Student Book Pages 178-180
The main security threats
A threat is any action that could potentially harm your computer. There are two types:
- Physical threats, which are capable of damaging your system’s hardware.
- Logical threats, which attack software, partially or completely damaging a programme, an application or the operating system.
Threats may come from anywhere, as long as a computer is interacting with another system.
The most common threat is an attack from the Internet, but shared use of flash drives and other computers could also be a source of infection.
In the case of threats from the Internet, they often occur because malware finds a security gap, called vulnerability, in the user’s system.
The most common cases when we are connected to the Internet are:
- Accessing a malicious webpage that finds a vulnerability in our system.
- Opening infected files received through email.
- Files received from instant messaging services.
- Accessing a P2P network to download music and multimedia, or share content on our hard disk, etc.
Activity 1: How you can protect the data stored on your USB flash drive.
USB memories can be formatted in order to block them, so that it is not possible to write on them, only to read them. By doing this, one prevents a USB flash drive from being infected by malware.
Activiy 2: In the diagram you can see that keylogger programmes are a type of malware. What do they consist of? What is the threat of these programmes?
They are programs that are used to detect texts written on computer keyboards and are used as a certain type of espionage to obtain numbers of access keys or passwords of certain websites, such as those of banks, financial entities, specific web pages, etc.
Activiy 3: What is the difference between pharming and phishing? Both are threats that consist of fraud, but what are their main differences?
Both are techniques of identity theft with which a cyber-criminal can gain access to our bank account, for example. In the case of phishing, it is normally done through an email warning about a problem in an account so that the user will provide an access address by clicking on a link, accessing a fake website that steals their data.
In the case of pharming, criminals have hacked the original website, substituting it with a false one, and redirecting the client’s access. This is more dangerous because you have no reason to think that a link you normally use could take you to a false website.
Security software: Antivirus and antimalware
The security measures to avoid or prevent a threat differ according to the type of attack. We can differentiate between two types of measures:
- Passive security measures, which are activated after an attack.
- Active measures, through which an attack is prevented.
With regard to the first group of measures, the idea is to essentially avoid losing information once the system has been infected and returning the system to its normal functional state.
The preventative actions to consider are:
- Making backup copies of the system and important software.
- Creating a disk image.
- Storing data on external hard drive or in the cloud.
- Once infected, occasional scanning of the system disks using installed and updated antivirus or an online antivirus.
On the other hand, active security measures involve the use of antimalware tools on a regular basis such as antivirus, antispyware, filters, firewalls, etc.
Antivirus programs
These must be constantly updated.
All antivirus programs have the option to automatically connect to their database sources.
An antivirus that is not updated does not do much to protect your computer because viral software programmers are constantly modifying and improving viruses to greater and more harmful degrees.
Either way, sometimes it is impossible to prevent infection, but maintaining a preventive and prudent attitude towards unknown or suspicious webpages can help avoid problems with viruses.
Antispyware software
Spyware programs try to access systems silently, without the user detecting them. The only way to detect them is to have antispyware working continuously.
The majority of the large antivirus firms, such as the AVG company, incorporate add-ons, which are called security suites, into their antivirus to combat spyware in products. However, you can also find antispyware for free, such as SpywareBlaster, SpyBot Search and Destroy or Spyware Terminator.
Web filtering software
A web filter, also called content control software, is a type of program designed to limit access to websites from the computer’s browser.
There are two ways to restrict access, either by whitelists that include the websites to which access is allowed, or blacklists, in which there is a list of criteria limiting access and which are restricted.
When you write the address of a webpage, the filter launches a series of searches to compare content on the Web with the words or expressions in the filter, and it decides whether or not to block access or allow it.
Web content control can be implemented by parents, employers, schools, public libraries, governments, etc. Their aim is to prevent access to pornographic or gambling websites or those with political or religious content or to protect the computer or the network from malware.
Firewall activation
A firewall is a means to block or filter incoming or outgoing traffic for a computer that is connected to a network.
This block, or filter, is specifically programmed to preserve the software of a computer and to avoid intrusions from unwelcomed users that could be other users of our own computer network or hackers that attack externally.
Individual Work. Understand, think, search.
Search the Internet for information that will allow you to answer the following questionnaire.
Important: You have One session to finish the activity.
Important: You have One session to finish the activity.
