CYBER SECURITY

1. Learn about online threats. How to protect yourself?

This is one of the most topical issues of our time. Internet threats are manifold: technological threats, data loss, privacy threats, social threats (harassment, violence, bullying, inappropriate content etc.). The only way to protect ourselves from online threats is to be aware of them and protect ourselves personally. It is important to follow the "think first, click later" rule. Read more about threats and how to protect yourself here.

Every computerised workplace with Internet access not only receives useful information and information services, but is also exposed to all the dangers of the Internet.

What are the risks of surfing the Internet? Find out by clicking on the Flip tab .

The following are some of the reasons why computers are vulnerable:

• Users often lack knowledge about the dangers of the internet,

• New compu
• ters for sale are often not sufficiently protected against internet threats,

• Users do not make use of cheap or free technical tools (due to lack of knowledge, time or willingness) to improve computer security.

Threat protection measures:

2. Protecting your computer: internet firewall, antivirus

The main technological threats are viruses, unwanted and malicious software, and computer intrusion. Think of a virus as an uninvited neighbour that enters your home (i.e. your computer) and starts to interfere with its operation by "infecting" other applications. These viruses can come from a variety of sources: they may start out as innocent emails or app downloads, but then become real problems that can slow down your computer, destroy important files or even steal your personal information.

The International Cyber Security Company's video on cyber security provides a good illustration of the threats we can face when surfing the internet and the tools we can use to protect ourselves from them.

Source: kaspersky.com/blog

Protections against these threats include keeping antivirus software up-to-date, deliberately downloading and installing software, keeping it up-to-date, removing unnecessary applications, and using an internet firewall. An antivirus programme is your computer's bodyguard, always on the lookout for potential threats. It's like a policeman who is constantly checking the information that comes into your computer, looking for signs that something is not quite as it should be. When it finds a threat, it (the antivirus) decontaminates it and prevents any possible breaches. Read more about protecting your computer in this section.

2.1. Firewall

A firewall is a piece of equipment (hardware or software) that creates a protective wall between your computer and the internet. It can protect your computer from many hackers and computer viruses and worms.

What a firewall can and cannot do:

Can

• Protect against Internet viruses, worms that try to infiltrate your computer from the Internet

• Protect against hackers attacking your computer

• Prevent unwanted programs from sending information from your computer

Cannot

• Protect against computers that you consider trustworthy (e.g. a neighbouring computer on your local network)

• Protect against internet viruses, worms that you receive via email, browser or other applications

Warning! It is not recommended to connect your computer to a network (the Internet) without first protecting it with a hardware or software firewall.

Hardware firewall

It is recommended to protect the local network with a special device called a hardware firewall. This device should prevent any connections from the Internet to work computers. This function can be performed by:

• A specialised device that performs only firewall functions

• A network router or wireless access point with the ability to filter network traffic.

• A device (server) that performs internal network address translation functions.

Software firewall

Even if your local network is protected by a hardware firewall, do not overlook the dangers that come from the same local network. This could be a hostile neighbour, a colleague or a computer virus. A software firewall (Windows Firewall) installed on your computer can protect you from such problems.

Location of the firewall in the computer network

Firewall or firewall functions

• Blocks external connections to applications that only need to communicate within the local network (e.g. a database server on the local network).
• Depending on sophistication, can protect against a variety of TCP protocol attacks if attacked from outside the firewall.
• Can specifically identify and block packets sent by some common viruses or worms.
• Can block Internet servers or network services (say, Skype) if connections to them are unwanted on this network.

2.2. Software update

Protecting your computer is not just about firewalls or antivirus. One of the most important steps you can take to protect your device from threats is to update your software regularly. This ensures that your computer is running with the latest security measures to protect against known threats.

Why is it important to update software?

How do I update the Windows operating system?

Step 1. Turn on Windows Update:

• Select Start > Settings > Update & Security > Windows Update.
• Click Check for updates to check for updates.

Step 2. Install the suggested updates:

• Install any Critical Updates and Service Packs offered by the system.
• If you have an older version of Windows (e.g. Windows 7 or Windows 8), make sure it is still supported or upgrade to a newer version such as Windows 10 or 11.

Step 3. Perform automatic updates:

• It is recommended that you turn on automatic updates so that the system downloads and installs the latest security patches itself.
• Not only the core components of the Windows OS need to be updated, but also additional installed applications (such as Adobe Acrobat Reader, Java, Winamp, etc.).

2.3. Antivirus software

A wide variety of malware - internet viruses and worms - travel the internet. They can be found in e-mail, online chat channels and other means of electronic communication. Firewalls do not protect against viruses that arrive by email or from the Internet. One of the best tools for this is antivirus software with a constantly updated virus database. Some such systems are listed below:

• Avast! antivirus. One of the most popular antivirus programs, developed by the Czech company Avast Software. It is distinguished by its high quality of protection, accessibility and intuitive user interface. Avast offers a range of solutions for both home users and business customers, and its free version is one of the most frequent choices for reliable protection against viruses, malware and phishing sites. Avast! 4home - the free version for home users.

