Chapter 5

INTERNET AND ITS USES

Internet

The word "internet" comes from "INTERconnected Network." It's a huge global system
of linked networks. It uses real infrastructure to connect networks and devices around
the world.
World Wide Web

The World Wide Web (WWW) is a part of the internet you can reach with a web browser.
It's like a big collection of connected web pages. It works using something called HTTP,
which helps show information on the web. So, the WWW lets you find and view
information on web pages through the internet. In short, the Internet is a big network of
networks, while the World Wide Web is a part of the Internet that helps you look at web
pages. The internet is broader, including more than just the web. The World Wide Web
focuses on getting and showing information using web browsers.

Internet World Wide Web (www)

User can send and receive emails It is a collection of multimedia web

pages and other information on
websites
Allows online chatting http(s) protocols are written using
hypertext mark-up language (HTML)

Makes use of transmission protocols Uniform resource locators (URLs) are

(TCP) and internet protocol (IP) used to specify the location of web
pages
It is a worldwide collection of Web resources are accessed by web
interconnected networks and devices browser

Uses the internet to access

information from web servers

Web browser
Web browser are software applications that enable users to access and view web
pages on their devices. When a user requests a web page, the browser receives the
hypertext markup language (HTML) code from the website and interprets it to display

Page 1 of 31
the content on the user’s screen. To access a specific website, users enter a Uniform
Resource Locator (URL) into the browser's address bar. A URL follows a specific
format:

protocol://website address/path/file name

The protocol is typically either "http" or "https," which stands for Hypertext Transfer
Protocol and Hypertext Transfer Protocol Secure, respectively. It determines how data
is transmitted between the browser and the website.

The website address consists of several parts:

• Domain host (often "www"): This indicates the specific server where the website
is hosted.

• Domain name: It refers to the name of the website, such as "hoddereducation."

• Domain type: It represents the top-level domain (TLD), which can be ".com,"
".org," ".net," ".gov," or others, indicating the nature or purpose of the website.

• Country code (optional): Some websites include a country code as part of their
domain, like ".uk" for the United Kingdom, ".de" for Germany, or ".cy" for Cyprus.

The path refers to the specific location or directory within the website where the desired
web page is located. If the path is omitted, the browser assumes it as the root directory
of the website. The file name is the specific item or resource within the web page that the
user wants to access. In the provided example,

https://www.hoddereducation.co.uk/ict

The "ict" at the end represents a file or a section within the web page related to information
and communication technology. By understanding the structure of a URL, users can
navigate and access different websites and specific web pages using web browsers.

HTTP and HTTPS

When you move files on the internet, using security like SSL or TLS changes the start of the
URL to "https." The "s" means safe, making sure data is sent and received securely. A green
padlock in the browser shows it's a safe connection. "HTTPS" keeps information safe while it's
sent, stopping others from stealing or changing it. Always find "https" and the padlock when
dealing with private data online.

Page 2 of 31
Web Browsers

Web browsers are programs that show web pages on your device. They read website
code and show the result with videos, pictures, words, and sound. Browsers usually have:

• Home page: A page that opens when the browser starts or a new tab is made.

• Bookmarks: You can save favorite websites to open them quickly.

• History: Browsers remember websites you've visited, so you can go back to them.

• Moving around: You can go backward and forward on websites you opened.

• Tabs: You can open many pages at once and switch between them.

• Cookies: Browsers use cookies, small files on your device, to remember things or watch
what you do on websites.

• Links: Browsers use links to go to different websites. You can open links in a new
tab by pressing "Ctrl" and clicking, or in the same tab by clicking.

Getting Web Pages

HTML (Hyper Text Markup Language) is a way to show things on web browsers. Websites
use HTML and are on web servers, each with its special IP address. When your browser
wants a web page, it needs the website's IP address. The Domain Name Server (DNS)
helps here. It turns the website's name into its IP address. DNS uses lots of servers.
These servers keep lists of URLs and their matching IP addresses. Here's how DNS
works:

1. You type a URL (like www.hoddereducation.co.uk) in your browser.

2. The browser talks to a DNS server (Server 1) to find the website's IP address.
3. If Server 1 doesn't know the IP address, it asks another DNS server (Server 2).
4. Server 2 finds the IP address (like 107.162.140.19) and gives it to Server 1.
5. Server 1 remembers this for later.
6. The IP address goes back to your computer.
7. Your computer uses the IP address to talk to the website's server. It gets the web
pages (HTML files) you want.
8. The browser reads the HTML code, arranges the stuff, and shows you the web
page.

Here, DNS server 2 found the IP address in the DNS process. This makes it easy to visit
websites using names, without memorizing numbers.

Page 3 of 31
Cookies

Cookies are small files or snippets of code that are stored on a user's computer. They are
sent from a web server to the user's browser. When a user visits a website, the site checks
if it has previously set cookies on their browser. If cookies are found, the browser reads
them to retrieve key information about the user's preferences, language, currency, and
past browsing activity.

Cookies serve several purposes. They enable user tracking, allowing websites to
recognize and remember individual users. Cookies can store data related to a user's
preferences, enabling personalized experiences. For example, if a user purchases a book
online, cookies can remember the type of book selected. Subsequently, the website can
display recommendations like "Customers who bought Hodder IGCSE ICT also bought
Hodder IGCSE Computer Science."

There are two main types of cookies:

Session Cookies

Session cookies are like temporary helpers. They're here just while you're on a website.
Once you close your browser or leave the site, these cookies usually disappear. They're
handy to keep things smooth and special for your visit. Imagine them as the virtual
shopping basket during online shopping. They're temporary and don't get your personal
information. They stay in your computer's temporary memory and vanish when you close
your browser or leave the site.

Persistent Cookies

Persistent cookies, also called permanent cookies, stay longer. The website sets a date
for them to say goodbye. They stay even if you close your browser. They remember stuff
across different visits, so sites know what you like. They help keep things the same every
time the website is visited. Both session and persistent cookies make your online
experience better. In short, session cookies are short-term helpers, and persistent
cookies stay around for longer. Both make your online experience better, but they also
track what you do online.

