Welcome! I’m Jenny Martin, the director of cybersecurity investigations at Symantec. Today, we’re diving into the world of cybercrime, a major issue affecting society on multiple levels—personal, financial, and even national security. In recent years, we’ve seen hundreds of millions of credit card numbers stolen, along with tens of millions of Social Security numbers and healthcare records. Even critical infrastructure has been targeted. These attacks often exploit weaknesses in hardware and software or capitalize on unintentional user actions.
Cybercriminals come in many forms and have various motivations. They can be international terrorists or teenagers looking for recognition. Nowadays, major countries not only have traditional armies but also maintain sophisticated cyber units. Future conflicts might not involve physical weapons but instead focus on cyber attacks that disrupt essential services like water supplies, energy grids, and transportation systems.
Hi, I’m Parisa, a security expert at Google. I’ve worked on enhancing software security across various products. Let’s delve into how cybercrime operates technically, including software viruses, denial-of-service attacks, and phishing scams.
In biology, viruses spread through physical contact. Similarly, a computer virus is an executable program that often gets installed unintentionally and can damage the user’s computer. These viruses can replicate and spread to other computers.
How does a virus initially infect a computer? Attackers might trick victims into installing malicious software disguised as legitimate programs, like security updates. Additionally, vulnerabilities in existing software can allow attackers to install malware without explicit permission. Once a virus is on a computer, it can steal or delete files, control other programs, or enable remote access.
Using computer viruses, hackers can control millions of computers worldwide, forming a digital army known as a botnet. This botnet can launch attacks like distributed denial-of-service (DDoS) attacks. A denial-of-service attack occurs when hackers overwhelm a website with excessive requests. In a DDoS attack, these requests come from multiple computers simultaneously, causing the targeted website to become unresponsive.
Another tactic used by cybercriminals is sending large volumes of spam emails to trick individuals into sharing sensitive personal information. This is known as a phishing scam. In a phishing scam, a seemingly trustworthy email prompts the recipient to log into their account, but clicking the link leads to a fraudulent website. If the user enters their credentials, they inadvertently provide their password to the hacker, who can then access their accounts to steal information or funds.
Fortunately, many companies, laws, and government organizations are working to enhance internet safety, but these efforts are often insufficient. It’s crucial to understand that when a computer system is hacked, it is frequently due to human error rather than a flaw in security design or software.
There are steps we can all take to protect ourselves. Our actions not only affect the security of our own data and devices but also the security of those around us, including at school, work, and home. With billions of dollars at stake, cybercriminals are becoming increasingly sophisticated each year, and we all need to stay informed and vigilant.
Engage in a role-playing exercise where you assume the roles of cybercriminals, cybersecurity experts, and victims. This activity will help you understand the motivations and tactics of cybercriminals, as well as the challenges faced by cybersecurity professionals. Discuss strategies to prevent and respond to cyber attacks.
Work in groups to analyze a real-world cyber attack case study. Identify the type of attack, the vulnerabilities exploited, and the impact on the victims. Present your findings to the class, highlighting lessons learned and potential preventive measures.
Create a campaign to raise awareness about phishing scams. Design posters, social media posts, or short videos that educate your peers on how to recognize and avoid phishing attempts. Share your campaign materials with the class and discuss their effectiveness.
Participate in a simulation exercise where you experience both sides of a DDoS attack. First, simulate the attack to understand its impact on a website. Then, switch roles to implement defense strategies and mitigate the attack. Reflect on the challenges of defending against such attacks.
Develop a comprehensive personal cybersecurity plan that includes best practices for protecting your data and devices. Consider aspects such as password management, software updates, and recognizing suspicious activities. Share your plan with classmates and provide feedback to each other.
