video

Lesson video

In progress...

Loading...

Hello and welcome to lesson 4 at Cyber security I am Ben and this lesson is called, Rise of the Bots.

So we'll be looking at different categories of malware and also what role malicious bots can play on the internet.

So all you need for this lesson is your computer, a web browser and a worksheet for this lesson.

Other than that you can clear away any distractions that you may have, perhaps turn off your mobile phone, if you have a nice quiet place to work, that will be absolutely brilliant and when you are ready, lets get started.

Before we get going with this lesson, I really need you help.

I turn on my computer to get going with this lesson and I am faced with this message on the screen and I can't get rid of it.

So, lets have a look at what it says.

Right, it says you computer has been locked and all your files have been encrypted and you no longer have access to your files.

Oh! Right, so what am I going to do about this? Okay, says there, what can I do about this.

Only they can decrypt my files.

That they have the decryption key and no amount of internet research is going to help me.

Oh, that's what it's going to do actually.

So that rules that one out.

So how can I get that encryption key? Well as it says here, So right will happily decrypt your files if you follow the link below and send us $300 a Bitcoin.

I mean, I don't even know how to get Bitcoin.

I'm not even sure I can afford $300.

Okay, right what happens if I don't pay, I'm not going to pay.

It says, if I don't pay within time specified we will permanently delete all your files.

I don't want to go back to Benton and ages.

So I can't afford to lose all of that and I've got one hour 51 left to think about this.

It's not a lot of time, I need your advice.

What would you do? I tell you what I'm going to do is if you can have a little think about what you do, because I need your advice.

I'm going to do that search on the internet, because that could be lying to me.

So I'm going to see if I can find a way around this.

Maybe do a bit of research to see if I can get rid of it.

All right.

So you have a think about that and I'll be back in a second.

So it's good news as bad news.

I've done the research, the bad news is they're absolutely right.

I mean, I can't find anything on my phone about what to do with this.

I've got the good news, that is I have researched bitcoin So what should I do? should I pay or not? You know what guys, I actually, I'm going to pay because I mean, I can't afford to lose all this work.

I've backed it up.

So I'm going to pay right? So I'm just going to click Pay Now see what happens.

Right.

We've done it! It's brilliant.

Yes.

Hang on, So we've decrypted 50% of your data and now you need to pay an additional $300 of Bitcoin to decrypt the remaining 50%.

That's complete scam.

I've been conned.

You know what right I should have called their bluff in the first place.

You are absolutely right as what I should have done.

So I'm not going to do that again.

I'm just going to not pay it'll be fine.

It's just a it's just a scam.

So I'm going to click click no don't pay.

Oh, no.

I haven't backed up my work and now I have lost everything.

Oh, don't worry, you probably got it by now this is not actually a real scam.

But actually it does mimic what a real scam could look like A certain type of malware that can infect a computer and cause all sorts of havoc, not just your own personal computer, but if this was to infect a school or a big organisation, this could cause an awful lot of problems. So that's the focus of this lesson.

So in this lesson, we're going to explore common malware threats, similar to the ones we've just looked at there.

We're going to examine how different types of malware can cause problems for computer systems; and also going to question how malicious bots can have an impact on societal issues.

Okay, so let's have a look at different forms of malware.

Okay, but before we do that, let's have a look at what malware actually means.

Now malware is two words combined together.

So it's malicious and software, where malicious means with intent to do harm.

So it's software that's designed to access your computer with that malicious intent.

So intent to do harm to your computer.

So there is kind of attempts might include disabling hardware, might be data theft and forced advertising, sending email spam, or extorting money just like the example we saw right at the start of this lesson.

So let's start off by looking at different categories of malware that we're going to explore in this lesson.

So we have viruses, Trojans, worms, adware, spyware, and ransomware.

So you may be familiar with a lot of the terms already, but let's really dig deep into each one and explore exactly how they work.

So we start off with viruses.

Now, I'm sure you've all heard of a virus before.

Probably you've heard about it in a computer context, but you might have heard a bit heard of it in a human context too.

So a virus is something that infects our body and replicates itself until our body is able to fix it.

So viruses in the computer format is similar in the fact that it's self replicating.

So it means that it duplicates itself once it infects the system.

So once the computer network or say once a virus is on the computer network, the virus will replicate itself by maliciously modifying other computer programmes and inserting code, that's actually going to cause problems to your software.

Because it's got that malicious intent, it's not there to improve your computer, its actually there to damage and cause problems. So, viruses don't just come onto your computer, they don't just like wiggle their way around the internet and eventually land on your computer.

So, it's not something that we need to be overly worried about there's just going to happen at random.

But we do need to be worried about how it actually infects our computer in the first place.

So what I like to do is think about that.

So as it says here, for a virus to infect the system, it needs to be initiated or executed by the user.

So I'd like to pause the video for a second and think what are the most common ways for a computer system to be affected by a virus? Okay, so pause the video so you can come up with a couple of reasons or couple or a couple of ways and then once you've got those, you can pause the video and we'll continue.

Okay, so let's see.

What did you come up with.

These are the most common not that they are the only way the virus can appear on your computer, but one of them could be to down, download an email attachment.