Both session and persistent cookies play a role in enhancing user experience, enabling
personalization, and facilitating website functionality. However, it's important to note that
cookies also raise privacy concerns as they track user data. Privacy regulations and
browser settings often allow users to control cookie acceptance and deletion to safeguard
their privacy.

Legitimate websites encrypt any personal information stored in cookies to prevent

unauthorized access by third parties with access to the user's cookie folder. Many

Page 4 of 31
countries have implemented laws to protect users, and these cookies are generally
designed to expire after six months, even if the specified expiration date has not yet been
reached.

Uses of persistent cookies

Persistent cookies have various uses and benefits, including:

• Remembering users' login information, passwords, email addresses, and invoice

details, eliminating the need to enter this information repeatedly.

• Acting as a form of memory for websites, enabling them to recognize and identify users
each time they visit.

• Storing users' items in a virtual shopping basket or cart for seamless shopping
experiences.

• Tracking internet habits, website histories, and user favorites/bookmarks.

• Personalizing advertising by targeting users with ads that align with their past browsing
and purchasing behaviors.

• Saving users' preferences, such as customized web pages or language preferences.

• Supporting secure online financial transactions.

• Allowing progress in online games and quizzes to be saved and resumed.

• Assisting social networking sites in recognizing user preferences and browsing histories.

• Enabling automatic language selection on web pages based on users' login information.

Digital currency

Cryptocurrency is a kind of digital money that solves problems linked to central control.
Unlike regular digital money managed by banks and governments, cryptocurrency works
without a central authority. It uses special codes to track transactions.

In the world of cryptocurrency:

• People in the community, not big organizations, decide how transactions happen and
worth of the money.

• Cryptocurrency uses something called a blockchain. This makes things more secure
and cuts the chance of cheating.

Page 5 of 31
Blockchain

Blockchain is like a big, shared database. It stores transactions from lots of people in a
network. Many computers are part of this network, and there's no boss computer. All the
transaction details are on each computer. Changes can only happen when everyone in
the network agrees. This makes things really secure and stops hacking.

How blockchain works?

When a new transaction occurs in a blockchain, a new block is created. Each block
contains the following components:

Data: Information about the transaction, such as the names of the sender and recipient,
the amount of money transferred, and other relevant details.

Hash Value: A unique value generated by a cryptographic algorithm (typically SHA 256)
that acts as a digital fingerprint for the block. The hash value ensures the integrity of the
block's data.

Previous Hash Value: This references the hash value of the previous block in the chain,
creating a link between blocks and forming a sequential chain.

Blockchain Security and Integrity

The creation of a new block triggers the generation of a new hash value, which includes
a timestamp indicating the time of the event. As blocks are connected, they form a chain
structure. To maintain the security and integrity of the blockchain, any changes to a block
will alter its hash value. If a modification occurs in block '2', for example, the hash value
will change, rendering subsequent blocks (e.g., '3' and beyond) invalid due to the broken
chain.

To prevent tampering, blockchain implements a mechanism called proof-of-work. This

requires a significant computational effort, typically taking around ten minutes, to
determine the necessary proof-of-work for each block before it can be added to the chain.
Miners, special network participants, oversee this process and receive rewards for
creating new blocks.

Proof-of-work slows down the block creation process, making it difficult for hackers to
recreate the chain quickly. It also ensures that the currency within the blockchain is
regulated by all network computers. Consequently, attempting to hack the blockchain
would require attacking every block simultaneously, making it highly impractical.

When a new block is created, it is propagated to all computers in the blockchain network.
Before being added to the blockchain, the block is checked for correctness. Additionally,

Page 6 of 31
new network participants receive a copy of the entire blockchain system to maintain
consistency and transparency across the network.

Cybersecurity overview
Cybersecurity threats pose risks to the security and integrity of data. Whether it's personal
or commercial information, protecting data is crucial. Various cyber threats exist,
including:

· Brute Force Attacks

· Data Interception
· Distributed Denial of Service (DDoS) Attacks
· Hacking
· Malware
· Phishing
· Pharming
· Social Engineering

These threats highlight the importance of implementing robust cybersecurity measures,

such as strong passwords, encryption, firewalls, antivirus software, regular system
updates, user education, and awareness to mitigate the risks and protect against
potential cyber-attacks.

Brute Force Attack

Brute force attacks are a simple trick where hackers try all possible combinations of
letters, numbers, and symbols to figure out a password. But there are ways to make it
harder for them:

1. Checking Common Passwords: Hackers start by trying really common passwords like
"123456," "password," "qwerty," and others. These are easy to guess because lots of
people use them.

2. Using Word Lists: If a password isn't common, hackers use a word list. This is a list of
words they try one after the other. Some lists have millions of words. It's faster than
guessing randomly.

But here's the thing: longer and tougher passwords are much harder to crack. If you use
big and small letters, numbers, and symbols together, and if your password is long, it's
way trickier for hackers to guess.

Page 7 of 31
Also, remember to use different strong passwords for different accounts. Extra safety stuff
like two-factor authentication helps too. Changing your passwords regularly and avoiding
easy-to-guess things is also important. In short, strong and unique passwords plus smart
security steps stop brute force attacks in their tracks.

Data interception

Data interception means sneaking into data when it's moving through wired or wireless
connections without permission. The goal is to steal private or secret stuff. There are
different ways to do this:

· Packet Sniffing: This uses a tool to catch and look at data packets going on a network.
Hackers can find important things in these packets.

· Wardriving: This involves driving around with a laptop, smartphone, antenna, and
GPS to find Wi-Fi signals. Hackers use this to grab Wi-Fi data and find out personal things
without you knowing.

· Encryption: is like a shield against data interception. It can't stop data from being
caught, but it makes the data unreadable without the right key. To beat wardriving, use
encryption like wired equivalency privacy (WEP) and firewalls. And use strong passwords
for Wi-Fi routers.

Remember, public Wi-Fi networks, like ones in airports, might not be safe. They often
don't use strong protection. Connecting to unsecured public networks lets anyone nearby
grab your data. To stay safe, use secure networks and keep an eye out for sneaky tricks.

