Comp4 Unit2c Lecture Slides
-
Upload
health-it-workforce-curriculum-2012 -
Category
Documents
-
view
237 -
download
3
Transcript of Comp4 Unit2c Lecture Slides
Introduction to Information and Computer Science
Internet and the World Wide Web
Lecture cThis material (Comp4_Unit2c) was developed by Oregon Health and Science University, funded by the Department of Health
and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC000015
Internet and the World Wide WebLearning Objectives
• Define the Internet and how to connect to it (Lecture a and b)• Define the World Wide Web and how to access it (Lecture a
and b)• Write effective search queries for Internet search engines,
filter the results and evaluate credibility of information (Lecture b)
• Discuss security and privacy concerns on the Internet (Lecture c)
• Describe ethical issues for the Internet (Lecture c and d)• Explore online healthcare applications and associated
security and privacy issues including HIPAA (Lecture d)
2Health IT Workforce Curriculum Version 3.0/Spring 2012
Health IT Workforce Curriculum Version 3.0/Spring 2012
2
Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Internet Security and Privacy Concerns
• This lecture will discuss Internet security and privacy• Why be concerned about Internet security?
Personal data is always at risk when connected to the Internet, regardless of connection type
Checking account may be drained before a user can act Credit may be destroyed if personal data stolen (and
impersonated) Corporate secrets may be stolen and sold to competitors
Health IT Workforce Curriculum Version 3.0/Spring 2012
3Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
What Devices are Usually Attacked?
• RouterSends traffic from a private network to the
Internet and from the Internet to a private network
If a hacker can successfully attack a router: All network traffic can be viewedTraffic can be redirected to the hacker’s equipment
Health IT Workforce Curriculum Version 3.0/Spring 2012
4Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
What Devices are Usually Attacked? (continued)
• Web Server House Web site If a hacker can successfully attack a Web
server, the Web server may not be able to function properly
What would happen if Amazon.com or eBay.com went down for an entire business day?
Health IT Workforce Curriculum Version 3.0/Spring 2012
5Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
What Devices are Usually Attacked? (continued)
• Computer Computers can store confidential personal
and corporate data If a hacker can gain access to this
information, they might use it for personal gain, sell it to another party, or use it for blackmail purposes
Health IT Workforce Curriculum Version 3.0/Spring 2012
6Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
How do Hackers Attack Devices?
• Packet sniffers can read Internet traffic.• Install malware.
Adware – Continuous ads on the screen Spyware – Reports on sites visited
• Guess at user names and passwords Don’t use easy-to-guess passwords Do change default usernames and passwords
(wireless routers)
Health IT Workforce Curriculum Version 3.0/Spring 2012
7Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Secure Your Operating System
• Install critical updatesFor Windows operating systems (OS), critical
updates fix security flaws and should be installed as soon as they are released
Optional updates should not be automatically installed
Only install optional updates if they are needed
Health IT Workforce Curriculum Version 3.0/Spring 2012
8Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Secure Your Files• Install anti-virus (AV) protection software
Commercial AV software is more robust than free AV software Will catch and quarantine almost all Trojan horse, virus, and worm
attacks before they do any harm AV software works by recognizing “patterns” and stopping
what it considers bad behavior Patterns should be updated daily to protect computer against new
attacks If installing more than one AV program on a computer,
verify that they will work together before installation Some AV software do not work well together.
Health IT Workforce Curriculum Version 3.0/Spring 2012
9Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Engage in Safe Browsing
• When surfing, never click on a pop-up unless absolutely sure of its ownerSome pop-ups may indicate that the computer
is infected with viruses and that clicking the popup will cleanse the system Never trust these messages. It is more likely that
AV software will locate and remove malware and viruses than a Web site’s software.
Health IT Workforce Curriculum Version 3.0/Spring 2012
10Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Close Pop-up Windows Safely
• Press the key combination of ALT+F4 to terminate pop-ups. This ensures that the pop-up will not install malware.
• Do not click anywhere on or in the pop-up window with a mouse. Clicking may install malware.
