Lesson video
In progress...Loading...
Hello, my name's Mrs. Jones, and I'm really pleased that you're here today.
Today we're going to look at preventing cyber attacks, so let's get started.
Welcome to today's lesson from the unit "Introduction to Cybersecurity." Today's lesson is called "Preventing Cyber Attacks," and by the end of this lesson, you'll be able to describe the effects of cyber attacks and suggest ways they can be prevented.
There are two key words to today's lesson, cyber attack.
Cyber attack is an unauthorised action that harms a computer system's privacy, reliability, or access.
And ransomware, ransomware is malware that blocks access to a user's data until payment is made.
There are three sections to today's lesson: describe the effects of cyber attacks, compare ransomware attacks, and explain how cyber attacks are reduced.
So let's start with describe the effects of cyber attacks.
A cyber attack is a crime that happens online.
It is when someone tries to break into or damage computers, phones, or networks without permission, for example, hacking, malware and phishing.
Cyber attacks can cause different effects: Financial loss, ruining a reputation, stopping something working, loss of privacy, damage national security.
When anyone uses online banking or online shops, card details are stored.
Criminals can steal this information in a cyber attack.
A hacker could take money from accounts, or businesses could lose huge amounts of money.
A cyber attack on a company might mean people stop trusting them.
People would stop using that site.
The company's reputation is damaged.
Cyber attacks can shut down important things like hospitals, electricity, trains, or even traffic lights.
A cyber attack on a school could mean the loss of access to resources, files, student and teacher data, and stored financial information of families.
Personal information like names, addresses, or school records can be stolen through a cyber attack.
This is private information.
This can lead to identity theft where someone pretends to be someone else to steal money or commit other crimes.
Cyber attacks can be used to steal secret information from governments.
This could affect things like the military or government communications.
Let's have a quick check.
Which of the following are effects of a cyber attack? There's more than one answer.
Is it A, financial loss due to stolen bank details; B, media retention improves company reputation; C, distribution of services; or D, identity theft? Pause the video to consider your answer, and then we'll go through it.
Let's check your answer.
The answer was A, financial loss due to stolen bank details; C, distribution of services; and D, identity theft.
Well done if you've got that correct.
You'll need your worksheet for this activity.
"Due to a serious cyber attack, the school's network has been locked down.
All online systems are unavailable.
What are the effects of this cyber attack?" Pause the video, use your worksheet, and then we'll go through the answers.
Let's check your answer.
No one will be able to access any files or resources for lessons.
Communication using email will be stopped.
A cyber attack on a school could mean student and teacher data and stored financial information of families is accessed by criminals.
This could lead to identity theft, financial loss, and reputational damage for the school.
Well done if you got that correct.
Let's look at the second section, compare ransomware attacks.
There are many cyber attacks each year with new and evolving threats.
Security measures are put in place, but sometimes threats can get through because they are new or evolved.
Ransomware is malware that, when activated, encrypts files.
The cyber attacker then demands a ransom is paid for the files to be decrypted.
Modern ransomware is often designed to target commonly used file types that are most valuable to companies or users.
The WannaCry 2017 attack was a type of ransomware that spread quickly by exploiting a weakness in Windows computers.
It used a flaw in the system the SMB protocol, which is normally used for sharing files and printers between computers.
This attack didn't need any human action to spread because it used a self-replicating worm.
It targeted both the general public and businesses affecting over 200,000 computers in more than 150 countries.
Some of the major victims included the NHS in the UK as well as companies like FedEx and Renault.
The attackers demanded payments of 300 to $600 in Bitcoin from each victim.
The impact of this attack was huge, causing around $4 billion in damages.
In the UK, NHS hospitals were badly affected leading to cancelled surgeries and problems with patient care.
The attack was stopped accidentally when a security researcher discovered and triggered a kill switch that shut it down.
Let's have a quick check.
True or false? The WannaCry ransomware attack was spread through the network by a human.
Pause the video to consider if that was true or false, and then we'll go through the answer.
Let's check your answer.
The answer was false.
The WannaCry ransomware attack used a self-replicating worm.
No human action was required for it to spread.
LockBit is an example of an ongoing ransomware attack.
Unlike some other types of ransomware, it is deployed manually by cyber criminals through methods like phishing emails, brute force attacks or software vulnerabilities.
LockBit uses something called Ransomware-as-a-Service.
This is where cyber criminals rent out the ransomware to others who then use it to carry out attacks.
The LockBit ransomware targets businesses, governments, and critical infrastructure such as hospitals or energy networks.
Unlike some ransomware, there is no universal kill switch for LockBit.
