Chapter 6.9 - Cybersecurity
Time Estimate: 45 minutes
6.9.1. Introduction and Goals
Cybersecurity is one of the fastest growing IT fields. It is essential to every organization to keep their computer systems and data safe.
Passwords are currently the primary way to protect devices and information from unauthorized access. A strong password is something that is easy for a user to remember but would be difficult for someone else to guess based on knowledge of that user. In Unit 5, we saw that it is very difficult to guess a long complex password (which can be tested in sites such as https://www.security.org/how-secure-is-my-password/). Luckily, brute-force password cracking algorithms take exponential time. However, passwords can also be compromised (stolen) through phishing attacks and data breaches.
Learning Objectives: I will learn to
describe various threats to cybersecurity
explain the shortcomings of relying on passwords to protect devices and digital information
describe ways to combat malware and other cybersecurity attacks
Language Objectives: I will be able to
use target vocabulary, such as virus, worm, Trojan horse, and phishing while describing app features and User Interface with the support of concept definitions and vocabulary notes from this lesson
6.9.2. Learning Activities
MultiFactor Authentication
Many organizations now use two-factor authentication (2FA) or multi-factor authentication (MFA) which asks for additional authentication in addition to the password, just in case the password gets compromised. Users are asked to present several separate pieces of evidence such as:
Something You Know: for example your password or the answers to security questions that you have set up
Something You Have: for example a code texted to the your phone or a USB security token
Something You Are: for example biometrics such as fingerprints or face recognition
Multi-factor authentication (MFA) requires at least two steps to unlock protected information. Each step adds a new layer of security that must be broken to gain unauthorized access. Watch the following video on multi-factor authentication:
Activity: 6.9.2.1 YouTube (0mvCeNsTa1g)
Biometric Authentication: uses unique physical characteristics such as fingerprints for identification.
Discuss with your class: What different types of biometric authentication have you seen in real life or in movies?
Biometrics became popular with fingerprint scanners, and now facial recognition technology has exploded in use for biometric authentication and surveillance. However, the problem with static biometrics like fingerprints is that if it is compromised (stolen), you can’t change your face or fingerprint to a new one. Dynamic biometrics like heartbeats or behavioral biometrics like walking gaits are more difficult to hack. Watch the following video on biometric authentication:
Activity: 6.9.2.2 YouTube (88Rjg8gM_DI)
Malware
Malware which stands for MALicious softWARE is software intended to damage a computing system or to take partial control over its operation. A computer virus is a type of malware that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer.
Discuss with your class: Have you ever had a virus on your computer? What happened and how did you get rid of it?
Watch the following video about malware:
Activity: 6.9.2.3 YouTube (XU8PHihT_P4)
Malware can spread by email attachments, downloading from sites that are not reputable, network connections from infected computers, and copying infected files from computer to computer on portable memory. So don’t click or open anything where you don’t know the source. A computer that is infected may stop working, display strange messages, delete files, be controlled by others, steal personal information and infect other computers. Recent ransomware attacks encrypt and lock computer systems until a ransom is paid.
Computer virus and malware scanning software can protect a computing system against infection. Many operating systems like Windows come with their own free malware scanners like Windows Defender. It is very important to auto-update the malware scanning software with newly discovered malware signatures. Explore the malware scanner on your computer. Regular software updates help to fix errors that would compromise a computing system. All real-world systems have errors or design flaws that can be exploited.
Unauthorized Access
Criminals can gain unauthorized access to computing systems in many ways by exploiting the users and the staff of the system. They can gain access through malware or by stealing or cracking passwords or hacking in through unprotected areas.
Phishing is a common technique that is used to trick a user into providing personal information usually through email. That personal information can then be used to access sensitive online resources, such as bank accounts and emails. A malicious phishing or malware link can be disguised on a web page or in an email message. Watch the following video on phishing.
Activity: 6.9.2.4 YouTube (qkzAveeAuts)
Another technique for capturing passwords is keylogging software which secretly records every keystroke made by a computer user. This can be used to gain fraudulent access to passwords and other confidential information. Keyloggers can be installed through malware or hacking. Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised. Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.
Unencrypted information sent over public networks can also be compromised. Data sent over public networks can be intercepted, analyzed and modified. One way that this can happen is through a rogue access point. A rogue access point is a wireless access point that gives unauthorized access to secure networks. Network and system administrators protect their networks with firewalls which provide a barrier to attacks and scan their networks with network analyzers to prevent unauthorized access.
Investigate
Select one or more of the following activities to complete after watching and discussing the videos.
Can you spot when you’re being phished? Do the Phishing Quiz with Google working in pairs. See how many you get right. Answer the following questions in your portfolio: a. Post a screenshot of your summary page. b. What did you find to be the most challenging phishing technique to spot?
In pairs, investigate this map (click on a country and more details or statistics) and securelist.com/statistics which shows the current week’s infections and attacks. Answer the following questions in your portfolio: a. What are the top 3 attacked countries? What country has the highest rate of infections? b. What is the top infection (virus) currently?
Investigate a famous or recent malware, hacking, or security breach incident. Answer the following questions in your portfolio: a. Who was involved in the incident? b. What happened in the incident? c. When did the incident occur? d. Where did the incident occur? e. How did the incident happen? f. What were the consequences of the incident?
(Optional) Activity: Watch and Discuss
Before watching the video below, discuss the following with your classmates:
What types of security protections do cell phones have?
Do most people you know use a password on their phones?
In what instances might the government want information from an individual’s cell phone?
Do you view privacy as an individual right?
After watching the video, discuss the following questions with your classmates:
Why did a judge order Apple to create software that would unlock iPhones?