**The Internet: Cybersecurity and Crime**
Hi, my name’s Jenny Martin, and I’m the director of cybersecurity investigations at Symantec. Today, cybercrime causes significant problems for society, personally, financially, and even in matters of national security. In recent years, hundreds of millions of credit card numbers have been stolen, tens of millions of Social Security numbers and healthcare records have been compromised, and even critical infrastructure has been targeted. This is often done by exploiting vulnerabilities in hardware and software or by taking advantage of unintentional decisions made by users.
Individuals committing cybercrimes do not fit a single profile or motivation; they can range from international terrorists to teenagers seeking recognition. Today, major countries not only maintain regular armies but also have well-equipped cyber units. In fact, future conflicts may not be fought with traditional weapons but through cyber attacks aimed at disrupting essential services like water supplies, energy grids, and transportation systems.
Hi, my name is Parisa, and I’m a security expert at Google. I’ve worked on various products to enhance software security. Now, let’s explore how cybercrime operates at a technical level, including software viruses, denial-of-service attacks, and phishing scams.
In biology, a virus spreads through physical contact. Similarly, a computer virus is an executable program that is often installed unintentionally and can harm the user’s computer. A virus can also replicate itself and spread to other computers.
How does a virus initially infect a computer? Attackers may deceive victims into installing malicious software disguised as legitimate programs, such as security updates. Additionally, vulnerabilities in existing software can allow attackers to install malware without explicit permission. Once a virus is on a computer, it can steal or delete files, control other programs, or enable remote access.
Using computer viruses, hackers can take control of millions of computers worldwide, forming a digital army known as a botnet to launch attacks, such as distributed denial-of-service (DDoS) attacks. A denial-of-service attack occurs when hackers overwhelm a website with excessive requests. In a DDoS attack, the requests come from multiple computers simultaneously, causing the targeted website to become unresponsive.
Another tactic employed by cybercriminals is sending large volumes of spam emails to trick individuals into sharing sensitive personal information. This is known as a phishing scam. In a phishing scam, a seemingly trustworthy email prompts the recipient to log into their account, but clicking the link leads to a fraudulent website. If the user enters their credentials, they inadvertently provide their password to the hacker, who can then access their accounts to steal information or funds.
Fortunately, many companies, laws, and government organizations are working to enhance internet safety, but these efforts are often insufficient. It’s important to recognize that when a computer system is hacked, it is frequently due to human error rather than a flaw in security design or software.
There are steps we can all take to protect ourselves. Our actions not only affect the security of our own data and devices but also the security of those around us, including at school, work, and home. With billions of dollars at stake, cybercriminals are becoming increasingly sophisticated each year, and we all need to stay informed and vigilant.
Cybersecurity – The practice of protecting systems, networks, and programs from digital attacks. – University students should be aware of cybersecurity measures to protect their personal data from unauthorized access.
Cybercrime – Criminal activities carried out by means of computers or the internet. – Understanding the different types of cybercrime is crucial for developing effective prevention strategies.
Viruses – Malicious software programs that can replicate themselves and spread to other computers. – Installing antivirus software is essential to protect your computer from viruses.
Malware – Software that is specifically designed to disrupt, damage, or gain unauthorized access to computer systems. – Students should learn how to identify and remove malware from their devices.
Phishing – A cyber attack that uses disguised email as a weapon to trick the recipient into revealing personal information. – Be cautious of phishing emails that ask for your university login credentials.
Botnets – Networks of private computers infected with malicious software and controlled as a group without the owners’ knowledge. – Botnets can be used to launch large-scale cyber attacks, such as sending spam emails.
DDoS – Distributed Denial of Service, a type of cyber attack where multiple systems overwhelm a target with traffic. – A DDoS attack can bring down university servers, disrupting online classes and resources.
Software – Programs and other operating information used by a computer. – Keeping your software updated is a key step in maintaining cybersecurity.
Security – The state of being protected against unauthorized access or harm. – Implementing strong security protocols is essential for safeguarding sensitive university data.
Internet – A global network of interconnected computers that communicate freely and share and exchange information. – The internet is a valuable resource for research, but students must use it securely to avoid cyber threats.
