Professional Documents
Culture Documents
03 IT WKSH Internet Security 2021
03 IT WKSH Internet Security 2021
The Hang Seng University of Hong Kong Workshop for IT Proficiency Test
03 Internet Security
1
IT Learning Centre
The Hang Seng University of Hong Kong
Contents
1. System Security
2. Privacy
3. Threats of Malware
Department of Computing 2
IT Learning Centre
The Hang Seng University of Hong Kong
1. System Security
THREAT & TECHNICAL MEASURES
Department of Computing 3
IT Learning Centre
The Hang Seng University of Hong Kong
System Security
◼ Security refers to the policies, procedures,
and technical measures used to
prevent unauthorized access, theft, or
damage to information systems
Policies
Procedures Unauthorized access
Technical measures Theft of information
Department of Computing 4
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 5
IT Learning Centre
The Hang Seng University of Hong Kong
Personal Firewall
◼ Home and small office/home office users
often protect their computers with a personal
firewall.
◼ It is a utility program that detects and
protects a personal computer and its data
from unauthorized intrusions.
Department of Computing 7
IT Learning Centre
The Hang Seng University of Hong Kong
Personal Firewall
◼ Some operating systems (OS), such as
Windows and macOS,
include personal
firewalls.
Department of Computing 8
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 9
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 10
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 11
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 12
IT Learning Centre
The Hang Seng University of Hong Kong
Information Theft
◼ It occurs when someone steals personal or
confidential information.
◼ Information transmitted over networks offers
a higher degree of risk because
unscrupulous users can intercept it during
transmission.
Hacker
Internet
Department of Computing
13
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 14
IT Learning Centre
The Hang Seng University of Hong Kong
Encryption - HTTPS
◼ HTTPS is a protocol to secure
communication over a computer network,
which is widely used on the Internet.
◼ It consists of communication over
Hypertext Transfer Protocol (HTTP) within
a connection encrypted by Secure Sockets
Layer.
Department of Computing 15
IT Learning Centre
The Hang Seng University of Hong Kong
HTTPS Connections
◼ An SSL website can be identified by
◼ URLs of secure sites often begin with
https instead of http.
◼ Browsers also often display a lock
symbol in the window.
IT Learning Centre
The Hang Seng University of Hong Kong
Phishing (Fishing)
◼ A fraudulent attempt to acquire sensitive
information such as usernames, passwords and
credit card details by masquerading as a
trustworthy entity in Internet.
◼ E.g., use email or instant messaging to deceive
and direct users to enter personal
information at a fake website
that looks or feels identical to
the legitimate site.
Department of Computing
18
IT Learning Centre
The Hang Seng University of Hong Kong
Wireless Security
◼ To access the network, an individual must
be in range of the wireless network.
◼ Some intruders intercept and monitor
communications as they transmit through
the air.
◼ Common types of wireless security
standards: WPA2, WPA3
Department of Computing 19
IT Learning Centre
The Hang Seng University of Hong Kong
2. Privacy
COOKIE
Department of Computing 20
IT Learning Centre
The Hang Seng University of Hong Kong
Cookies
◼ E-commerce and other Web applications
often rely on cookies to identify users and
customize Web pages.
◼ A cookie is a small text file generated by a
website.
◼ It is placed on the hard disk of the user’s
computer.
◼ Cookies typically contain data about you,
such as your user name or viewing
preferences.
Department of Computing 21
IT Learning Centre
The Hang Seng University of Hong Kong
ID:a3fWa
Gets the cookie’s contents and 4
knows the user’s preference
Department of Computing 22
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 23
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 24
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 25
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 26
IT Learning Centre
The Hang Seng University of Hong Kong
v
Department of Computing 27
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 28
IT Learning Centre
The Hang Seng University of Hong Kong
3. Threat of Malware
Department of Computing 29
IT Learning Centre
The Hang Seng University of Hong Kong
Malware
◼ Malware (or malicious software) is a
program that acts without user’s
knowledge and deliberately alters the
computer’s operations.
Department of Computing 30
IT Learning Centre
The Hang Seng University of Hong Kong
Malware – Symptoms
◼ A computer infected by malware such as a (1)
virus, (2) worm or (3) Trojan horse often has one
or more of the following symptoms:
◼ OS runs much slower than usual
Department of Computing 31
IT Learning Centre
The Hang Seng University of Hong Kong
Department of Computing 32
IT Learning Centre
The Hang Seng University of Hong Kong
Ways of Infection
◼ Infection via connection media:
◼ opening an attachment in an e-mail
Department of Computing
33
IT Learning Centre
The Hang Seng University of Hong Kong
Computer Virus
◼ A computer virus is a potentially damaging
computer program that affects the normal
functioning of a computer / network
system:
◼ Once the virus infects the computer, it
spreads throughout and may damage
files and system software, including the
operating system.
◼ It needs to attach to a host, e.g. word file.
Department of Computing 34
IT Learning Centre
The Hang Seng University of Hong Kong
Worm
◼ Spread from one computer to another over a
network or the Internet, taking the
advantages of bugs and insecure settings
of a network and its connected computers.
◼ Unlike a virus, it does not need to attach itself
to an existing program or file.
Trojan Horse
◼ Portrays itself as something else, for instance,
as a useful application or a picture.
◼ Induces the user to install and run it.
◼ Creates backdoors to allow hacker to get in
and control the computer.
◼ Would not infect other files.
Department of Computing 36
IT Learning Centre
The Hang Seng University of Hong Kong
Ransomware
◼ Ransomware is malicious code that is used by
cybercriminals to launch data kidnapping and
lockscreen attacks.
◼ The motive for ransomware attacks is monetary,
and unlike other types of attacks, the victim is
usually notified that an exploit has occurred and
is given instructions for how to recover from the
attack.
◼ Payment is often demanded in virtual currency
to protect the criminal’s identity.
Source from: TechTarget
Department of Computing 37
IT Learning Centre
The Hang Seng University of Hong Kong
Cryptojacking
◼ Unauthorized use of other's computer to mine
cryptocurrency
◼ 4 millions coin miner malware by the end of the
third quarter of 2018
◼ Only 500,000 new coin miner malware in the
fourth quarter of 2017
◼ Targeted not only computers but also Internet-
connected devices, e.g., routers, CCTVs
Department of Computing 38
IT Learning Centre
The Hang Seng University of Hong Kong
Security Measure –
Installing Anti-Virus Software
◼ Avoiding malware infection
◼ Install anti-virus software.
◼ Update the virus definition file
regularly.
◼ Scan your hard disk to check for virus
regularly.
◼ Scan all files and e-mail attachments
when they are downloaded.
Department of Computing 39
IT Learning Centre
The Hang Seng University of Hong Kong
References
⚫ InfoSec Website
⚫ http://www.infosec.gov.hk
⚫ GovCERT.hk
⚫ https://www.govcert.gov.hk/en/index.html
THE END
Department of Computing 40