Safe Use of

Computers
DATA SECURITY & COMPUTER VIRUSES
NICOLA TURING

REFERENCE: Form 1, Unit 4. Pages 77-83.

Junior Secondary Computer Studies, Andrew Nasalangwa.
 CAUSE SAFETY PRECAUTIONS
Accidental deletion Think carefully before deleting
any data of program
Malicious deletion Recover from the recycle bin /
use recovery software
Accidental media format Data recovery experts can help
(reformatting a drive results in instant loss of
data)

Accidental damage Special recovery techniques may

Causes of help

software & Natural disaster

Power failure
Maintain an “off-site” backup
Use UPS, save your work
data loss regularly
Hardware failure Protect the power supply with
UPS
Software failure Save you work regularly,
maintain proper backup, use
diagnostic utilities, update
security software
Vandalism Strong physical and data security
systems to prevent hackers
 Data Privacy
Data stored about a person or an organisation must remain private and unauthorised
access must be prevented.
Data protection laws usually cover organisations rather than individuals and vary in
different countries, but all follow the same principles:
1. Data must be fairly and lawfully processed
2. Data can only be processed for the stated purpose
3. Data must be adequate, relevant and not excessive
4. Data must be accurate
5. Data must not be kept any longer than is necessary
6. Data must be processed in accordance with the data subject’s rights
7. Data must be kept secure
8. Data must not be transferred to another country unless that country also has
adequate data protection
User accounts
User accounts
❖Used to authenticate a user
❖Used on both standalone computers
and networks
❖Often use a screen prompt for a
username and password
❖Control access rights
Passwords
❖Used to restrict access to data or systems

❖Can also be used to access e-mail accounts, online shopping or banking,

accessing social media sites

❖Should be hard to crack (strong)

❖Should be changed frequently to maintain security

❖Strong passwords should contain:

❖ At least one capital letter
❖ At least one numerical value
❖ At least one other keyboard character (such as !, *, &, @)

❖Biometrics increasingly used as part of the password system

❖ Fingerprint scans
❖ Retina scans
❖ Face recognition
❖ Voice recognition
 Think, pair and share
Which of the following are strong or weak passwords? Decide on your
answers and then explain you reasons to the student next to you.
a) qwerty
b) 01-01-2020
c) Pas5word
d) Tf34@#xJ91!
e) YELLOW
f) Malawi_School#20!
 Preventing loss of
data & software
1. Up to date anti-virus software
2. Scan all external storage media and e-mails for viruses before
opening
3. Backup all important data and software and store in a safe
place
4. UPS to protect computer against power surges
5. Save work regularly
6. Shut down computer safely
7. Use only trusted software – some freeware programs may
damage the operating system
8. Write protect storage media to ensure only trusted users can
use it
9. Physical security to prevent theft
10. Handle storage devices and media with care to prevent
accidental damage by dropping, dust, heat, water and
magnetic effects
A computer virus is a type of computer program that,
when executed, replicates itself by modifying other
computer programs and inserting its own code. When
this replication succeeds, the affected areas are then
said to be "infected" with a computer virus.

Computer viruses can:

/
• Cause the computer to crash, stop functioning normally,
become unresponsive
• Delete files / data
• Issue unauthorised commands
• Corrupt files / data
• Steal information

What is a computer virus?

Types of computer virus
Type of virus Function
Trojan Horse Appears to be useful, but does harmful activities in the background e.g. stealing data files
and sending them to unauthorised parties
Worm Replicates itself & spreads to other computers through communication links e.g. Bluetooth,
e-mail attachments, local area networks
Boot sector virus Attaches to the boot strap of the hard disk & prevents computer from booting correctly.
Usually spread by removable storage devices
Memory resident Reside in RAM (random access memory). Initially set up by mother virus on hard disk, but
viruses then sustain themselves in RAM even when month program closes

Rootkit viruses Try to open up computer to access by external entities & give unlimited access to an
unauthorised user
Macro viruses Attach themselves to another applications macro-programming code (eg for saving /
printing etc) and then infects other users as the application shared between users
Logic bombs / time Programmed to self initiate to take a particular action on a particular date, or when a
bombs particular event takes place. Software companies use this feature in their trial version of
software where after a certain period you are asked to pay, or the software stops working
Back doors / trap Trojans that open up a security vulnerability for unauthorised users to access the computer
doors without the knowledge of the authorised users

Bots (internet robots) Often used to search automatically for information on the internet, but can also be used
for taking control over a computer system and launching attacks
How are computer
viruses spread?
➢Sharing removable storage devices like:|
➢ Disks
➢ Flash disks
➢ Hard drives
➢Opening e-mails that are infected so that the
virus then infects the host computer
➢Installing strange software without validating
its source
➢Accepting software updates from unvalidated
sources
Measures to control / prevent
virus infections
1. Avoid sharing removable storage
media
2. Scan removable storage media for
virus infection before sharing /
reading
3. Don’t open unsolicited e-mail offers
4. Don’t install software from
questionable sources
5. Install good antivirus software and
keep it up to date
1. Reads the digital signature of the virus and uses
the information it has about the virus to clean
it from computer files
2. Some polymorphic and metamorphic keep
changing their code and digital signatures every
time they replicate to try and avoid detection
Other risks to data security
and integrity
❖ Hacking
❖ Cracking
❖ Phishing
❖ Pharming
❖ Wardriving
❖ Spyware / key-logging software

