identity Theft
• Common types of cybercrimes:
FBI-Related (pretend to be FBI agent)
Non-Delivery (sells things that do not
exist)
Identity theft (stealing bank’s data:
Acct#, CC#, name, dob, address,
etc.)…most concerning
Advanced fee (ask for advance fee
for larger payment in return)
Hacking
Copyright © 2016 Pearson Education, Ltd.

9-8

Computer Viruses
• A virus is a computer program that attaches itself to
another computer program(s)
• Not limited to computers
Smartphones, tablets

• Viruses require human interaction to spread
• Main purpose (theft & damage)
• Secondary objectives (network jam)
• Sources of virus infection:
downloading videos, audios from unreliable sites
opening email attachments from unknown sources
Copyright © 2016 Pearson Education, Ltd.

9-9

Computer Viruses
Major Categories of Viruses based on their
behavior and method of transmission

Copyright © 2016 Pearson Education, Ltd.

9-10

Major Categories of Viruses
 Boot-Sector Virus
 Replicates itself onto drive’s boot record
 Executes when a computers boots up
 Virus is loaded to memory immediately, even before
anti-virus protection can load

 Logic Bomb Virus
 Triggered when certain logic is met, such as opening
a file or starting a program a certain number of times

 Time Bomb Virus
 Triggered when certain day and time is reached (e.g.
April 1st)
Copyright © 2016 Pearson Education, Ltd.

9-11

Major Categories of Viruses
 Worms
 Don’t require humane interaction like opening a
attachment or a program (unlike a virus)
 Use transport methods like e-mail, network
connection to transmit
 Much more active in spreading itself
 Spread on their own
 Can even attack peripherals, such as a router
 Can generate a lot of data traffic and slows
internet
Copyright © 2016 Pearson Education, Ltd.

9-12

Major Categories of Viruses
 E-Mail Virus
 Uses address book (contact address) in the
victim’s system to spread
 Triggered by opening an infected attachment

 Encryption Viruses
 Also known as ransomware
 Encrypts common file types such a word
document and make it unusable
 Sends a message asking to send payment to
decrypt the document
Copyright © 2016 Pearson Education, Ltd.

9-13

Computer Viruses
Additional Virus Classifications

• Classified by methods used to avoid
detection
Polymorphic viruses
• Periodically changes its code

Multipartite viruses
• Infects multiple file types

Stealth viruses
• Hide in active memory when hard drive is scanned
for viruses. Luckily, now memory is also scanned
Copyright © 2016 Pearson Education, Ltd.

9-14

Virus Symptoms
How can I tell if my computer is
infected ???
Refer to Page 382 of your text book

Copyright © 2016 Pearson Education, Ltd.

9-15

Preventing Virus Infections
• Antivirus software
Detects viruses and protects your computer

• Popular programs
Windows defender
Symantec
Kaspersky
AVG
McAfee
Copyright © 2016 Pearson Education, Ltd.

9-16

Preventing Virus Infections
• Antivirus software
Must keep your antivirus software up to date
To detect new virus, antivirus searches for
suspicious virus-like activities

• Background antivirus run
When CPU is not busy
When you are asleep

Copyright © 2016 Pearson Education, Ltd.

9-17

Understanding Hackers
• Hacker is anyone who unlawfully
breaks into a computer system
• Types of hackers
White-hat or ethical hackers
 Find vulnerabilities so they can fix them for
money (Non-malicious)

Black-hat hackers
 Destroy info for illegal gain

Grey-hat hackers
 Crossover between the 2

Copyright © 2016 Pearson Education, Ltd.

9-18

Understanding Hackers
Trojan Horses and Rootkits
• Trojan Horses
Appears to be something useful or desirable
Installs backdoor programs / Rootkits
Takes almost control of your computer without
your knowledge:
• Send email
• Run programs
• Delete files
• Do anything else you can do in your computer

A computer that a hacker controls is referred to
as Zombies
Copyright © 2016 Pearson Education, Ltd.

9-19

Understanding Hackers
Denial-of-Service Attacks
• Use Zombies
• Overload system by generating maybe
millions of requests
• Legitimate users are denied access to a
computer system
• System shuts down
• Distributed denial-of-service (DDoS)
attacks (multiple computers used as
Zombies)
Copyright © 2016 Pearson Education, Ltd.

9-20

Understanding Hackers
Logical & Physical Ports
 Logical Ports:
Virtual communication gateways that allow a computer
requests for information, such as email, web page
downloads, internet access.

• Physical Ports:
You can see and touch, such as USB
Part of computer internal organization

See page 389 (Figure 9.11) for logical ports hackers
can exploit to attack your system
Copyright © 2016 Pearson Education, Ltd.

9-21

Restricting Access to Your Digital
Assets
• Firewall

Firewalls

Hardware or Software
You can use to close open
logical ports
Can make your computer
invisible to others

• Windows and OS X include
reliable firewalls
• Security suites include firewall
software
Copyright © 2016 Pearson Education, Ltd.

9-22

Restricting Access to Your Digital
Assets
Creating Passwords
• Need strong passwords
• Password strength tests (use passwordmeter.com)
• Operating systems have built-in password
protection for file and entire desktop

Copyright © 2016 Pearson Education, Ltd.