• • AVG Anti-Virus. A popular anti-virus program developed by AVG Technologies, now part of the Avast group. AVG AntiVirus enables users to protect their computer from a wide range of malware, viruses, spyware, ransomware and other cyber threats.

  AVG AntiVirus versions

  The first free version (AVG AntiVirus Free), which provides basic protection against viruses, malware and dangerous websites. Suitable for personal use for those who don't need advanced features

  Paid version (AVG Internet Security), which includes additional protection against ransomware, ensures the security of online banking and protects cameras from unauthorised access. Allows you to install the application on multiple devices.

  AVG Ultimate, a complete protection and performance optimisation package that includes AVG Internet Security and AVG TuneUp tools.

  Practical exercise. Installing AVG AntiVirus

  Try installing and using the AVG AntiVirus protection program.

• • Windows Defender. Microsoft's tool for detecting malware and ensuring your PC is always protected. For Windows operating systems.
  • Lavasoft Ad-aware to detect and eradicate malicious adware, spyware and similar programs. Ad-aware Standard Edition - free for non-commercial use.
  • McAfee VirusScan. One of the most popular and longest-running anti-virus programs on the market, designed and developed by McAfee Corp. This software is designed to protect computers from viruses, malware, spyware and other online threats. "McAfee VirusScan is known for its efficiency, stability and additional security features.
  • BitDefender. This is a world-renowned antivirus software developed by the Romanian company Bitdefender. It offers comprehensive protection against viruses, malware, ransomware, phishing, and cyber-attacks. Bitdefender is known for its efficiency, high threat detection rate and low impact on computer performance.
  • Norton Antivirus. One of the oldest and most recognised antivirus programs in the world. This software offers protection against a wide range of threats such as viruses, worms, Trojans, spyware, ransomware and cyber attacks. Norton Antivirus is constantly updated to ensure effective protection against the latest threats.

  If you are suspicious about a file you have received from the Internet, you can also check it using free online tools:

  • http://www.kaspersky.com/scanforvirus - check with Kaspersky Labs tools
  • http://www.virustotal.com - check with several different antivirus systems

2.4. Hazardous files

Another major problem is the excessive gullibility of internet users themselves. The Internet is not a safe place, because along with the information you need, you can also get malware and viruses. For malicious purposes, hackers and viruses specially craft messages that persuade unsuspecting users to look at attachments and execute the program they are sent. Often, victims of such attacks rely on a fake return address (the "From:" field in the message), the subject of the message, a specially chosen message text (e.g. a suggestion to install a security patch that has been downloaded), or other message features. This type of attack is called social engineering.

Here are some tips for those who have to review files received by email or other means of communication:

• Never review attached files received from strangers, whether by email, chat channels (IRC, Skype, ICQ, etc.) or other means.
• If you did not expect the attachment, consider it suspicious, even if it was sent by someone you know well. Even a Word document can have malicious program instructions embedded in it.

• Before opening the Microsoft Office document you received, in Microsoft Word (Excel, Powerpoint, etc.), select Tools>Options, Security, Macro Security>Security Level, check High.

• Make sure that the person who signed the letter actually sent the email (call or email them, or use a communication application such as Skype, ICQ, etc.),

• Check the received file for viruses using an anti-virus program. You can also check the received file with online antivirus tools such as http://www.kaspersky.com/scanforvirus or http://www.virustotal.com

• Make sure the text of the message is logical - could the sender have sent an email with such a file attached?

2.5. Assignment. Test your knowledge

Check what you have learned about how to protect your computer by answering the questions. If you got most of the questions wrong, it is worth going back and re-reading the material in this section.

3. Privacy & data protection

Backup is the main means of ensuring data security.

Privacy and data protection are very important aspects of your online experience. Some tips on how to protect your privacy and data online include:

• Password security - use strong and unique passwords for each of your online accounts. You should also avoid sharing your passwords with others;
• Data protection - make sure your devices and apps are up-to-date to avoid data leaks and other security risks;
• Safe browsing - avoid using public Wi-Fi networks without security, as this can lead to data theft. Also be careful where you put your personal data;
• Use privacy settings - most websites have privacy settings that allow you to control what and how you share with others;
• Data storage - try to use secure data storage facilities and be careful what you store on your devices and online.

Be a responsible internet user and understand how to protect your privacy and data online, and take steps to protect yourself and your information from malicious actors.

