Introduction to

Cyber Security
 This session
Intent
To learn about cybercrime and the risks and effects it has on
individuals and organisations.
Implementation
- To identify forms of cybercrime; possible motives; and tactics used
by cyber criminals
- To outline how cybercrime can affect individuals and organisations
- To identify and implement protective methods to maintain
cybersecurity.
- To identify and describe legislation and ethical conduct in relation
to the maintenance of cyber security.
Impact
Learners who understand how to protect themselves against
cyber criminals and the reasons why self-vigilance and –
protection are important.
 What is Cyber security?

What do you already know about

cybersecurity?
The many forms of cybercrime
Ransomware
Cryptojacking
Malware
DDoS Attack
Discuss the forms of cybercrime that you already(Distributed
know. Denial of Service)
Cyber
extortion
When you have finished discussing, click on this box to revealSpyware
Hacking some answers.
DoS Attack Trojans
(Denial of Service) Phishing Cyber
Catfishing espionage
Did you think of the same answers?
Do you know what the meanings of any of these are?
Do you know any stories of victims of any of these
crimes?
How can these affect your every day life?
The many forms of cybercrime
Forms of CyberCrime Explanation
? is a cybercrime in which a target or targets are contacted by email, telephone or
text message by someone posing as a legitimate institution to lure individuals into
providing sensitive data such as personally identifiable information, banking and
credit card details, and passwords.
The information is then used to access important accounts and can result in
identity theft and financial loss.

? The act of compromising digital devices and networks through unauthorized

access to an account or computer system. It is not always a malicious act, but it
is most commonly associated with illegal activity and data theft by cyber
criminals.

Catfishing Malware Cryptojacking

Ransomware DoS Attack

Hacking Spyware
(Denial of Service)

Cyber Trojans DDoS Attack Phishing Cyber

extortion (Distributed Denial of Service) espionage
The many forms of cybercrime
Forms of CyberCrime Explanation
? is a cybercrime in which a target or targets are contacted by email, telephone or
Phishing
text message by someone posing as a legitimate institution to lure individuals into
providing sensitive data such as personally identifiable information, banking and
credit card details, and passwords.
The information is then used to access important accounts and can result in
identity theft and financial loss.

? The act of compromising digital devices and networks through unauthorized

Hacking access to an account or computer system. It is not always a malicious act, but it
is most commonly associated with illegal activity and data theft by cyber
criminals.

Catfishing Malware Cryptojacking

Ransomware DoS Attack

Spyware
(Denial of Service)

Cyber Trojans DDoS Attack Cyber

extortion (Distributed Denial of Service) espionage
 The many forms of cybercrime
Forms of CyberCrime Explanation
? is a deceptive activity where a person creates a fictional persona or fake identity on a
social networking service, usually targeting a specific victim. The practice may be used
for financial gain, to compromise a victim in some way, as a way to intentionally upset
a victim, or for wish fulfilment.
? Software that is specifically designed to disrupt, damage, or gain unauthorized access to
a computer system
? is any malware that misleads users of its true intent. The term is derived from the
Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy
? software that enables a user to obtain covert information about another's computer
activities by transmitting data covertly from their hard drive.

DoS Attack Ransomware Cyber Cryptojacking

Malware Spyware
(Denial of Service) espionage

Cyber Trojans Catfishing DDoS Attack

extortion (Distributed Denial of Service)
 The many forms of cybercrime
Forms of CyberCrime Explanation
? Catfishing is a deceptive activity where a person creates a fictional persona or fake identity on a
social networking service, usually targeting a specific victim. The practice may be used
for financial gain, to compromise a victim in some way, as a way to intentionally upset
a victim, or for wish fulfilment.
? Software that is specifically designed to disrupt, damage, or gain unauthorized access to
Malware a computer system
? is any malware that misleads users of its true intent. The term is derived from the
Trojans Ancient Greek story of the deceptive Trojan Horse that led to the fall of the city of Troy
? software that enables a user to obtain covert information about another's computer
Spyware activities by transmitting data covertly from their hard drive.

DoS Attack Ransomware Cyber Cryptojacking

(Denial of Service) espionage

Cyber DDoS Attack

extortion (Distributed Denial of Service)
The many forms of cybercrime
Forms of CyberCrime Explanation
? occurs when cybercriminals threaten to disable the operations of a target business or
compromise its confidential data unless they receive a payment. The two most
common types of cyber extortion are ransomware and DDoS (Distributed Denial of
Service) attacks
? is malware that employs encryption to hold a victim’s information at ransom. A user
or organization’s critical data is encrypted so that they cannot access files, databases,
or applications. A ransom is then demanded to provide access. Ransomware is often
designed to spread across a network and target database and file servers, and can thus
quickly paralyse an entire organization.
? is a form of cyber attack that steals classified, sensitive data or intellectual property to
gain an advantage over a competitive company or government entity.