Denial of Service (DoS)

A Denial of Service (DoS) attack is when someone tries to mess up a network or a

specific internet server on purpose. This makes it hard for users to use websites or
services. It's a big problem and can be very unsafe. Some things that happen during a
DoS attack:

• User can't check emails: Hackers send lots of spam emails to an account. This fills it
up and stops real emails from coming in.

• User can't visit websites: Hackers send so many requests to a website that it can't work
properly. This makes it impossible to use the site.

• User can't use online services (like banking): Hackers mess up online services so users
can't use them.

Page 8 of 31
 One way to do a DoS attack is by flooding the network with too much traffic, called spam
traffic. This makes it hard for the server to handle real requests, causing a service denial.
In Distributed Denial of Service (DDoS) attacks, many computers send spam traffic,
making it tough to stop.

How to protect against DOS?

• Use good malware checkers: Keep these updated to stop bad stuff that leads to DoS
attacks.

• Set up firewalls: Use firewalls to control traffic to and from servers or computers,
stopping bad requests.

• Apply email filters: Filters stop unwanted traffic, like spam emails, which helps avoid
email accounts getting overwhelmed.

You can spot potential DDoS attacks if:

• Network gets slow: Files and websites take longer to open due to too much traffic.

• Certain websites are down: Some sites won't work because of a DoS attack.

• Lots of spam: Suddenly, you get a lot of spam emails, which might mean a DoS attack
is happening.

Hacking

Hacking is when someone gets into a computer system or network without permission.
They might want to steal info, pretend to be someone else, mess up data, or send info to
the wrong people. Encryption can't fully stop hacking. It makes data confusing for
hackers, but it doesn't prevent them from doing other bad things, like deleting or ruining
data.

To stay safe from hacking:

• Firewalls: These block sneaky entries to your computer or network.

• Strong passwords: Use unique usernames and change strong passwords often. This
prevents unauthorized access.

• Anti-hacking software: This helps spot and stop hacking tries by finding and blocking
weird stuff.

Page 9 of 31
 • Intrusion detection software: This watches network traffic and finds possible hacks or
security problems.

Also, ethical hacking is a real thing. Authorized hackers, hired by companies, test
computer systems to find weak points. It's a good way to check and improve security. But
remember, there's a big difference between authorized ethical hacking and harmful
hacking. One is legal and helpful, while the other is illegal and dangerous.

Malware
Malware is one of the biggest risks to the integrity and security of data on a computer
system. There are many forms of malware like:

Virus
Viruses are malicious programs or segments of code designed to replicate themselves
and cause harm to computer systems. Their primary goal is to delete or corrupt files,
disrupt normal system functioning, or perform unauthorized actions. In order to execute
and cause damage, viruses require an active host program or an already infected
operating system.
Viruses are commonly spread through email attachments, infected websites, or bundled
with pirated or compromised software downloads.

How to protect against virus?

a) Exercise caution with email attachments: Avoid opening email attachments from
unknown or suspicious sources, as they can contain virus-infected files.

b) Be cautious of infected websites: Exercise caution when visiting websites, particularly

those of questionable or untrusted nature, as they may contain viruses or malicious code.

c) Use original software: Avoid using pirated or unauthorized software, as they are more
likely to be infected with viruses. Obtain software from trusted sources and verify its
authenticity.

d) Employ up-to-date virus scanners: Install reputable antivirus software and keep it up
to date. Regularly scan your computer for viruses and ensure that the antivirus software
has the latest virus definitions.

By following these guidelines and maintaining an up-to-date virus scanner, you can
reduce the risk of virus infections and protect your computer system from potential harm.

Page 10 of 31
Worms

Worms are a type of malware that can self-replicate and spread across computer
networks. Unlike viruses, worms do not require an active host program to initiate their
replication process or cause damage. They can move throughout networks by exploiting
security vulnerabilities.

Worms do not target specific files on a computer but rely on network vulnerabilities to
spread. They can arrive as email attachments and, if opened by a single user, can quickly
infect an entire network. Therefore, similar precautions should be taken as with viruses,
such as being cautious with email attachments and using up-to-date antivirus software.

Worms pose a distinct threat due to their capacity for autonomous propagation, unlike
viruses that rely on user engagement to trigger replication. This renders worms
particularly hazardous as they swiftly infiltrate and disturb expansive networks. The
infamous 'I Love You' worm serves as a prominent illustration, impacting numerous email
recipients globally and causing extensive turmoil, including communication system
congestion and television network outages. Defending against worms necessitates the
adoption of protective measures like consistent software patches, robust network security
settings, and current antivirus software. By remaining watchful and implementing these
precautions, the susceptibility to worm infiltrations can be mitigated.

Trojan Horse

A Trojan horse is a type of malware that disguises itself as legitimate software but
contains malicious instructions. It replaces or embeds itself within legitimate software,
aiming to cause harm to the user's computer system.

Trojan horses require execution by the end-user, typically by arriving as email

attachments or being downloaded from infected websites. They may be distributed
through deceptive means, such as posing as a fake anti-virus program that prompts the
user to take action against supposed infections. Once the user runs the fake program or
executes the Trojan horse, the damage is done.

Trojan Horse threats and how to get rid of trojan horse?

Once installed on a computer, a trojan horse provides cybercriminals with unauthorized
access to personal information, such as IP addresses, passwords, and other sensitive
data. It can also install additional malicious software like spyware (including keylogging
software) and ransomware.

Page 11 of 31
Since Trojan horses rely on tricking end-users into executing them, traditional security
measures like firewalls and other security systems may be ineffective. The user has the
ability to override these safeguards and initiate the execution of the malware. Therefore,
user awareness and caution are crucial in preventing Trojan horse infections. It is
important to exercise caution when opening email attachments, downloading software
from untrusted sources, and being vigilant against deceptive tactics used by
cybercriminals. Additionally, maintaining up-to-date antivirus software can help detect
and mitigate Trojan horse infections.