9-23

Restricting Access to Your Digital
Assets
Biometric Authentication Devices
• Fingerprint
• Iris pattern in eye
• Voice authentication
• Face pattern recognition
• Provide high level of
security (unique)

Copyright © 2016 Pearson Education, Ltd.

9-24

Protecting Your Digital
Property from Yourself
• Managing Online Annoyances
• Keeping Your Data Safe
• Protecting Your Physical
Computing Assets

Copyright © 2016 Pearson Education, Ltd.

9-25

Managing Online Annoyances
Objective
8. How do I manage online annoyances such
as spyware and spam?

Copyright © 2016 Pearson Education, Ltd.

9-26

Keeping Your Data Safe
Objectives
9. What data do I need to back up, and what
are the best methods for doing so?
10.What is social engineering, and how do I
avoid falling prey to phishing?

Copyright © 2016 Pearson Education, Ltd.

9-27

Protecting Your Physical
Computing Assets
Objective
11.How do I protect my physical computing
assets from environmental hazards, power
surges, and theft?

Copyright © 2016 Pearson Education, Ltd.

9-28

Managing Online Annoyances
Malware: Adware and Spyware
• Not destructive, but annoying
• Come with free games or utility programs
• Spyware
Runs in the background
Transmits your information (surfing habits for marketing)
Tracking cookies (small text file to collect your information)
Keystroke logger (monitors key strokes for steeling PW)

• Windows Defender
Scans for spyware

• Recommended to installs one or two additional standalone
anti-spyware programs
• Many antispyware packages are available
Copyright © 2016 Pearson Education, Ltd.

9-29

Managing Online Annoyances
Malware: Adware and Spyware
• Adware
Advertisements as a pop-up box
Means of generating revenue
Web browsers have built-in pop-up blockers
Some pop-ups can
be useful

Copyright © 2016 Pearson Education, Ltd.

9-30

Managing Online Annoyances
Spam
• Spam—junk e-mail
• Spim—unwanted instant messages
• Tactics to minimize spam
Spam filter
Create email only for on-line purchases

Copyright © 2016 Pearson Education, Ltd.

9-31

Keeping Your Data Safe
Backing Up Your Data
• How might I lose data?
Unauthorized access
Tampering (deleting by
accident)
Destruction (dropping
laptop, fire)

• Backups
Incremental
Image (System)
Copyright © 2016 Pearson Education, Ltd.

9-32

Social Engineering
Phishing and Pharming

• Social Engineering

Techniques that uses social skills to convince people to reveal sensitive
info
Uses phone calls as a means
Uses Pretexting to attract attention of their victims

• Phishing (uses Pretexting)
Luring people into revealing sensitive information (credit card, SSN, Bank
Account, DoB)

• Pharming
Malicious code planted on
your computer that can
redirect your search to illegal
site to collect sensitive info

• Guidelines to avoid schemes (see page 411)
Copyright © 2016 Pearson Education, Ltd.

9-33

Social Engineering
Scareware
• Type of malware
• Attempts to convince
you that your computer
is infected then directs
you to a website where
you can buy fake
removal or antivirus
tools
• Never click on buttons
or links
Copyright © 2016 Pearson Education, Ltd.

9-34

Protecting Your Physical Computing Assets
Power Surges
• Power surges (excess of voltage)
Old or faulty wiring
Lightning strikes
Malfunctions at electric company substations

• Surge protector
Replace every 2–3 years
Replace if light indicator illuminates
Use with all devices that have solid-state
components (TV, stereos, printers, smartphone, etc.)
Copyright © 2016 Pearson Education, Ltd.

9-35

Protecting Your Physical Computing Assets
Deterring Theft
• Keeping devices safe
Free software such as LAlarm (lalarm.com) for
laptops that detects movement
Software to track location if stolen

• Keeping mobile data safe (if stolen)
Encryption software that requires a password to read
your data
See Figure 9.38 page 416 for computer security
checklist
Copyright © 2016 Pearson Education, Ltd.

9-36

Check Your Understanding
1. What is cybercrime, and who perpetrates
it?
2. What are the types of viruses from which
I need to protect my computer?
3. What can I do to protect my computer
from viruses?
4. How can hackers attack my computing
devices, and what harm can they cause?
Copyright © 2016 Pearson Education, Ltd.

9-37

Check Your Understanding
5. What is a firewall, and how does it keep
my computer safe from hackers?
6. How do I create secure passwords and
manage all of my passwords?
7. How can I surf the Internet anonymously
and use biometric authentication devices
to protect my data?
8. How do I manage online annoyances such
as spyware and spam?
Copyright © 2016 Pearson Education, Ltd.

9-38

Check Your Understanding
9. What data do I need to back up, and what
are the best methods for doing so?
10.What is social engineering, and how do I
avoid falling prey to phishing?
11.How do I protect my physical computing
assets from environmental hazards,
power surges, and theft?
Copyright © 2016 Pearson Education, Ltd.

9-39

All rights reserved. No part of this publication may be reproduced, stored in a
retrieval system, or transmitted, in any form or by any means, electronic,
mechanical, photocopying, recording, or otherwise, without the prior written
permission of the publisher.

Copyright © 2016 Pearson Education, Ltd.