Health IT Workforce Curriculum Version 3.0/Spring 2012
11Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Secure Your Computer System
• Turn on a firewallFirewalls permit or deny a computer the
ability to connect to another computerThe firewall will disable ports that should
not be open and restrict use of ports to certain programs
Health IT Workforce Curriculum Version 3.0/Spring 2012
12Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Manage Cookies• A cookie is a text file that a Web site stores on a
computer • Cookies cannot harm a computer• Web sites use cookies to track preferences and record
Web pages visited First-party cookies are placed on a computer by Web site
owners. These are usually okay. Third-party cookies are placed on a computer by companies
authorized by the Web site owner to place a cookie on computers Some experts recommend accepting first-party, rejecting third-
party, and allowing session cookies
Health IT Workforce Curriculum Version 3.0/Spring 2012
13Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Manage Cookies (continued)• Recommended settings in Internet Explorer
(PD-US, 2010)
Health IT Workforce Curriculum Version 3.0/Spring 2012
14Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Passwords and the Internet
• Use complex passwords: At least six characters At least one upper-case character At least one number At least one symbol (# ! @ $ %, etc.) Never use common information in a password
• Do not write passwords on paper Hackers know to search around the monitor,
keyboard, and general computer area to find passwords
Health IT Workforce Curriculum Version 3.0/Spring 2012
15Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Know Who Uses Your Computer
• Utilize user accounts on your computer Don’t log in using the “administrator” account Track who has logged in and some of the things they
do while logged in• Require all computer users to have their own
user account and password Don’t set up users as administrators
• Set users as Power Users or Users to decrease the chances of their infecting the computer
Health IT Workforce Curriculum Version 3.0/Spring 2012
16Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Other Internet Security Considerations
• Never use a public computer to conduct personal business• Use your personal computer with commercial, up-to-date AV
software installed• Use strong passwords on all online accounts to prevent others from
viewing or stealing data• Always log out of any session before leaving the computer• Never open an email from an unknown recipient
Don’t even click it once• Never open or save an email attachment unless the sender is
known and trusted
Health IT Workforce Curriculum Version 3.0/Spring 2012
17Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms
• A Trojan horse is a malware program that usually impersonates a known good file installed on the system by replacing (deleting) the good file Gets its name from the Greek Trojan Horse myth The Trojan then does its dirty work on a certain date, through a
user action or on command Trojans can destroy or copy data, install adware, or install a
browser toolbar Trojans can record keystrokes and send this to the attacker and
scan computer ports
Health IT Workforce Curriculum Version 3.0/Spring 2012
18Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
• A virus is a computer program that can harm a computer and make it inoperable. Some viruses are only an annoyance. Viruses usually do not replicate (make copies of)
themselves on other computers Removing the virus usually cleans the computer Sending a virus via email may replicate the virus In 2008, the Fun.exe virus spread itself via email
throughout the world and was very difficult to remove
Health IT Workforce Curriculum Version 3.0/Spring 2012
19Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
• Macro viruses usually infect Microsoft® Office files and install themselves when users click files A macro is a small program, usually written in VBA
(Visual Basic for Applications) Macro viruses spread when users click files in which
the macro virus resides Macro viruses may also delete files on an infected
system
Health IT Workforce Curriculum Version 3.0/Spring 2012
20Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
• A worm is a program that works to create a lot of network traffic Some worms are not malware as they crawl the
network searching for reporting information Most worms replicate themselves, making the
network unusable The ILOVEYOU worm successfully attacked millions
of computers (users clicked the attachment) in May 2000
Health IT Workforce Curriculum Version 3.0/Spring 2012
21Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
• Phishing Phishing is an attempt to trick users into revealing
personal information to an attacker so they can impersonate the user
Pronounced like the word “fishing,” the attacker is fishing for information about the user
Phishers may send an email that appears to be from a financial institution, eBay, or Amazon, asking a user to log in to verify a transaction
Health IT Workforce Curriculum Version 3.0/Spring 2012
22Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
Clicking on the link in the email produces an official-looking Web site
No reputable organization will ever ask users to do this
Report the attack to the organization so they are aware of the attack
• Most email software includes the ability to monitor for phishing and move the suspected email to a non-functional (junk email) folder
Health IT Workforce Curriculum Version 3.0/Spring 2012
23Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
• Hoaxes Hoaxes are usually harmless and attempt to convince
user of something that is not true Hoaxes usually come in the form of an email Some hoaxes invite user to send money to someone
in another part of the world, others ask user to contribute to find missing children, etc
Use a search engine to determine whether the email’s message is true by entering the email subject line in a search engine The result will usually indicate whether the email is a hoax
Health IT Workforce Curriculum Version 3.0/Spring 2012
24Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Trojans, Viruses, and Worms (continued)
• Uncloak a hoaxUse trusted Internet sites to detect hoaxes
Snopes.com - http://www.snopes.com/ Urban Legends Online -
http://urbanlegendsonline.com/
• Never forward email chains without verifying their source
Health IT Workforce Curriculum Version 3.0/Spring 2012
25Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Ethical considerations of the Internet
• Sharing Internet connection with neighbors Should neighbors have the ability to pool together, lease an
Internet connection from an ISP, and pay for sharing one connection?