DDoS Attack DoS Attack

(Distributed Denial of Service) (Denial of Service)
Cyber Cryptojacking Cyber
Ransomware
extortion espionage
The many forms of cybercrime
Forms of CyberCrime Explanation
? occurs when cybercriminals threaten to disable the operations of a target business or
Cyber
compromise its confidential data unless they receive a payment. The two most
extortion common types of cyber extortion are ransomware and DDoS (Distributed Denial of
Service) attacks
? is malware that employs encryption to hold a victim’s information at ransom. A user
Ransomware or organization’s critical data is encrypted so that they cannot access files, databases,
or applications. A ransom is then demanded to provide access. Ransomware is often
designed to spread across a network and target database and file servers, and can thus
quickly paralyse an entire organization.
? is a form of cyber attack that steals classified, sensitive data or intellectual property to
Cyber gain an advantage over a competitive company or government entity.
espionage

DDoS Attack DoS Attack

(Distributed Denial of Service) (Denial of Service)
Cryptojacking
The many forms of cybercrime
Forms of CyberCrime Explanation
? is a cyber-attack in which the perpetrator seeks to make a machine or network
resource unavailable to its intended users by temporarily or indefinitely
disrupting services of a host connected to a network
? it's a method where cybercriminals flood a network with so much malicious
traffic that it cannot operate or communicate as it normally would. This causes
the site's normal traffic, also known as legitimate packets, to come to a halt
? is the act of hijacking a computer to mine cryptocurrencies against the users
will, through websites, or while the user is unaware.

DDoS Attack Cryptojacking DoS Attack

(Distributed Denial of Service) (Denial of Service)
The many forms of cybercrime
Forms of CyberCrime Explanation
? is a cyber-attack in which the perpetrator seeks to make a machine or network
DoS Attack
resource unavailable to its intended users by temporarily or indefinitely
(Denial of Service) disrupting services of a host connected to a network
? it's a method where cybercriminals flood a network with so much malicious
DDoS Attack
traffic that it cannot operate or communicate as it normally would. This causes
(Distributed Denial of Service) the site's normal traffic, also known as legitimate packets, to come to a halt
? is the act of hijacking a computer to mine cryptocurrencies against the users
Crypto jacking will, through websites, or while the user is unaware.
 Motives of Cybercrime
In November 2020, Manchester United
FC was the victim of a cybercrime.

Many of the club’s computer functions

were disabled, including staff emails.

Watch the video opposite to learn about

the cyber attack on the club.

Discuss what you think the motive of

the attack may have been.
Do you know of any other major business that have
been the victims of cybercrime?
How do you think major hacks can affect you
personally?
What are the possible motives of
cybercrime?
Get you to Watch or
Get your buy stalk
something Get you to do
bank details
Use your something then
device to exploit it
infect others
Discuss the
Stealmotives of cybercrime that you can
Lockthink of.and
system
personal Blackmail
data discussing, click on this box to reveal some answers.
When you have finished
Influence Disinformation
Grooming
your
decisions
Did you think of the same answers?Spread unrest
Terrorism

Do you think you have ever been targeted as a cyber

crime victim? What was the outcome? What could the
outcome have been?
What do you need to do to remain safe?
 Impacts of Cybercrime
In September 2016, British Airways and
their customers were the victim of a
cybercrime.

Many customers’ credit card details were

stolen.

Watch the video opposite to learn about

the cyber attack.

Discuss what you think the impact of

the attack may have been.
Impacts of Cybercrime
Loss of Impact on
money reputation

Loss of data Social

Discuss the impacts of cybercrime that you can thinkexclusion
of.

When you have finished discussing, click on this box to reveal some answers.
Impact on Being
self worth Blamed for exploited
crime

Did you think of the same answers?

