2. Encryption - Decryption
encryption: The process of scrambling
or hiding data or information so that it
cannot be understood without the key
necessary to view it in its original form.
plaintext: An original, unencrypted
message or file.
3. Encryption - Decryption
ciphertext: An encrypted message or file.
decryption: The process of removing the
encryption to produce clear text.
cryptographic key: A specific word,
number, or phrase that must be used to
encrypt or decrypt data.
5. Encryption - Decryption
cryptographic
algorithm:
A specific procedure
for encrypting and
decrypting data.
One letter stands
for another
6. What can be encrypted?
Data sent over wired and wifi networks
Credit Card Info, Bank Account Info
Personal Information
Storage volumes
Individual files
7. User Authentication
The process of verifying the identity
of an entity that is attempting to
access a device, network, or web site.
Examples: passwords, PIN’s,
fingerprint scans, facial recognition.
9. Hacking Passwords
Brute force attack: uses password-
cracking software to generate every
possible combination of letters, numerals,
and symbols.
Dictionary attack: hackers guess your
password by stepping through a dictionary
containing word lists and common
mutations of words.
10. Password Protection
Be smart and secure about your passwords.
Use different passwords for different sites.
Don’t use terms that people can find on
Social Media - birthdays, addresses,
anniversaries, kids names, pet names,
spouses, etc.
12. Online Threats:
Malware
Malware: malicious software.
Can gather information though keystrokes.
Can infect your registry, system files, etc. in
the form of viruses and worms.
Can lead to extortion – holding your
computer ransom for money
13. Computer Viruses
Computer program (malware) that attaches itself
to another computer program (host) and
attempts to spread/replicate itself to other
computers when files are exchanged.
Requires human interaction to spread
Some are less dangerous than others.
Can be eradicated with anti-virus software as
long as anti-virus software is up to date.
14. Spreading Viruses
Code Injection: is the process of
modifying an executable file or data
stream by adding additional commands.
Side-loading: a process where an app
from an un-official app store is installed
on a device.
15. How to Catch a Virus
Downloading infected audio & video
files from “free” sites.
Downloading fake plug-ins (Flash).
Email attachments (opening)
Pop-ups or fake update pop-ups
16. Rootkit Viruses
Code that is designed to hide the existence
of processes and privileges.
By bypassing system privileges and
settings, hackers can become shadow
administrators with access to all data
on a device or network.
17. Worms
Program that can self distribute
and replicate without any human
interaction.
Types: mass-mailing worm, internet
worm and file-sharing worm
18. Script & Macro Viruses
Script: list of commands (mini-programs
like JavaScript) that can be executed on a
computer without user interaction.
Macros: a single instruction that expands
automatically into a set of
instructions/actions that perform a
particular task. (Excel, Word)
19. Trojan Horses
Trojan Horse: appears to be something useful
or desirable (game or a screen saver), but works
maliciously in the background.
Can install backdoor programs or rootkits
that Can hide in or modify system files.
Can allow hackers access or take control of
computer without your knowledge - computer
becomes a zombie.
20. Virus Symptoms
Strange icons appear
Unusual home page
Odd messages, pop-ups
or sounds
Corrupt files
Programs can’t launch
Computer shuts down without warning
21. Anti-Virus Software
Popular products:
Symantec, Kaspersky,
AVG, Avira, Avast
McAfee, Norton
Run a scan once a week.
Keep updated.
22. Anti-Virus Software
How they Work:
Detect: They look for a virus signature
(a portion of code unique to a virus)
Stop Execution:
Quarantine the virus in a secure area.
Prevention: Inoculates by recording key
attributes of files and by comparing files
when scanning.
23. Online Threats:
Spyware
Spyware: malware that sits on your computer
and spies on you and can transmit information
about you.
Adware: monitors web browsing activity to
supply data to generate targeted ads.
Keyloggers can gather information though
keystrokes and browsing habits.
Man-in-the-middle: Monitor communications
24. Online Threats:
Phishing & Spear Phishing
Phishing: Encourages you to download or click
on links and provide personal info or bank
account numbers, etc. Can pose as real
company, representative – check URLs, links,
email addresses, etc.
Spear phishing can be more targeted to a
specific individual or department.
Spoofing: Pretend to be someone you’re not,
Altered MAC address or IP address.
25. Zero-Day Attacks
Vulnerabilities that have not yet been
discovered.
Hackers keep these vulnerabilities to
themselves.
White Hat Hackers: Share these with
developers.
26. Denial of Service Attacks
DoS: attack that occurs when legitimate users
are denied access to a computer system because
a hacker is repeatedly flooded by requests that
tie up its resources.
Can be sent by botnet, (group of robot
programs) to run on network of zombie
computers.
27. Ransomware
Your data files (docs, pictures, music,
videos, etc.) are encrypted (held hostage)
until you pay for decryption key (to
untraceable payment system.
Your OS will still run.
Huge problem if personal files are not
backed up.
28. Email & Encryption Viruses
Email viruses: uses the address book in the
victim’s e-mail system to distribute itself.
Encryption Viruses: (aka Ransomware)
malicious program that searches for common
data files and compresses them into a file
using a complex encryption key rendering
files unusable. You then receive a message to
send payment in order to fix.
29. Online: Cookies
Cookies: small text file that some websites
automatically store on a client computer’s
hard drive when a user visits the site.
Cookies are not malicious. Some sites may
not work without it. Helps fill in forms and
remember your status for shopping, etc. But
they will remember your browsing habits.
30. Hackers
White hat:
Ethical, want to expose weaknesses
or flaws for various reasons
Black hat:
Destructive, illegal pursuits
Grey Hat:
Tow the line, may want
to sell services, land a job.
31. Hacker Tools
Keylogger:
spyware program that monitors keystrokes in
order to steal passwords, login IDs, or credit
card information.
Packet Analyzer (sniffer):
device or software program designed to
detect and record digital information being
transmitted over a network (packets).
32. Protecting Yourself
Firewalls: help protect the ports of your
networks and computers and keep IP
addresses more secure.
Mac OSX and Windows come with firewall
protection as do routers.
33. Protecting Yourself
Be smart about what sites you visit.
If you visit questionable sites, clear your history,
cache, and your session cookies. If it doesn’t feel
right, or look right, get out.
Backup Your Data: Cloud, external drives, flash
drives, etc.
Run your Operating System Software updates –
many include security fixes.