Spyware

Spyware is malicious software that secretly monitors a user's activities on their computer
and gathers information without their knowledge or consent. It is designed to capture
sensitive information, such as web browsing habits, keystrokes, login credentials, and
personal data like bank account numbers and credit/debit card details. The gathered
information is then sent back to the cybercriminal who deployed the spyware. It typically
enters a user's system through deceptive means, such as being bundled with legitimate
software, distributed through malicious email attachments or infected websites, or
exploiting security vulnerabilities. It can also be installed through social engineering
tactics, where users are tricked into downloading or executing the spyware unknowingly.

Spyware threats and Countermeasures

The danger of spyware lies in its ability to infiltrate a system undetected and exploit
security vulnerabilities. It compromises user privacy and can lead to identity theft, financial
fraud, and unauthorized access to sensitive information.

To detect and remove spyware, users can utilize anti-spyware software specifically
designed to identify and eliminate such threats. Regular scans with up-to-date anti-
spyware tools can help identify and remove spyware infections.

Discovering spyware on a computer should raise concerns because it indicates a security

weakness that can be exploited by other, potentially more dangerous forms of malware.
It is crucial to address the presence of spyware promptly and take necessary measures
to enhance overall system security, such as updating software, using strong and unique
passwords, practicing safe browsing habits, and exercising caution when downloading or
executing files from untrusted sources

Page 12 of 31
Adware

Adware is malware designed to display unwanted ads to users. While less dangerous
than other malware, it disrupts user experience and security. Its purpose is to generate
revenue by showing targeted ads or redirecting to promotional sites. It appears as pop-
ups, redirects, or browser toolbars. Adware can weaken security, be hard to remove, and
hijack browsers. To mitigate its impact:

· Install reputable anti-malware software with adware detection.

· Be cautious when installing software, avoiding bundled extras.
· Keep software updated to address vulnerabilities.
· Use browser extensions to block unwanted ads.

Ransomware

Ransomware is a malicious software that encrypts a user's files and demands payment
for decryption. It causes financial losses and data breaches. Victims find their files locked
and receive ransom demands, often in cryptocurrency, to regain access. Ransomware
spreads through email attachments, malicious downloads, or software vulnerabilities.
Prevention involves:

· Avoiding suspicious email attachments and links.

· Keeping software updated to prevent vulnerabilities.
· Installing reputable antivirus and anti-malware software.
· Enabling automatic backups to restore files.
· Educating users to recognize and avoid ransomware threats.

In case of an attack, avoid paying the ransom and focus on restoring systems from
backups and reporting the incident to authorities.

Phishing

Phishing constitutes a cunning strategy employed by cybercriminals who craft seemingly

authentic emails, often replicating reputable institutions, to deceive recipients into
compromising their security. These deceptive emails typically entice users to click on
malicious links or open attachments that redirect them to counterfeit websites, all with the
aim of secretly obtaining sensitive information like bank account credentials or credit card
details.

Page 13 of 31
Methods to prevent phishing attacks

· Staying consistently informed about the latest phishing schemes and tactics is
paramount.

· Individuals, particularly those in industries or commerce, should undergo regular

security awareness training. This arms them with the ability to discern and evade phishing
attempts.

· Prudent caution is advised when interacting with email links. Users must refrain from
clicking on any links unless the legitimacy is clear.

· Phishing emails often employ generic greetings such as "Dear Customer" or address
recipients solely by their email address — revealing signs of potential deception.

Enhancing cybersecurity involves several steps:

· Employing anti-phishing toolbars within web browsers, including mobile ones, to provide
an added layer of defense by alerting users to potentially hazardous websites.

· Scrutinizing the browser's address bar for "https" and a green padlock symbol, indicative
of a secure connection.

· Regularly monitoring online accounts to detect any irregular activities or unauthorized

access.

· Ensuring robust password practices, coupled with periodic updates.

· Keeping web browsers and firewalls up to date with the latest security enhancements.

· Handling pop-up windows with caution and utilizing browser settings to block them.

· Dismissing pop-ups appropriately using the provided "x" in the top-right corner, as
clicking "cancel" might redirect to phishing or pharming sites.

Additionally, it's imperative to acknowledge "spear phishing," a tactic targeting select

individuals or entities for highly personalized attacks. Unlike standard phishing, spear
phishing demands even greater vigilance and the application of rigorous security
measures.

Page 14 of 31
By diligently adhering to these guidelines and staying proactive in recognizing and
avoiding phishing endeavors, individuals can drastically reduce their susceptibility to such
malicious activities and safeguard their personal and sensitive information.

Pharming

Pharming is a technique involving the installation of malicious code either on a user's

computer or a compromised website. This code then redirects the user's browser to a
counterfeit website without their awareness. Unlike phishing, pharming does not require
any user action for the redirection to occur. This malicious code is designed to gather
personal data, such as sensitive banking information, from unsuspecting users. The fake
websites created in pharming often appear authentic, making them a breeding ground for
potential fraud and identity theft. The danger of pharming lies in its ability to direct users
to fraudulent websites without their knowledge, leading to the unwitting disclosure of
sensitive information.

The redirection in pharming can be executed using methods like DNS cache poisoning,
wherein the IP address of a legitimate website is altered, forcing the user's computer to
visit the forged site. This manipulation allows cybercriminals to trick users into providing
confidential information that can be exploited for malicious purposes.

Protecting against pharming

a) Employ Anti-virus Software: Utilize anti-virus software to identify unauthorized

alterations to website addresses and receive alerts about potential risks.

b) Address DNS Server Infections: In the event of a DNS server infection, seeking
professional assistance and implementing strict security measures become crucial.

c) Use Browser Alerts: Modern browsers often feature built-in alerts that warn users about
pharming and phishing attacks, adding an extra layer of protection.

d) Verify Website Spelling: Thoroughly check the spelling of website addresses to ensure
correctness. Typographical errors or variations in the URL can unintentionally lead to
redirection to fraudulent websites.

e) Validate HTTPS and the Green Padlock Symbol: The presence of "https" in the website
address and the appearance of a green padlock symbol in the browser's address bar
signify a secure connection. Verifying these indicators enhances confidence in the
authenticity of the website.

Page 15 of 31
By proactively adopting these preventive measures, users can significantly lower the risk
of falling victim to pharming attacks. Such actions aid in safeguarding sensitive data from
unauthorized access and potential exploitation.