Do you think Apple should abide by the Court’s decision and unlock the mobile phone in the San Bernardino case? Explain.
Why are some security experts worried that unlocking the phone in the San Bernardino case will have greater repercussions regarding individual privacy rights?
Do you think it is the civic duty of a business to help law enforcement when it comes to solving criminal cases?
Activity: 6.9.2.5 YouTube (PtwF8E6iQGY)
6.9.3. Summary
In this lesson, you learned how to:
Learning Objective IOC-2.B: Explain how computing resources can be protected and can be misused.
Authentication measures protect devices and information from unauthorized access. Examples of authentication measures include strong passwords and multifactor authentication.
A strong password is something that is easy for a user to remember but would be difficult for someone else to guess based on knowledge of that user.
Multifactor authentication is a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism, typically in at least two of the following categories: knowledge (something they know); possession (something they have), and inherence (something they are).
Multifactor authentication requires at least two steps to unlock protected information; each step adds a new layer of security that must be broken to gain unauthorized access.
Computer virus and malware scanning software can help protect a computing system against infection.
A computer virus is a malicious program that can copy itself and gain access to a computer in an unauthorized way. Computer viruses often attach themselves to legitimate programs and start running independently on a computer.
Malware is software intended to damage a computing system or to take partial control over its operation.
All real-world systems have errors or design flaws that can be exploited to compromise them. Regular software updates help fix errors that could compromise a computing system.
Learning Objective IOC-2.C: Explain how unauthorized access to computing resources is gained.
Phishing is a technique that attempts to trick a user into providing personal information. That personal information can then be used to access sensitive online resources, such as bank accounts and emails.
Keylogging is the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information.
Data sent over public networks can be intercepted, analyzed, and modified. One way that this can happen is through a rogue access point.
A rogue access point is a wireless access point that gives unauthorized access to secure networks.
A malicious link can be disguised on a web page or in an email message.
Unsolicited emails, attachments, links, and forms in emails can be used to compromise the security of a computing system. These can come from unknown senders or from known senders whose security has been compromised.
Untrustworthy (often free) downloads from freeware or shareware sites can contain malware.
6.9.4. Still Curious
Try hacksplaining.com which describe hacking exploits and how to protect against them.
Try the PBS Cybersecurity Lab where you protect a business against attacks.
Try a Capture the Flag event where you solve computer security challenges to capture flags. A great one for beginners is picoctf.com designed for high school students. Here are some other resources.
More Cybersecurity lessons available at teachingsecurity.org
6.9.5. Self-Check
Here is a table of some of the technical terms discussed in this lesson. Hover over the terms to review the definitions.
strong password
multi-factor authentication (MFA)
biometrics
malware
virus
ransomware
phishing
keylogger
rogue access point
firewalls
Q-6: Which of the following would NOT count as 2FA in addition to entering a password?
A. Your fingerprint
B. Entering your password twice.
C. Entering a token that is sent to your phone
D. Entering a token that is emailed to you.
Q-7: Which of the following can you do to prevent against malware? Select all that apply.
A. Don't click or open anything from a source that you don't know or can't identify.
B. Run regular software updates.
C. Run malware scanning software.
D. Open an email attachment from an unknown sender.
Q-8: Unauthorized access to computing resources can be gained through which of the following? Select all that apply.
A. Phishing
B. A rogue access point
C. Keylogging
D. Data-logging
Q-9: AP 2021 Practice Question: A user purchased a new smart home device with embedded software and connected the device to a home network. The user then registered the devicewith the manufacturer, setting up an account using a personal e-mail andpassword. Which of the following explains how a phishing attack could occuragainst the user of the smart home device?
A. The user is sent an e-mail appearing to be from the manufacturer, asking the user to confirm the account password by clicking on a link in the e-mail and entering the password on the resulting page.
B. The user’s account is sent an overwhelming number of messages in an attempt to disrupt service on the user’s home network.
C. A vulnerability in the device’s software is exploited to gain unauthorized access to other devices on the user’s home network.
D. A vulnerability in the device’s software is exploited to install software that reveals the user’s password to an unauthorized individual.
Q-10:
AP 2021 Sample Question: A Web site uses several strategies to prevent unauthorized individuals from accessing user accounts. Which of the following is NOT an example of multifactor authentication?
A. When a user enters an incorrect password more than two times in a row, the user is locked out of the account for 24 hours.
B. After logging into an account from a new device, a user must enter a code that is sent via e-mail to the e-mail address on file with the account.
C. In order to log into an account, a user must provide both a password and a fingerprint that is captured using the user’s device.
D. Each employee for a company is issued a USB device that contains a unique token code. To log into a company computer, an employee must insert the USB device into the computer and provide a correct password.
6.9.6. Reflection: For Your Portfolio
Answer the following portfolio reflection questions as directed by your instructor. Questions are also available in this Google Doc where you may use File > Make a Copy to make your own editable copy.
(From Activity) Which activity did you complete? Record your answers/results from the activity you completed.
Describe the benefits of multifactor authentication.
Describe at least two ways that someone might gain unauthorized access to a network or an individual’s information.
Portfolio Reflection Questions
Make a copy of this document in your Portfolio Assignments folder and answer these questions in the spaces below. Once complete, turn in this assignment according to the steps given by your teacher.
6.9 Cybersecurity Curriculum Page
Answer the following questions:
1. (From Activity) Which activity did you complete? Record your answers/results from the activity you completed.
Answer
2. Describe the benefits of multifactor authentication.
Answer
3. Describe at least two ways that someone might gain unauthorized access to a network or an individual’s information.
Answer
Last updated