Which of these impacts do you think would affect you
the most? Which do you think would be the most
damaging to you, personally?
 Tactics of cyber criminals
Pretend to be Set up a website which
someone known looks similar to real one
to the victim
Send an
Discuss the tactics you believe cyber criminals use to defraud people.
Pretend to email with a
have a great link
When you have
deal finished
Pretend to discussing, click on this box to reveal some answers.
Claim to be
be an Claim to be
an IT
government your bank
helpdesk
department

Did you
Can you think think
of any of the
real-life sameofanswers?
examples these tactics being
used? Do you think you could be taken in by any of these tactics?
Which do you think would be the most difficult to see as a cyber
crime?
Who do you think could be easily tricked by these tactics?
Methods that can be used to maintain
Cybersecurity.
Installing antivirus software
Turning on firewall
Regular updating
Discuss the methods you think canNot beopening
used topop keep
ups individuals and organisations safe
Use secure passwords online.
/ 2 factor authentication
Avoiding emails from unknown sources
When you have finished discussing, clickattachments
Care with email on this box to reveal some answers.
Not visiting suspect sites or clicking unknown links
Protecting personal information/data
Back up information
Did you think of the same answers?
Do you have any security measures in place? Have you
worked for any organisations that implemented any of
these methods to maintain security?
 Importance of cyber security testing
Forces staff to Identifies new
regularly change vulnerabilities Tests if your
Routine testing before hackers do security measures
passwords
means you wont are still effective
forget
Discuss the reasons you believe it is important to undertake regular securityWorks
testing,
like afor both
soldier
patrolling the
individuals and organisations. perimeter checking
New ways to hack a
Left unchecked Checks for gaps fences
system are
firewalls become that might have
When you have finished
emerging all the discussing, click on this box to reveal some
appeared
answers.
out of date and time
vulnerable Catches new
breach attempts
Ethical hackers can
Makes sure former
show you security
Prevents costly data staff no longer have
gaps in your
breaches Did you think of the same access
answers?
to systems
software

The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover –
whichever is greater
 Setting up access and user permissions for
share documents.
Activity
Using your own device and under Tutor Observation

Share a document to your tutor using the program Google Drive

You do need to set up an account (if you haven’t got one already)- by providing your name, surname
and email address. Then follow steps provided on the screen.

Once your account is setup, upload one file (Cybersecurity PowerPoint Presentation) and share it with
your tutor.

By clicking on link below, you will find step-by-step guide of how to create Google Drive Account:

Google Drive guide

 Responsibilities of Individuals and
organisations set out in key legislation.
Controls how Prevents the
information is publishing or
General Data Official Secrets Act
collected stored and communication of
Protection Act 1989
used through 7 government secrets
principles

Regulates all forms of

electronic
The Privacy and
communication,
Computer Misuse Electronic
Protects personal including messaging
Act 1990 Communications
data held by through the internet,
Regulations 2003
organisations from SMS and mobile
unauthorised access telecommunications
and modification. Outlaws Hacking and and not just
Controls how Cookies telephone calls over
gathering data for
are used fixed line networks
crime
Ethical and unethical conduct in relation to
cyber security

Ethical Actions Unethical Actions

Unethical Actions
Ethical Actions Selling customer information on Dark Web
Checking identification before giving access What
Posting imagesactions
of formerdopartners
you think
What do you think a company or
Having staff regularly change passwords would
Surfing be unethical,
pornographic sites if carried
individual
Controlling sitecan dobytostaff
access comply with Using customer contacts to meet up outside
out by an individual or company,
cyber
Not security
allowing memory rules
sticks in an ethical work
Removing access of former staff What doWith
you think in relation
a company or Using to maintaining
data for private cyber
or personal gain
manner? Permission
Blocking certain websites individual needs to have Sellingsecurity
informationrules
aboutand laws?
customers (press)
Not clicking on unchecked links permission to do in order to Giving out your password
Sharing customer information
Discuss
Not acceptingyou answers
cookies without and then
reading comply with cyber security laws Giving someone else’s password
Sharing staff information
Terms and Conditions to access a website and rules? Discuss
Ordering you
things answers
using companyand then
systems
click this box to reveal. Selling customer details
Discuss you answers and then click Gambling
Giving private phone numbers click this boxequipment
on company to reveal.
this box to reveal. Sending insulting emails/ posts
 Did we achieve our objectives?
Intent
To learn about cybercrime and the risks and effects it has on
individuals and organisations.
Implementation
- To identify forms of cybercrime; possible motives; and tactics used
by cyber criminals
- To outline how cybercrime can affect individuals and organisations
- To identify and implement protective methods to maintain
cybersecurity.
- To identify and describe legislation and ethical conduct in relation
to the maintenance of cyber security.
Impact
Learners who understand how to protect themselves against
cyber criminals and the reasons why self-vigilance and –
protection are important.