Social Engineering

Social engineering is a strategy used by cybercriminals to manipulate individuals into

compromising their security by exploiting human emotions like fear, curiosity, empathy,
and trust. Unlike hacking, social engineering relies on victims willingly cooperating, rather
than exploiting technical vulnerabilities.

a) Fear: Cybercriminals induce panic by creating immediate threats to personal

information or computers, pressing victims into hasty decisions without verifying the
threat's legitimacy.

b) Curiosity: Exploiting curiosity, cybercriminals offer attractive incentives like winning

prizes or discovering unclaimed items. Victims reveal personal data or access unknown
content, overlooking potential risks.

c) Empathy and Trust: Impersonating reputable companies, cybercriminals exploit trust

to manipulate victims into granting access, downloading malware, or visiting fake sites.

Social engineering doesn't involve traditional hacking; instead, it manipulates users into
compromising their own security. It preys on impulsive decisions driven by human
psychology.

How to protect against social engineering?

a) Educate: Regularly learn about techniques to spot and avoid social engineering
threats.

b) Be Skeptical: Approach unsolicited communication and enticing offers with caution.

c) Verify: Authenticate emails or messages from trusted sources by contacting them

independently.

d) Keep Secrets: Avoid sharing sensitive data via unsolicited channels.

e) Take Time: Evaluate unusual requests or situations carefully. Don't rush due to fear or
curiosity.

By understanding social engineering and using critical thinking, individuals can shield
themselves and their data from manipulation by cybercriminals.

Page 16 of 31
Keeping data safe from security threats

Access Levels

In many computer systems, user accounts play a pivotal role in managing access rights.
This involves assigning different levels of access to different individuals based on their
roles. For instance, in a hospital setting, granting a cleaner access to medical patient data
would be inappropriate, whereas a consultant would require such access. To achieve this,
systems typically implement a hierarchy of access levels using usernames and
passwords. Access levels are especially critical in databases, where determining read,
write, and delete privileges is vital. By offering varying views of data tables, specific users
can be restricted to accessing only certain data.

Access level in Social Media platform

Access levels are also significant in social networks, like Facebook, which usually feature
four access tiers:

a) Public Access: This pertains to data accessible by the general public. It encompasses
information users willingly share publicly, such as profile pictures, cover photos and public
posts.

b) Friends: Only individuals identified as "friends" by the data owner can access specific
information. This level enables users to share more personal details with a chosen group
of trusted connections.

c) Custom: This permits users to further tailor data visibility for "friends," enabling them to
exclude specific content from selected individuals. Custom access provides enhanced
control over who can view the data.

d) Data Owner: Reserved exclusively for the data owner, this level encompasses private
messages, confidential settings, and personal account details. It's meant solely for the
user's eyes.

Personalizing access levels and control in social networks

In this context, privacy settings are utilized to determine access levels, rather than relying
solely on passwords. Users can personalize their privacy preferences, selecting the
appropriate access level for various data types and specifying who can view their posts,
photos, and other content. These privacy settings empower users to maintain authority
over their personal information and manage who can access it.

Page 17 of 31
It's imperative for social network users to be vigilant about their privacy settings and
routinely update them based on their preferences. By utilizing provided access levels and
privacy controls, individuals can ensure that their data is shared appropriately and with
the intended audience, thus safeguarding their online privacy and digital presence.

Anti-malware

Anti-spyware software is a critical tool designed to identify and eliminate unauthorized

spyware programs on a user's computer system. This software employs various
techniques to accomplish its task:

a) Rules: Anti-spyware software uses predefined rules to detect common features

associated with spyware. By analyzing program behavior and characteristics, it identifies
potential security threats.

b) File Structures: Certain file structures are commonly linked with spyware. Anti-spyware
software recognizes these structures and uses them as indicators to spot potential
spyware.

In many instances, anti-spyware is bundled with other security components like anti-virus
and personal firewalls, providing comprehensive malware protection.

Key features of anti-spyware software

· Detection and Removal: The software scans and removes existing spyware from the
system.

· Prevention: It actively prevents spyware by blocking malicious websites and files to

prevent installations.

· File Encryption: Anti-spyware can encrypt files to enhance their security against
spyware targeting sensitive data.

· Keyboard Stroke Encryption: Encrypting keystrokes safeguards against keyloggers

that capture sensitive information.

· Webcam and Microphone Protection: Unauthorized access to a user's webcam and

microphone is blocked to prevent spyware from gathering information without consent.

· Stolen Information Detection: The software scans for signs of stolen personal
information and alerts the user if detected.

Page 18 of 31
By employing anti-spyware software, users strengthen their defenses against spyware,
safeguard their privacy, and reduce the risk of data compromise. Regular scans and
updates are vital for ongoing protection against evolving threats.

Authentication

Authentication is the process of confirming a user's identity, involving three common

factors:

a) Something you know: Knowledge-based info like passwords or PIN codes.

b) Something you have: Physical objects like phones for authentication.

c) Something unique to you: Biometric traits like fingerprints.

Passwords and usernames are commonly used for authentication. Passwords must be
strong and changed regularly. Biometric elements are increasingly integrated, especially
on mobile devices.

For internet access (e.g., email, online banking), password protection is key.

Precautions

· Running anti-spyware software to prevent interception.

· Changing passwords regularly.

· Creating strong passwords with complexity.

· Avoiding easily guessed passwords.

· Password entry is often masked on-screen. Access is denied if passwords don't match.
Systems may lock after multiple failed attempts, requiring a reset.

· Password reset emails contain links to secure webpages. This safeguards against
unauthorized access or changes.

· Dual authentication (username and password) adds a layer of security, granting

access to sensitive systems or websites like online bank

Biometric

Biometric authentication stands as an alternative to passwords for user identification,

relying on distinct human characteristics like fingerprints, retina patterns, facial features,

Page 19 of 31
and voice to verify identity. Biometric technology finds applications in diverse security
contexts, from fingerprint-based phone unlocking to biometric access control in
pharmaceutical companies.