Mainly related to using the internet

Hacking
Description of • Breaking into a computer system to steal personal data without the
owner’s consent or knowledge
security risk • Not necessarily harmful

Possible effect
• Can lead to identity theft or gaining of personal information
of the security • Data can be deleted, corrupted or changed

risk

Methods to • Firewalls
• Use of strong passwords and IDs
remove the • Use of anti-hacking software
• Encryption – hacker may still be able to access the system and delete
security risk files, but it will prevent them from being able to use the data themselves

Risks to data security and integrity

Cracking
Description • Someone edits program source code
via a back door in the software
of security • Usually done for a malicious purpose
risk • ALWAYS illegal

Possible • Legitimate software altered by a

cracker to perform a different task
effect of the (e.g. send user to a specific website)
security risk • Potentially very damaging

Risks to data security and integrity

Phishing
• Creator sends out a legitimate looking e-mail
Description of • Recipient clicks on a link in e-mail or attachment
security risk • User sent to fake / bogus website

• Creator of the e-mail can gain personal data such as bank

Possible effect of account numbers from users when they visit the fake
website
the security risk • Can lead to fraud or identity theft

Methods to • Many Internet service Providers (ISPs) filter out phishing e-

remove the mails
• Be cautious when opening e-mails or attachments
security risk

Risks to data security and integrity

Pharming
• Malicious code installed on a user’s hard drive or on the
Description of web server
security risk • Code will redirect the user to a fake / bogus website
without their knowledge

• Creator of the e-mail can gain personal data such as bank

Possible effect of account numbers from users when they visit the fake
website
the security risk • Can lead to fraud or identity theft

Methods to • Some anti-spyware software can identify and remove the

pharming code from the hard drive
remove the • User should always be alert and look out for clues that
security risk they are being directed to a bogus website

Risks to data security and integrity

Wardriving
Description of • Act of locating and using wireless internet connections illegally
• Only requires a laptop, a wireless network card and antenna to
security risk pick up wireless signals

• Steal a user’s internet time / allocation by downloading large

Possible effect of files
the security risk • Possible to hack into the wireless network and steal a user’s
password and other personal details

Methods to • Use of wired equivalent privacy (WEP) equipment

• Protect use of the wireless device by having complex
remove the passwords before the internet can be accessed
security risk • Use of firewalls to prevent outside users from gaining access

Risks to data security and integrity

Spyware / key-logging software
Description of •Software that gathers information by monitoring key presses on the user’s
keyboard
security risk •Information then sent back to the person who sent the software

Possible effect of •Gives the originator access to all data entered using a keyboard on the user’s
computer
•Able to install other spyware, read cookie data and change a user’s default web
the security risk browser

Methods to •Use of anti-spyware software

•User should be alert and look out for clues that their keyboard activity is being
remove the monitored
•Use a mouse to select characters from a password rather than typing them can
security risk reduce the risk

Risks to data security and integrity

Match the term to the
description of the security risk
Breaking into a computer system to steal personal data without
Pharming the owner’s consent or knowledge
Someone edits program source code via a back door in the
software to perform a different task
Spyware
Act of locating and using wireless internet connections illegally
Recipient clicks on a link in a legitimate looking e-mail or
Computer virus
attachment from the creator & is sent to fake / bogus website
where data is stolen from the recipient
Phishing Software that gathers information by monitoring key presses
on the user’s keyboard & sends it back to the person who sent
the software
Cracking Type of computer program that, when executed, replicates
itself by modifying other computer programs and inserting its
own code
Wardriving
Malicious code installed on a user’s hard drive or on the web
server to redirect the user to a fake / bogus website without
Hacking their knowledge where their data can be stolen
Match the term to the
description of the security risk
Breaking into a computer system to steal personal data without
Pharming the owner’s consent or knowledge
Someone edits program source code via a back door in the
software to perform a different task
Spyware
Act of locating and using wireless internet connections illegally
Recipient clicks on a link in a legitimate looking e-mail or
Computer virus
attachment from the creator & is sent to fake / bogus website
where data is stolen from the recipient
Phishing Software that gathers information by monitoring key presses
on the user’s keyboard & sends it back to the person who sent
the software
Cracking Type of computer program that, when executed, replicates
itself by modifying other computer programs and inserting its
own code
Wardriving
Malicious code installed on a user’s hard drive or on the web
server to redirect the user to a fake / bogus website without
Hacking their knowledge where their data can be stolen
Additional references
Watson, D and Williams, H. (2015). Cambridge IGCSE Computer Science.
3rd ed. London: Hodder Education pp.97-100

Watson, D and Williams, H. (2015). Cambridge International AS & A

Level Computer Science. London: Hodder Education pp. 159-167