3.1. Backup copying

Backup is one of the key measures to ensure data security. It allows you to protect important data from loss caused by a variety of reasons, such as:

1. Technical errors. Hard disk failures, software errors or other technical problems can cause data loss.
2. Human error. Data deletion or corruption due to carelessness (e.g. incorrect operations) is a common problem.
3. Malware. Viruses and other malware can damage or insert code that destroys data.
4. Natural disasters. Fires, floods or other natural disasters can cause physical damage to servers or computers containing important data.
5. Theft. Data can be stolen along with devices.

To ensure effective backup, it is important to:

• Regular backups.
• Keep copies in different locations (e.g. in the cloud, on storage media).
• Check backup recovery processes to make sure they are working as intended.
• Use automatic backups to reduce the chance of errors.

Another important aspect is that in addition to backups, other data security measures such as encryption, network security, firewalls, anti-virus, etc. should be applied.

3.2. Passwords

The main purpose of passwords is to protect information and other computer resources: emails, files on your computer, devices, etc. Passwords can be likened to the keys to your room door - by locking the door, you protect your room from thieves, vandals or uninvited guests. It is common for a door key to be unique, and it is unlikely that anyone will find another key that can unlock your door. The more complex the key shape, the harder it will be to find another suitable key. The same can be said for a password. The easier the password is to guess, the less secure your information will be. Passwords can be guessed by knowing certain facts about a person (date of birth, phone or car numbers, names of family members, etc.) or simply by using common dictionary words.

Examples of poor, weak passwords are also sequences of repeating characters (e.g. abab1212), sequences of characters that match the layout of the keyboard (e.g. qwerty).

A good password should consist of letters (upper and lower case), numbers and special characters. You can use a well-known phrase to create a good password that is easy to remember. By taking the first letters or consonants (second, last letters) of such a phrase, changing the letters into special characters or numbers (by any association), you will get a password that is hard to guess but easy to remember.

Example:

Let's take the phrase: Dad knocks, Mom knocks

Let's collect the consonants and the symbol ",": Ttkl,Mmml

Let's make the changes Tt = 2T; Mmm = 3m .

We get the password 2Tkl,3ml

Attention! Never use the password in this example.

3.3. Use of secure technologies

When working on the internet, be aware that the information you send travels over insecure networks, i.e. the information you send can be intercepted (stolen) along the way, and the information you send may not go where you think you are sending it. This loss of information can be prevented by encrypting the information. One of the most popular encryption technologies is SSL.
When sending private information, choose secure transmission methods based on SSL technologies such as https, pop3s, imaps. These methods encrypt the information you send and protect it from prying eyes. When you connect to a website in this way, the web address in your browser will start with https:// instead of http://, for example:

A lock icon at the bottom of the browser reminds you to log in securely:

You can also instruct the mail reader to use secure sending methods by ticking the checkbox next to 'SSL' (only if the service provider offers this service).

Never send passwords or other important information over chat channels - the conversations you send are usually unencrypted and it is often impossible to verify the identity of the person you are talking to.

3.4. SPAM

What is SPAM?

SPAM is spam that arrives by e-mail, usually in the form of promotional e-mails that arrive in a user's e-mail inbox unsolicited and unwanted. SPAM emails consume the resources of the computer network, the computers themselves, which are paid for by the recipients of the SPAM. SPAM also consumes the time needed to review, separate and remove such emails.

How do SPAM senders find out your email address?

SPAM distribution is a peculiar and often outrageous business that generates a certain income for the distributors. The more emails a distributor sends out, the higher the income. So these Internet spammers need tons of email addresses to send unwanted advertisements to. These clusters of email addresses are usually found on the Internet - on publicly accessible websites, on mailing lists. The malicious actors even use bots - special programmes that crawl the internet, collecting email addresses from websites. Your email address may end up in archives, which will then be bought by a web spammer and used to distribute advertising. Another way of collecting addresses is to use internet viruses that collect email addresses from an email address book on the infected computer. The detected addresses are then passed on to SPAM distributors.

How do I deal with SPAM emails?

It is difficult to avoid SPAM emails altogether - not everyone is comfortable hiding their email address without publishing it on the internet. Nor can you be sure that a virus won't steal it from a colleague's or friend's computer. However, you can use certain tools to fight SPAM emails and you should remember the tips to avoid the influx of such emails:

• Never reply to unsolicited promotional emails. Any response to such an email (even if it is a request not to send any more spam) will only confirm to the SPAM distributor that their advertisement has been viewed and that there is more advertising to be delivered to such an "exemplary" reader.
• Often, SPAM emails are designed in such a way that a casual glance at such a message is enough to register your email address in the SPAM distributors' databases as a potential reader of advertising. This will encourage them to send even more spam. To avoid this, turn off the option to view HTML-formatted emails.

3.5. Assignment. Test your knowledge.

Check what you have learnt about data protection by answering the questions. If you got most of the questions wrong, it is worth going back and re-reading the material in this section.