Fingerprint scans and retina scans are two specific biometric methods worth exploring:

Fingerprint

Fingerprint scans involve comparing an individual's fingerprint image to stored data in a

database. The system analyzes ridge and valley patterns to establish a match. With an
accuracy of about 1 in 5000, fingerprint scans offer several security advantages:

· Unique fingerprints make replication challenging.

· Unlike physical devices, fingerprints are always available.

· Only authorized fingerprints align with database entries, preventing impersonation.

· Fingerprints are integral to an individual's identity and cannot be lost.

Yet, fingerprint scanning has drawbacks:

· Initial setup investment is necessary

. Accuracy might suffer from damaged fingers.

· Some view biometric devices as a civil liberties concern.

Retina scans

Retina scans utilize infrared light to capture the distinctive blood vessel pattern in the
retina, located at the back of the eye. This method entails around 10 to 15 seconds of
sitting still during scanning. Retina scans offer high security due to their non-reproducible
nature.

Biometrics, including fingerprint and retina scans, provide secure user identification based
on unique human traits. While fingerprint scanning is cost-effective and widely accepted,
retina scans offer superior accuracy but may be deemed more intrusive due to the need
for extended stillness during scanning.

Two-step verification

Two-step verification, also known as two-factor authentication (2FA), is a security

measure that provides an added layer of protection by requiring two distinct methods of

Page 20 of 31
authentication to confirm a user's identity. It finds common use in online transactions,
particularly when using credit or debit cards for payment. Illustrating its functioning
through an example can clarify how two-step verification operates. Let's consider Kate,
who intends to purchase a new camera from an online store.

The authentication process involves two sequential steps:

· User name and password: Kate logs into the online platform using her computer, where
she must input her user name and password. This marks the initial stage of
authentication, confirming her identity.

· One-time passcode (OTP): In the interest of heightened security, an eight-digit PIN,

known as a one-time passcode (OTP), is dispatched to Kate. This unique passcode can
be relayed to her through email or sent as a text message to her registered mobile phone.
Kate's mobile phone serves as the second layer of authentication. She receives the OTP
and inputs it into the online platform on her computer.

Upon successful completion of both steps, Kate is granted authorization to proceed with
her camera purchase. The two-step verification mechanism bolsters security as it
mandates the provision of not only something she knows (her password) but also
something she possesses (the OTP transmitted to her mobile phone).

The intent behind employing two-step verification is to diminish the likelihood of

unauthorized account access and elevate overall security, especially when sensitive
transactions or personal data are involved.

Automatic software updates

Automatic software updates play a pivotal role in maintaining the up-to-date status of
software across computers, mobile phones, and tablets. These updates are often
scheduled during off-peak hours, such as overnight or when the user logs off the device.

The primary objective of automatic software updates is to guarantee the software's

currency and security. These updates frequently encompass patches designed to rectify
security vulnerabilities, thus fortifying the device against malware and potential security
risks. Moreover, software updates can enhance performance by rectifying bugs and
introducing novel functionalities.

Page 21 of 31
Checking the spelling and tone of communication and URL links

When receiving emails, it is imperative to undertake three essential actions before

opening them or engaging with any embedded links:

· Verify Spelling and Grammar: Legitimate and professional organizations generally

send emails that are free of spelling or significant grammatical errors. Scrutinize the
spelling within the email content as well as any links provided. For instance, exercise
caution when encountering email addresses with domains like "@gmail.com," as credible
companies usually use their own distinct domain names. Ensure that the section of the
email address after the "@" aligns with the company's official name.

· Evaluate Tone and Language: Thoughtfully assess the tone conveyed in the email's
message. Approach with caution if the email exerts pressure for immediate action or
employs language that appears unusual or inappropriate. Such indications might point
towards a potential phishing scheme or scam.

· Inspect Email Addresses and Links: Examine the legitimacy of the sender's email
address itself. Reputable companies typically utilize professional email addresses linked
to their established domains. Exercise caution when the email address doesn't align with
the company's name or employs generic email providers. Moreover, be wary of links that
lead to domains with typographical errors. Scammers often employ a tactic known as typo
squatting to create domains resembling authentic ones in order to deceive recipients.

Recognizing warning signs in email

In addition to these three fundamental actions, it is important to heed the following warning
signs:

· Suspicious Links: Verify that the destinations of links within the email correspond to
the overall context of the email. Approach emails with skepticism if they claim to originate
from reputable sources but provide links leading to unrelated or questionable websites.

· Secure Links (https): Trustworthy entities engaging in online transactions or sensitive

data handling commonly employ secure links that begin with "https" rather than "http."
Ascertain that the links offered in the email exhibit proper security indicators.

· Spelling Errors: Be alert to blatant spelling errors in email addresses and URLs.
Scammers may deliberately misspell company names or employ incorrect domain
extensions to deceive recipients.

Page 22 of 31
By maintaining vigilance and adhering to these precautionary measures, individuals can
effectively shield themselves against phishing endeavors and potentially fraudulent
activities that may materialize through email communications.

Firewall

A firewall serves as a protective barrier between a user's computer or internal network

and an external network, such as the internet. It can be implemented either as software
or hardware and is responsible for filtering incoming and outgoing information. The main
purpose of a firewall is to control and monitor network traffic, allowing users to determine
which communication with external sources is permitted and alerting them to any attempts
at unauthorized access.

Key tasks performed by a firewall

1. Examining network traffic: The firewall analyzes the data exchanged between the
user's computer or internal network and the public network, such as the internet.

2. Applying criteria to data: The firewall checks whether the incoming or outgoing data
meets a specified set of criteria. If the data fails to meet the criteria, the firewall blocks the
traffic and notifies the user or network manager about a potential security issue.

3. Logging traffic: Firewalls can log all incoming and outgoing network traffic, allowing
users or network managers to review and analyze the activity at a later time.

4. Blocking access to undesirable sites: Firewall settings can be configured to prevent

access to specific undesirable websites or IP addresses. The firewall maintains a list of
such sites to enforce this restriction.

5. Protecting against viruses and hackers: Firewalls are designed to help prevent viruses
and unauthorized access attempts from reaching the user's computer or internal network.

6. Alerting users to software accessing external sources: If any software on the user's
system attempts to access an external data source, such as an automatic software
upgrade, the firewall notifies the user and provides the option to allow or deny the access.

