Digital Security and Ethics

• Risks
• Hacker
• Cracker
• Script Kiddie
• Corporate spies
• Unethical employees
• Cyber-extortionist
• cyber-terrorists
• Types of Risks
• Virus
• Antivirus
• Worm
• Trojan Hose
• Anti-spyware
• Anti-malware
• Rootkit
• Anti-Virus
• Ransomware
• Risks Explained
• Computer Virus
• Affects a computer negatively by altering the way the computer works
• Worm
• copies itself repeatedly, using up resources and possibly shutting down the computer or network
• Trojan Horse
• A malicious program that hides within or looks like a legitimate program
• Rootkit
• Program that hides in a computer and allows someone from a remote location to take full control
• Symptoms
• OS running slow, stops intermittently or does not start
• Less memory available
• Corrupt files and programs
• Programs do not operate properly
• Unknown programs are activated
• Tools
• Hardware firewall
• Software firewall
• Anti-virus
• Virus definition and signature
• Quarantine
• Anti-malware
• Malware removal tool
• Windows update
• Service Packs
• Internet security
• Hardware Firewalls
• Used for blocking access to ports on computers behind a firewall
• Hides the IP address behind a private IP address
• Built into many routers
• In particular, into wireless routers
• Hardware Firewall Brands
• Wireless routers from the following brands have built-in firewalls
• D-Link, Linksys and NetGear
• Software Firewall
• Blocks access to ports on individual computers
• Example:
• Windows Firewall
• Zone Alarm Pro
• Software Firewalls are also built into security suites such as Norton Internet Security and McAfee Internet Security suites
• http://www.toptenreviews.com/software/privacy/best-personal-firewall-software/
• Barrier Against Intruders
• Hardware firewall
• Software firewall
• Likely Source of Viruses
• Email
• This is the most likely source of viruses entering a computer
• Removable disks, or flash disks in general
• Booting with removable disks
• Macros in Programs
• Executing scripts in Web pages
• Forced Execution
• Some website would force the execution of a script
• ctrl-alt-del and ending the task would provide a way out of executing the script
• In some cases, closing the website would be a way out of executing the script
• Preventing attacks
• tips for preventing virus and other malware
• never start a computer with removable media inserted in the drives or plugged in te ports, unless the media are uninfected
• Never open an e-mail attachment unless you are expecting it and it is from a trusted source
• Set the macro security in programs so that you can enable or disable macros. Enable macros only if the document is from a trusted source and you are expecting it 
• Install an antivirus program on all of your computers. update the software and the virus signature files regularly
• scan all downloaded programs for viruses and other malware
• if the antivirus program flags and e-mail attatchment as infected, delete or quarantine the attatchment immediately
• before using any removable media, scan the media for malware/ Follow the procedure even for shrink-wrapped software from major developers. Some commercial software has been infected and distributed to unsuspecting users
• Install a personal firewall program
• stay informed about new virus alerts and virus hoaxes
• Import Considerations in Preventing Attacks
• Avoid booting a computer with a removable media
• disable the execution of macros in office documents such as word and excel documents and outlook emails
•  Cookies
• cookies are stored on computers by website
• Information stored in cookies are accessed by the website each time the site is visited
• cookies can be and possibly should be removed as soon as possible, if not, periodically
• types of cookies
• authentication cookies
• cookies stored by websites
• third-party tracking cookies
• Firefox examples
• Types of Attack
• botnets
• denial of service
• back doors
• spoofing
• spamming
• firewalls
• Linksys firewall
• D-link WBR 1310
• NetGear
• Software firewalls
• Windows firewall example
• Authorizing Access
• password
• access auditing
• possessed object
• PINs
• Biometric devices
• Authentication
• One factor
• Two Factor
• Three Factor
• Four Factor
• Certification
• A digital signature is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity on the sender
• A digital certificate is a notice that guarantees a user or a Web site is legitimate
• Issued by a certificate authority
• Investigating Computer Evidence
• digital forensics
• Theft
• safeguarding against theft
• software and hardware theft
• data protection
• encryption
• word example
• using encryption program
• TrueCrypt - now discontinued
• VeraCrypt - an alternative to TrueCrypt
• BitLocker encryption
• BitLocker and VeraCrypt
• BitLocker usually encrypts the whole drive
• It can also encrypt folders
• VeraCrypt can encrypt part of a drive
• Encrypting Folders and files
• selectively encrypting folders
• https://www.howtogeek.com/178912/how-to-encrypt-files-and-folders-in-windows-8.1-using-efs/
• Encrypting Office 2013 documents
• Systems Safeguard
• UPS
• Backup
• Hot-pluggable devices
• Hot-swappable devices
• RAID
• Wireless LANs
• SSID
• Broadcasting SSID
• Avoid fro security reason
• Encryption
• Wireless Encryption
• WEP
• WPA
• 802.11i
• WPA2-Personal
• WPA2-Enterprise
• Securing your wireless connection
• https://www.labnol.org/internet/secure-your-wireless-wifi-network/10549/
• Health Concerns
• displays
• repeated typing  
• Ergonomics
• Ethics and Accuracy
• ethics
• accuracy
• green computing
• Code of Conduct
• Sample IT Code of Conduct
• Technology may not be used to ham other people
• employees may not meddle in others files
• employees may use technology only for purposes in which they have been authorized
• technology may not be used to steal
• technology may not be used to bear fake witness
• employees may not copy or use software illegally
• employees may not use others' technology resources without authorization
• employees may not use others' intellectual property as their own
• employees shall consider the social impact of programs and systems they design
• employees always should use technology in a way that demonstrates consideration and respect for fellow humans
•  Copyright
• copyright
• open source
• freeware
• shareware
• http://download.cnet.com/windows/
• audacity
• Information Privacy
• electronic profiles
• cookies
• removing cookies
• spyware and adware
• spam
• phishing
• social engineering
•  Privacy and other IT laws
• IT Law
• http://www.hg.org/information-technology-law.html
• https://law.stanford.edu/transatlantic-technology-law-forum/
• Content Filtering and Blocking
• Limited access to certain parts of the website
• ex: access to library database requires a password
• prevent access to certain websites
• Security Concerns
• Phishing
• Spyware
• Adware
• Social Engineering