It is constantly being updated to avoid being detected by security systems. Since 2020, LockBit has been the most active ransomware group with thousands of victims worldwide.
The ransomware demands are often very high, sometimes reaching millions of pounds.
Let's have a quick check.
True or false? A ransomware attack will lock all files and folders on a device or network.
Pause the video to consider your answer, and then we'll go through it.
Let's check your answer.
The answer was false.
Modern ransomware is often designed to target commonly used file types that are most valuable to companies or users.
Well done if you got that correct.
You'll need your worksheet for this activity.
And using the table below, compare the WannaCry ransomware attack with the LockBit attack.
You have a column with a feature which has how was it spread, how did it reach the device, who did it target, what was the ransom estimate and information about the kill switch.
And you have a column for each of the ransomware attacks.
Pause the video, use the slides, and complete the table to compare the two types of ransomware attacks.
Let's go through the answers.
The WannaCry was spread using a worm malware.
The LockBit used human interaction.
It reached the devices through an exploitation of a flaw in the system with the WannaCry, and with the LockBit, phishing, brute force attacks and software exploits.
The WannaCry targeted general public and businesses, and LockBit targeted businesses, governments, and critical infrastructures.
The ransom estimate for the WannaCry was 300 to $600 per machine.
And whereas the LockBit was millions per company.
And the kill switch information was the WannaCry has one.
Yes, it was discovered by accident.
But the LockBit, no, doesn't have one because it evolves over time.
Well done if you got that correct.
Let's have a look at the last section, explain how cyber attacks are reduced.
Cyber attacks affect individuals, companies, and government organisations.
A company or organisation can set specific rules on the network like user access rights and ensure strong passwords are being used by employees.
Izzy is asking, "How can we make sure all employees do their best not to make any mistakes?" All employees need to have regular cybersecurity training to prevent any human mistakes like phishing emails being clicked.
A company or organisation must ensure software is regularly updated.
It is also important to find and fix vulnerabilities within a system or network to help maintain security measures against cyber attacks.
Pen testing is short for penetration testing and is a cybersecurity role.
The role is to attempt to hack into the system or network to identify vulnerabilities so that they can be fixed.
A pen tester has permission to complete their role.
They can attempt to hack into the system from within the company with employee access rights or from outside the company to represent a cyber attack.
They then feed back their findings so that any vulnerabilities can be fixed.
Sam is asking, "Who is responsible for keeping me as an individual safe online?" It is your responsibility to make sure that you use strong passwords, use antivirus software and be aware of anything that could threaten your online personal data.
Sam is asking, "As a company or individual, if I use security measures, am I 100% safe?" No, no one is 100% safe, as new cyber attacks are constantly being developed and deployed.
At best, you can reduce the risk by using security measures and being aware of potential threats.
Let's have a quick check.
What is the term given to a person who has permission to hack into a company system or network? Is it A, cyber attacker; B, hacker; or C, pen tester? Pause the video to consider your answer, and then we'll go through it.
Let's check your answer.
The answer is C, pen tester.
Well done if you got that correct.
Izzy is asking, "What should a company do if they are affected by a cyber attack?" Companies should isolate the affected systems so that it cannot spread any further.
Any stakeholders or customers should be made aware.
Finally, they should analyse what happened so that any security updates are actioned to prevent it happening again.
You'll need your worksheet for this activity.
Complete the table below outlining how an individual and a company can reduce the risks of cyber attacks.
And you have a column for individual and a column for company.
Pause the video and add your comments underneath in that table on how each can reduce the risks of cyber attacks.
Let's check your answers.
For an individual, strong passwords, antivirus software and be aware of threats is how to reduce cyber attacks.
For a company, employ a pen tester, enforce rules on the system or network for access rights and strong passwords, software updates and training for all employees.
Well done if you got that correct.
A company has asked you to explain how they should respond if a cyber attack happens.
You'll need your worksheet.
Pause the video and complete your answer, and then we'll go through it.
Let's check your answer.
If a cyber attack happens, then the effective systems need to be isolated quickly to stop it from spreading further.
It is important to let any stakeholders and customers know that there has been a cyber attack.
Finally, they should do an analysis of what happened so that any fixes to security can be made to stop it from happening again.
You can't be 100% secure from cyber attacks, but by applying and updating security measures, you can reduce the risk.
Well done if you got that correct.
In summary, cyber attacks can affect individuals, companies, and organisations in different ways.
Ransomware attacks can exploit vulnerabilities in systems or be introduced by humans.
Ransomware will encrypt files and only decrypt them when a ransom is paid.
Security measures can be put in place to protect against cyber attacks, but they're not 100% secure as new threats are continuously deployed and developed.