A firewall can be implemented as a separate hardware device placed between the

computer and the internet connection, or it can be software installed on a computer,
sometimes integrated into the operating system.

Page 23 of 31
Limitations of firewall

1. Inability to control bypassing through personal hardware devices: Firewalls cannot

prevent individuals on internal networks from using their own hardware devices, such as
modems or smartphones, to bypass the firewall's protection.

2. Limitations in controlling employee behavior: Firewalls do not have control over

employee misconduct or carelessness, such as mishandling passwords or user accounts.
These aspects require management control and user awareness.

3. Users disabling the firewall: In standalone computer setups, users have the option to
disable the firewall, which leaves their computer vulnerable to potentially harmful network
traffic from the internet.

To ensure the effectiveness of a firewall, it requires both management controls, such as

policies and user education, and personal responsibility in individual cases where
firewalls are employed on standalone computers.

Proxy server

Proxy servers function as intermediaries between users and web servers, offering various
features and advantages:

· Internet Traffic Filtering: Proxy servers enable administrators to filter internet traffic,
allowing them to block specific websites when necessary. This capability facilitates
content filtering and enhances overall security.

· IP Address Anonymity: By concealing users' IP addresses, proxy servers bolster

security and privacy, preventing direct identification and tracking.

· Valid and Invalid Traffic Handling: Proxy servers validate internet traffic, granting
access to valid requests while denying suspicious or invalid traffic. This safeguards
against unauthorized access and potential attacks.

· Blocking Requests from Specific IP Addresses: Configuration options empower proxy

servers to block requests originating from designated IP addresses, enhancing security
and control.

· Indirect Web Server Access: Proxy servers sit between users and web servers,
creating a barrier that shields the web server from direct access. This fortification helps
safeguard against hacking and denial-of-service (DoS) attacks.

Page 24 of 31
 · Redirection of Harmful Traffic: Proxy servers can reroute harmful or invalid traffic away
from web servers, mitigating risks and preserving web server availability and
performance.

· Caching for Speed: Utilizing caching, proxy servers store frequently accessed web
content. When a user requests a website, the proxy server can deliver the cached version
instead of fetching it from the web server. This speeds up access and lessens network
load.

· Firewall Functionality: Proxy servers can also function as firewalls, offering an extra
layer of security. They inspect and regulate network traffic, thwart unauthorized access
attempts, and enforce security policies.

Privacy settings

Privacy settings are controls that are available on web browsers, social networks, and
other websites to manage and limit the access and visibility of a user's personal profile
and information. These settings are designed to enhance privacy and security. Here are
some examples of privacy settings:

1. 'Do Not Track' setting: This setting informs websites not to collect and use browsing
data for tracking purposes. Enabling this setting can help protect privacy and prevent the
collection of personal information.

2. Payment method security: Many websites allow users to save their payment methods
for convenience. Privacy settings can include options to manage and secure saved
payment details, reducing the risk of data interception or unauthorized access.

3. Safer browsing alerts: Privacy settings can include features that warn users when
they encounter potentially dangerous or malicious websites. These alerts help protect
users from visiting harmful sites that may pose security risks.

4. Web browser privacy options: Web browsers often offer privacy settings to control the
storage of browsing history, cookies, and other browsing data. Users can choose to clear
their history regularly, block third-party cookies, or enable private browsing modes to
enhance privacy.

5. Website advertising opt-outs: Many websites track user behavior for targeted
advertising. Privacy settings may provide options to opt out of this tracking, limiting the
collection and use of personal data for advertising purposes.

Page 25 of 31
6. App privacy settings: Mobile apps, especially those involving location data, may have
privacy settings to manage the sharing of personal information. Users can choose to
enable or disable location sharing, access permissions, and other data-sharing features
based on their privacy preferences.

By utilizing privacy settings, users can have more control over their personal information,
limit access to their profiles, and protect themselves from privacy breaches and unwanted
tracking. It is important for individuals to review and adjust these settings regularly to align
with their privacy preferences.

Secure Socket Layer

Secure Sockets Layer (SSL) is a protocol that facilitates secure communication between
computers across a network, often the internet. It employs encryption to ensure that data
transmitted between a user's computer and a web server remains confidential and
inaccessible to unauthorized entities.

When SSL is implemented on a website, the data exchanged between the user's
computer and the server is encrypted, guaranteeing both confidentiality and data integrity.
Users can identify the use of SSL by observing the "https" protocol in the website's
address, as opposed to the standard "http." Furthermore, contemporary web browsers
frequently display a small padlock icon in the address bar to signify a secure connection

SSL certificates play a pivotal role in establishing a website's authenticity and reliability.
These digital certificates, issued by trusted third-party certification authorities, validate the
website's identity. When a browser encounters an SSL certificate, it verifies the
certificate's authenticity, ensuring a secure communication channel with the website.

Various applications of SSL

· Online Banking and Financial Transactions: SSL safeguards sensitive financial

information during online transactions, preserving confidentiality and data integrity.

· E-commerce and Online Shopping: SSL protects users' personal and payment details
during online purchases, enhancing security.

· Software Distribution: SSL can securely distribute software updates or releases to a

restricted user base.

· Secure Email Communication: SSL encryption secures email transmission, ensuring

privacy and preventing unauthorized access.

Page 26 of 31
· Cloud Storage: SSL secures data transmission between users' devices and cloud
storage platforms, upholding file privacy.

· Private Networks and Internet Connections: SSL is used to secure communication within
private networks (intranets, extranets) as well as over public internet connections.

· Voice over Internet Protocols (VoIP): SSL enhances the security of voice and video
communication through VoIP services.

· Instant Messaging: SSL encryption can protect message confidentiality on instant

messaging platforms.

· Social Networking Sites: SSL secures communication and shields user information on
social networking platforms.

By embracing SSL, these applications and services ensure secure, encrypted

communication, safeguarding sensitive data, and prioritizing user privacy and security.