• Downloading software from the Internet Should license “key generator” sites be allowed to operate? Should people be able to download pirated software from the
Internet? Pirating software is a copyright infringement, selling
unauthorized copies of commercial software, usually at a very low price
Health IT Workforce Curriculum Version 3.0/Spring 2012
26Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Internet and the World Wide WebSummary – Lecture c
• Users should be concerned about Internet security because if personal information is compromised, terrible financial and deeply personal losses may result
• Hackers attack routers, switches, and computers to view confidential data and cause financial ruin
• One of the easiest and best ways to protect data is to apply critical updates as soon as they become available
• Antivirus, or AV software, works to recognize patterns so that it can stop computer attacks
Health IT Workforce Curriculum Version 3.0/Spring 2012
27Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Internet and the World Wide WebSummary – Lecture c (continued)
• Protect data by turning on a firewall, managing cookies, and using password-protect devices with user accounts
• Never use publicly-accessible computers to conduct personal business
• Attackers use Trojans, viruses, worms, and phishing to trick people into revealing confidential information
• Internet use often involves ethical considerations such as the use of pirated software
Health IT Workforce Curriculum Version 3.0/Spring 2012
28Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c
Internet and the World Wide WebReferences – Lecture c
References• Parsons JJ, Oja D. Chapter 1: Computers and Digital Basics. In: New Perspectives on Computer Concepts 2011:
Comprehensive. 13th ed. Boston: Course Technology; 2010.• Shelley GB, Vermaat ME. Chapter 1: Introduction to Computers. In: Discovering Computers 2011: Introductory.
1st ed. Boston: Course Technology; 2010.• Snopes. Snopes.com [free reference source on the Internet]. 2010 July 11; [cited 12 July 2010]; Available from:
http://www.snopes.com. • Urban Legends Online. UrbanLegondsOnline.com [free reference source on the Internet]. 2010 July 12; [cited 12
July 2010]; Available from: http://urbanlegendsonline.com. • Malware. Wikipedia [free encyclopedia on the Internet]. 2010 July 12; [cited 12 July 2010]; Available from:
http://en.wikipedia.org/wiki/Malware. • HTTP Cookie. Wikipedia [free encyclopedia on the Internet]. 2010 July 12; [cited 12 July 2010]; Available from:
http://en.wikipedia.org/wiki/HTTP_cookie. • Phishing. Wikipedia [free encyclopedia on the Internet]. 2010 July 12; [cited 12 July 2010]; Available from:
http://en.wikipedia.org/wiki/Phishing. • Hoax. Wikipedia [free encyclopedia on the Internet]. 2010 July 12; [cited 12 July 2010]; Available from:
http://en.wikipedia.org/wiki/Internet_hoax.
Images• Slide 14: Blackwood, J. (2010). Screenshot of recommended Cookie settings for Internet Explorer.
29Health IT Workforce Curriculum Version 3.0/Spring 2012
Introduction to Information and Computer Science Internet and the World Wide Web
Lecture c