This post is contributed by Alvin Kwok, Bryan Lam, Bryan Li and Michael Tong. For their PYP Exhibition, they have inquired into various cyber threats, how they work and how we can protect ourselves. Along with my teaching partner, Fion Poon, I have been mentoring the boys. I am proud to share their work on my blog. Special thanks to the boys’ class teachers, Melisa Baldwick and Julie Xiao for their guidance throughout the process.
We are students from Victoria Shanghai Academy in Hong Kong. We are honoured to be writing about cyber safety on Mr. Hill’s PYP blog. We are going to talk about four major threats on the internet: cyberbullying, malware, phishing and hackers. We hope that you will learn from this post.
Cyberbullying is bullying people online via an electronic device. We will outline some methods:
- Flaming: an online fight that may include harsh messages.
- Harassment: offensive messages over and over. These may include harsh words and may lead to offline fights.
- Exclusion: boycotting a person on a site or chat room. It usually refers to kicking someone out of an online community.
- Outing: making fun of someone specifically. It may include the victim’s personal data, personal images and other personal information.
- Masquerading: creating a fake account to cyberbully someone anonymously.
Many cases of cyberbullying start with real life problems. Other reasons are the anonymity of the internet and too much free time. Now that we know what causes cyberbullying, here are some tips to address it:
Keep evidence of cyberbullying so you can show it to someone you trust. But there are also things not to do, such as flaming back at the bully. Remember that he/she wants a response so don’t snap back. It is best if you ignore the bully, then report or block them.
Do not be a bully. Think of how you would feel if you were bullied. Be a good digital citizen.
Malware, short for malicious software, is one of the most dangerous threats on the internet. Many of the horrors on the web are malware, such as worldwide ransomware Wannacrypt. There are more types of malware such as viruses and Trojan horses. We will list some of the main types of malware.
- Viruses: this malware can disrupt your computer systems. They are able to self- replicate. Unlike worms (below), they are not able to replicate themselves without help. They need a human action such as running a file.
- Worms: like viruses, but they are able to replicate themselves without human help. Unlike viruses, they don’t need someone to run the infected file.
- Ransomware: malicious software that locks your computer tight so that you can’t access your files until you pay a certain amount of money/online currency.
Why do people use malware? Sometimes, malware is used for practical jokes. Other times, it’s used to make money. Spyware, for example. can log your keystrokes and gain access to passwords and personal information.
Furthermore, it’s fast! Malware like worms and viruses can spread to multiple computers with a mere click. Take the WannaCrypt as an example. Wannacrypt spread to thousands of computers in one night. A single hacker can’t do that without help, but malware can.
- Make sure you have antiviruses on your computer:
Antiviruses are software programs that battle malware. But if you don’t update your antiviruses, then they will not be strong enough to protect your computer from incoming malware. Do regular antivirus sweeps. Make sure you do it at least once per week. The antivirus software should remind you to update. If not, the list of update information should show on the main page of the antivirus program.
- Do not click on links that look suspicious
This is a common rule for phishing and malware. If you have the slightest doubt about a website, don’t risk it. It could contain malware. When you see a hyperlink, make sure you check the link before you click. A secure website has a padlock symbol at the top left-hand corner of the page. It is best if the link starts with ‘https’.
- Do not open spam emails.
Spam emails are created by a spambot, trying to send malware or overcome your computer with a DDoS attack (Distributed Denial of Service). DDoS attacks are computer attacks that overload your computer with too much information, thus making your computer crash. Click here to read an example of a DDoS attack
Phishers are people who use sites that look like trustworthy websites but are actually fake ones that will try to get your money. Seventeen years ago, a website imitated PayPal. The website was named PayPaI (with a capital ‘i’ at the end). This website was created by scam artist Alexey Ivanov. Click here for more information about this event. Very recently, people have been sent phished Amazon emails. Mr. Hill was sent one recently and shared this experience with us. Click here for more information.
Why do phishers phish? Their reason is because they think it is easy money and easy to get away with. It is very difficult to catch them.
- Be sure to check the website link carefully
Hover over hyperlinks before clicking them. Many phishing website links look the same as the real website but actually, they are a bit different. For example, a phisher might use http://www.ammazon.com (look carefully at the spelling).
- Make sure you see who sent the email to you
Many companies have custom email addresses, but when someone phishes you, their email address is different.
- Don’t enter personal information
Many scam artists pretend you signed up for something you didn’t sign up for. Then it requires personal information. Do not fall for that trick. This was similar to the Amazon scam that was sent to Mr. Hill. It was a fake receipt for an item that he did not order. He almost typed in his account information for a refund!
Hackers are people who use different types of malware, codes and scams to steal, disrupt or show off. Some malware includes the WannaCrypt ransomware which causes you to pay a certain fine to recover your documents and files.
Other hackers, such as Kevin Mitnick (now reformed), hack to steal information. Overall, there are three main reasons why people hack:
- Hacking for fun
Hacking for fun is when people hack just to prove they have good programming skills or just for the fun. This reason is uncommon compared to the one below.
- Hacking to steal
Hackers can use stolen information to hack into more people’s accounts. They steal information in order to target people easily. Another Reason is that hackers can black-market that information and sell it to buyers.
- Hacking to disrupt
Some hackers like to cause a lot of damage to big companies like Apple or Microsoft. Once, a hacker group hacked Sony Pictures and found personal data of every employee. Click here for information about that hacking event. Another time, Gary Mckinnon hacked into NASA because he believed that NASA was hiding information about UFOs. Click here for information about Gary Mckinnon.
According to Wikipedia, Richard Stallman’s hack categories were inspired by old Western movies:
- White hat hackers
White hat hackers hack for a good reason. They hack to improve a computer’s security system. Some send malware to a computer to test if the antivirus system works. White hat hackers are often employed to do this job. This is now what reformed hacker Kevin Mitnick does for Microsoft.
- Black hat hackers
Black hat hackers are the villains of the cyber world. They hack for greedy purposes such as money. These hackers think about the prizes, not the people who are affected.
- Red hat hackers
Red hat hackers are like the vigilantes of the hacker world. Like superheroes, they hunt and destroy black hats. While white hats improve security, red hats hunt for black hats. They release malware to hunt the black hats.
- Make sure your account is secure
Be sure to review all of your account activity. If you find something suspicious, change your password.
- Use multiple strong passwords
Your password should be random yet practical. It should include both capital and lowercase letters. Also, try to include symbols and numbers. If you have multiple accounts, don’t use the same password for all of them. If someone knows your password, they would know all of your passwords! Click here for a list of the most common passwords. Avoid using these because they are easy to guess.
- Avoid using public Wi-Fi
Think about this: if you can use public Wi-Fi, won’t hackers be able to use it too? Hackers might be able to hack the Wi-Fi, monitoring every single action that someone does. They can get your password if you log on to something.
“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”
From this post, we hope you learned more about the multiple dangers of the vast internet. Now, we wish that you will be responsible digital citizens and spread the word to your friends and family. Thank you for taking the time to read this.
Here is some further reading you may find useful: