Lesson 1 Knowledge of network and computer safety
The internet allows us to communicate, share information and access a vast amount of data and online services. However, connecting to the Internet also comes with some dangers, such as the possibility of encountering computer threats such as viruses, spyware, fraud and hacker attacks.
Knowing the network means understanding:
- how the Internet works;
- how the information is transmitted;
- how to best use its features.
Knowing about the existence of cyber threats and how to protect your computer and your data will help you avoid any problems. For this reason, it is useful to know antivirus and antimalware software, choose strong passwords and perform online safety practices such as backing up your data. It’s also important to be aware of online fraud and scams and know how to avoid falling victim to these threats.
The internet has become an integral part of our daily lives, giving us unlimited access to information, services and entertainment. However, being online can be dangerous if you don’t know the right precautions to take.
With the term cybersecurity (or computer safety) we mean The efforts to design, implement, and maintain security for an organization’s network, which is connected to the Internet. It is a combination of logical/technical-, physical- and personnel-focused countermeasures, safeguards and security controls. An organization’s cybersecurity should be defined in a security policy, verified through evaluation techniques (such as vulnerability assessment and penetration testing) and revised, updated and improved over time as the organization evolves and as new threats are discovered.
The main threats to your online security can be:
- any code written for the specific purpose of causing harm, disclosing information or otherwise violating the security or stability of a system;
- an attack focusing on people rather than technology. This type of attack is psychological and aims to either gain access to information or to a logical or physical environment. A social engineering attack may be used to gain access to a facility by tricking a worker into assisting by holding the door when making a delivery, gaining access into a network by tricking a user into revealing their account credentials to the false technical support staff or gaining copies of data files by encouraging a worker to cut-and-paste confidential materials into an e-mail or social networking post;
- A security breach that enables an attacker to gain access or control over a system for an extended period of time usually without the owner of the system being aware of the violation. Often an APT takes advantage of numerous unknown vulnerabilities or zero day attacks, which allow the attacker to maintain access to the target even as some attack vectors are blocked.
- An attack which attempts to block access to and use of a resource. It is a violation of availability. DDOS (or DDoS) is a variation of the DoS attack (see DOS) and can include flooding attacks, connection exhaustion, and resource demand. The purpose of a DDoS attack is to significantly amplify the level of the attack beyond that which can be generated by a single attack system in order to overload larger and more protected victims. DDoS attacks are often waged using botnets;
- The occurrence of disclosure of confidential information, access to confidential information, destruction of data assets or abusive use of a private IT environment. Generally, a data breach results in internal data being made accessible to external entities without authorization.
In relation to computer safety, you need to be able to:
- identify simple ways to protect your devices and digital content, and
- differentiate simple risks and threats in digital environments,
- follow simple safety and security measures,
- identify simple ways to have due regard to reliability and privacy.
Regarding personal data and privacy protection, you need to be able to:
- select simple ways to protect your personal data and privacy in digital environments, and
- identify simple ways to use and share personally identifiable information while protecting yourself and others from damages,
- identify simple privacy policy statements of how personal data is used in digital services.
These are few, simple precautions, but they are worth following:
one of the most important cyber security tips to mitigate ransomware is patching outdated software, both operating system, and applications. This helps remove critical vulnerabilities that hackers use to access your devices;
this will help protect your computer from any computer threats such as viruses, spyware and malware. A firewall helps screen out hackers, viruses, and other malicious activity that occurs over the Internet and determines what traffic is allowed to enter your device;
create strong passwords that combine letters, numbers and symbols. Avoid using personal information or easily guessed words. Remember that your password should contain at least one lowercase letter, one uppercase letter, one number, and four symbols;
Web browsers like Google Chrome, Mozilla Firefox, and Microsoft Edge offer advanced security features to keep your data and computer safe;
this is a service that adds additional layers of security to the standard password method of online identification. With two (or multi) factor authentication, you will enter one additional authentication method such as a Personal Identification Code, another password or even fingerprint;
you should be very cautious about the information you include online. It is recommended that you only show the very minimum about yourself on social media. Consider reviewing your privacy settings across all your social media accounts, particularly Facebook.
Suspicious links can be used to spread viruses and malware. Before clicking on a link, make sure it’s from a reliable source.