IGCSE ICT - Security of Data against Hacking https://www.ictlounge.com/html/data_security.

htm

The ICT Lounge

Section 8.3:
Security of Data against Hacking
We often use computers to store data that could be used for identity
fraud purposes. Data such as bank details, passwords, private Key Concepts of this section:
medical records etc. should all be secured against the possibly of
theft. # Understand what is meant by Hacking.
# Know why it is important to protect data against
This section discusses the different methods we can use to protect hackers.
our private data against hackers. # Be able to describe the measures that can be taken to
protect data against hackers.

The effects of hacking Key Words:

Hacking, Hacker, Key logger,
What is hacking? Identity fraud, Theft.

# Hacking is where people access computer systems without permission. These people
are known as 'hackers'. Examples:

# Most of the time, hackers will try to access the computer system using the internet.

# Hackers will usually try to break into the system by simply guessing the password or by
using a key logger.

A key logger is a special type of software that is secretly sent to a computer system
and then 'logs' every key press that users of the system make.
Hacking is accessing computer systems without
The key press log is sent back to the hacker who then looks through the log for permission.
usernames and passwords which they can then use to hack into the system.

Why do people try to hack into computer systems?

# Hackers try to break into computers for the following reasons:

To cause damage to files or data by deleting or changing them

To commit fraud by stealing data - (bank details for example)
To access sensitive information
To simply see if they are clever enough to beat the system's security. Hackers will look for sensi ve data like bank account
numbers and passwords.

What are the effects of hacking?

# The effects of hacking can be serious and some of these are described in the table below:

Identity theft Names, addresses, social security numbers etc. can all
be stored on computers and, if stolen, can be used to
commit identity fraud.
Hackers will steal personal data.
Theft of money If hackers manage to obtain bank and credit card details,
they can use them to steal cash.

Stealing of If a business computer is hacked into, customer

customer information can be stolen.
information
The consequences of this would depend on what data was
stolen, but would probably be for identity fraud or theft of
cash.

Stealing email If email addresses are stolen, they could be used for
addresses spamming purposes.

NOTE: Spamming is where the same email is sent to large

numbers of people.

Loss of Sometimes hackers break into computers just to cause Hackers will look for and gather millions of email
important havoc. This can involve them deleting any information addresses in order to send spam.
information that looks important.

1 of 4 11/12/2021, 12:49 PM
IGCSE ICT - Security of Data against Hacking https://www.ictlounge.com/html/data_security.htm

Some videos:
# Here are some links to videos that contain more information about hacking and
hackers:

PLACE VIDEOS HERE

Hackers will break into systems and delete important

data just to cause a nuisance.

Preventing hacking Key Words:

Authentication, User-Id,
Authentication techniques: Password, Biometrics.

# There are various methods you can use to help stop hackers from accessing your
computer files and data. Examples:

# The best method is to just check that a person accessing a computer system or a
network is allowed to do so.

This is known as 'authentication'.

# Common authentication techniques include:

User-Id's and passwords

Biometrics.

# Each of these authorisation techniques will be discussed in detail below: Data can be protected and locked against hackers.

User-Id's and Passwords

# One of the best ways to prevent unauthorised access to a computer system or a network
is to use user-id's and passwords. Examples:

# If the correct user (correct user-id) enters the correct password, they would be given
access to the computer network.

Any errors would mean they are denied access because they are
unauthorised users.

User Id's:
# A user-Id is usually a word or a number that identifies particular users as they log onto User-Id's and passwords protect systems against
a computer system or a network. unauthorised access.

User-Id's are unique and no two users will have the same Id.

This makes it possible for a network manager to to keep track of what each person
does whilst logged on.

# User-Id's give people access to certain areas or files within the computer.

For example:
Students cannot access the Teacher shared area on school networks but staff can.
User-Id's give different access levels within a system.

Passwords:
# Passwords should be combinations of letters, numbers and symbols.

# A password should only be known by the user who owns it.

# To help keep passwords secret, input masks are used to hide them whilst being
entered.

NOTE:
Input masks usually make each character of a password look like a star (*).
Input masks hide your real password with stars.

2 of 4 11/12/2021, 12:49 PM
IGCSE ICT - Security of Data against Hacking https://www.ictlounge.com/html/data_security.htm

For example: If my password was 1234, the input mask would make this look like
**** to anyone trying to take a peak.

Features of a good password:

# A good password should be robust.

Robust means 'hard to guess'. A robust password should be a combina on of le er,

numbers, symbols and upper/lower case.

# Robust passwords should make use of the following features:

Include a mixture of letters, numbers and symbols - (grj, 727, @#$)

Include a mixture of UPPER and lower case letters
Don't use personal information about yourself that would be easy to guess - (like
your name)
Don't use obvious combinations - (abcd, 1234 etc.).

Passwords should never be wri en down.

How to use a password:

Change your password often

Worst passwords
Keep your password secret- (never tell anyone) Some bad examples of passwords are
Don't write your password down anywhere. shown below: (click image to zoom)

Some videos:
# Here are some links to videos that contain more information about user-id's and
passwords:

PLACE VIDEOS HERE

Biometric Authorisation
# This method of security is where users are authenticated using one of their body parts.
Examples:
# Common biometric authorisation methods include:

Face scans
Iris scans
Fingerprint scans.

For example:
In order to access a computer system or network, a user would prove they are
authorised to use the system by having their thumbprint scanned into the system.
Eye scans can be used to authen cate users.
If their thumbprint matched the authorised thumbprint, the user would be given
access.

If the thumbprint did not match, they would be denied access.

# With biometric authorisation, the user's body parts replace a user-id and password.

# This method of authorisation is considered to be more secure than user-id's and

passwords.

For example:
It is possible to guess someone's password but you cannot forge their
fingerprints.

Face scans can be used to authen cate users.

Advantages of using biometric authentication:
# The advantages of using biometric authentication methods (body parts) instead of
traditional user-id's and passwords are described in the table below:

1. Passwords can be forgotten. You cannot forget your eyes or fingers.

2. It is not possible to forge body parts.

(Everyone has slightly different eyes, faces and fingerprints)

3 of 4 11/12/2021, 12:49 PM
 3. It is also possible to write a password down and leave it somewhere for
someone to find and use. This cannot happen with body parts as they are
with you always.

Some videos:
Here are some links to videos that contain more information about biometric authentication:

PLACE VIDEOS HERE

Some modern smart phones use fingerprints to

authen cate the owners of the device.

Activity!
Securing Data against Hackers - Research Sheet

Click the above task and answer the questions about Data Security.

Biometric security methods are almost impossible to

forge.

Previous - E-Safety Next - Online Data Security

Please add your questions/comments below:

0 Comments ictlounge Disqus' Privacy Policy 1 Login