Page 27 of 31
Key Terms:

internet – the world-wide interconnection of networks; the internet makes use of TCP
and IP protocols

World Wide Web – a massive collection of web pages and is based on hypertext transfer
protocols (http and https)

(web) browser – software that connects to a domain name server (DNS) to locate IP
addresses; a browser interprets HTML web pages sent to a user’s computer so that the
user can read documents and watch multimedia

hypertext mark-up language (HTML) – the language used to design, display and format
web pages, and to write http(s) protocols

uniform resource locator (URL) – a text-based address for a web page hypertext
transfer protocol secure (https) – http with extra security (such as SSL) applied

hyperlink – highlighted text or an image that is activated by clicking and links to further
text, images, a web page or a website

domain name server (DNS) – a server that looks up domain names for websites (for
example, www.hoddereducation.com) in order to find the IP addresses that a computer
needs to locate the web servers (for example, 107.162.140.19)

cookie – a text file sent from a website to a user’s browser; it is used to remember user
preferences each time they visit the website

user preferences – settings or options stored in cookies that can remember customized
web pages or indicate browsing history to target adverts

session cookie – a cookie that is stored temporarily on a computer; it is deleted when

the browser is closed or the website session ends

persistent cookies – a cookie that is stored on the user’s hard drive and only deleted
when the expiry date is reached or the cookie is deleted by the user

virtual shopping basket – an area of memory in a website where items a user wishes
to purchase are temporarily stored; items remain in the basket until payment is made or
the session has ended

digital currency – currency (a system of money) that exists in electronic form only; it has
no physical form and is essentially data on a database

Page 28 of 31
cryptocurrency – a form of digital currency that uses a chain of decentralized computers
to control and monitor transactions

cryptography – the protection of data/information by use of coding; it usually involves

encryption and decryption

blockchain – a decentralized database where all transactions are stored; it consists of a

number of interconnected computers but not a central server

timestamp – a digital record of the date and time that a data block is created in blockchain
networks

proof-of-work – the algorithm used in blockchain networks to confirm a transaction and

to produce new blocks to add to the chain; special users called miners complete and
monitor transactions on the network for a reward

brute force attack – a ‘trial and error’ method used by cybercriminals to crack passwords
by finding all possible combinations of letters, numbers and symbols until the password
is found

word list – a text file containing a collection of words used in a brute force attack

data interception – an attempt to eavesdrop on a wired or wireless network transmission;

cybercriminal often use packet sniffing or access point mapping / wardriving to intercept
data

packet sniffing – a method used by a cybercriminal to examine data packets being sent
over a network and to find the contents of a data packet, which are sent back to the
cybercriminal

wardriving – using a laptop, antenna, GPS device and software to intercept Wi-Fi signals
and illegally obtain data; sometimes called Access Point Mapping wired equivalency
privacy (WEP) encryption protocol

security – an algorithm for wireless networks to protect them against data interception

denial of service (DoS) attack – a cyberattack in which cybercriminals seek to disrupt

the normal operation of a website by flooding it with requests; also used to clog up a
user’s mailbox by sending out thousands of spam emails

distributed denial of service (DDoS) attack – a denial of service (DoS) attack in which
the fake requests come from many different computers, which makes it harder to stop
spam – unsolicited emails sent to a user’s mailbox

Page 29 of 31
hacking – the act of gaining illegal access to a computer system without the owner’s
permission

malware – programs (such as viruses, worms and Trojan horses) installed on a user’s
computer with the aim of deleting, corrupting or manipulating data illegally

virus – a program or program code that replicates itself with the intention of deleting or
corrupting files or by causing the computer system to malfunction

active host – functioning software that a virus can affect by attaching itself to the code
or by altering the code to allow the virus to carry out its attack

worm – a stand-alone type of malware that can self-replicate; unlike viruses, worms don’t
need an active host; they can spread throughout a network without the need for any action
by an end-user

Trojan horse – a type of malware that is designed to look like legitimate software but
contains malicious code that can cause damage to a computer system

spyware – a type of malware that gathers information by monitoring a user’s activities on

a computer and sends the gathered information back to the cybercriminal who sent out
the spyware

adware – a type of malware that attempts to flood the end-user with unwanted advertising

ransomware – a type of malware that encrypts data on a user’s computer and ‘holds the
data hostage’ until a ransom is paid

phishing – sending out legitimate-looking emails designed to trick the recipients into
giving their personal details to the sender of the email

spear phishing – similar to phishing but targeting specific people or organizations rather
than carrying out a blanket attack

pharming – redirecting a user to a fake website in order to illegally obtain personal data
about the user without their knowledge; unlike phishing, pharming is initiated without
needing any action by the user

DNS cache poisoning – altering IP addresses on a domain name server (DNS) with the
intention of redirecting a user’s browser to a fake website; carried out by a pharmer (see
pharming) or hacker (see hacking)

Page 30 of 31
social engineering – manipulating people into breaking normal security procedures
(such as giving away their password) in order to gain illegal access to computer systems
or to place malware on their computer

access levels – different levels of access in a computer system allowing a hierarchy of

access levels depending on user’s level of security

anti-spyware – software that detects and removes spyware programs installed on a

system; the software is based on typical spyware rules or known file structures

authentication – the process of proving a user’s identity by using something they know,
something they have or something unique to them

biometrics – type of authentication that uses a unique human characteristic, such as

fingerprints, voice or retina blood vessel pattern

two-step verification – a type of authentication that requires two methods of verification

to prove the identity of a user

patch – an update for software that is developed to improve the software and/or to
remove any bugs

typo squatting – the use by cybercriminals of subtle spelling errors in website addresses
used to trick users into visiting their fake websites

firewall – software or hardware that sits between a computer and an external network
(for example, the internet); the firewall monitors and filters all incoming and outgoing traffic

proxy server – a server that acts as an intermediary server through which internet
requests are processed; it often makes use of cache memory to speed up web page
access

privacy settings – controls available on social networking and other websites which
allow users to limit who can access their profile or what they are allowed to see

secure sockets layer (SSL) – a security protocol used when sending data over a network
(such as the internet)

SSL certificate – a form of digital certificate which is used to authenticate a website;

providing the SSL certificate can be authenticated, any communication or data exchange
between browser and website is secure

Page 31 of 31