So sometimes you might get an email with some wording and doesn't kind of make sense, but it's got attachment.

So it might be from somebody you weren't expecting an email from.

Now that attachment might have a file on it with a virus.

So if you download that virus and open it, then you're executing the file and therefore the code starts running so that virus will be enabled on your system.

Another one might be to click a confirmation button on a pop up without reading it.

I'm sure you've all got pop ups on your computer and just get really annoying, or like you think it might be an error message and you don't really read it and you just click and just get to get rid of it.

Well, if you're on a website, for example, all these pop ups or a pig, what you might be doing, you're not reading them is actually activating a download for that file to download on your computer.

Note that file might be a virus; And then another way might be to download files such as a movie from some illegal websites of peer to peer file sharing platforms. Now I'm sure none of you use illegal file sharing platforms. But if you were, for example, then these kind of, you've got to remember that what you're doing is you're downloading from a directly from another user.

Now, it won't be very difficult for them to create a virus and name the file of that virus the file name as something that you might want, such as the name of the latest movie or a song that you might want to download.

But what might be in those files of course, is the virus.

So if you're downloading those files, not hundred percent sure, or guaranteed they're from a valid or reputable source, then of course they might include a virus too.

So, lets now look at worms. So I've got a nice friendly looking or ill worm there, but they are not friendly things.

So worms replicate themselves, but what's different about them compared to viruses is that they don't attach themselves to files.

So they are self replicating, but they're not attaching themselves to files just as viruses do.

Instead, what worms do is they spread through the network and use the system's resources.

So also what you might find if you've got a worm is your computer starts really slowing down because a worm is using system resources and maybe take up some bandwidth on your computer.

So you might find the computer going really slow the network if you are in a network, maybe trying to access the internet, it all starts really slowing down.

So the worms what they do is they replicate themselves, but using their systems resources essentially might in the end, unless you catch it, render your system completely unusable.

Okay, so Ransomware Now Ransomware, is the thing that we looked at the right to start the lesson where my files were encrypted and I needed to pay money to decrypt those files.

So ransomware is a form of virus as it is self replicating and it does attach itself to files, but specifically ransomware locks a computer, encrypts files and therefore prevents the user from being able to access that data.

So what the attacker will do is demand a ransom be paid before they decrypt the files and unlock the computer.

Now this is particularly becoming worryingly, becoming more common is ransomware, because what criminals have worked out is they're actually able to spread this; And rather than just causing damage to a system, then what they can do is they can ask for ransom to be able to fix it for them.

But only they can fix it and only they can recover the data; And of course, data is so important to organisations and people as well.

Even if it's on your own computer, that people feel that they want to pay the ransom, because the risk of lose the data is much more worrying for them than actually the initial fine in the first place.

Now what the police would always advise is that you never pay the ransom, because it might be a scam, they might not have decrypted your data.

But equally, if you do pay the ransom, there's no guarantee as we saw early on, they actually are going to decrypt your work your files either.

Okay, now let's have a look at really a quite famous example of ransomware that happened a few years ago that's called the Wannacry.

You might have heard of this before, because it was so global that it became on everyone's radar.

So this attack was estimated to have affected over 200,000 computers across 150 countries.

Now what happened was it exploited a known security flaw with Microsoft Windows.

Now, when Microsoft found out about the fact that there was a danger, they released a security patch straightaway.

Now anybody that was able to download that security patch or updated their computer, then they were safe.

But anybody who hadn't done that, or had an older version of Windows that wasn't supported anymore, which means that Microsoft weren't supplying their security patches, then they were in danger.

Now what it did is infected their computer and this picture that you can see on the right hand side, that was the that was the screen that they were faced with.

And that meant thar their computer was locked.

And this affected some really well known systems, including our own NHS system.

Which meant that actually doctor couldn't actually use their computers to actually even access patient records.

So you can see the potential danger of something like ransomware can cause.

Okay, so let's just do a quick recap.

Okay, what we've learned so far.

So what do viruses, worms and ransomware all have in common? Is it option one, they're all self replicating is it option two, they all encrypt data.

Is it option three, they all slow down the network.

So have a think about that.

Which one is it? Okay, I want you to shout out the answer to me.

So if 3,2,1 it is option number? Let's have a look.

Option number one.

Fact is that is viruses, worms and ransomware are all self replicating.

Remember the difference between viruses and worms in particular, is that viruses are self replicating but attach themselves to files while worms self replicate but use up system resources and slow down system or the network.

Okay? Let's move on.

So, now let's look at Trojans.

Now a Trojan is a piece of software that appear to form useful function such as maybe a game, but unbeknown to the user, it also performed malicious actions.

For example, it might open a backdoor and give the attacker remote access to your computer.

Now, if you're familiar with your Greek mythology, you might have heard of the Trojan horse before and that's where this comes from.

Because a Trojan horse came from a Greek story where it was to do with the Greeks invading, trying to invade Troy, the Trojans put up a really good defence and were able to defend themselves from the Greeks.

The Greeks tried to con the Trojans by saying, Well, actually, you know, you've done a great job.

As a gift of honour.

We're going to give you a nice big wooden horse.

So what they did is they push this wooden horse outside the gates of the city of Troy and look like the army kind of walked away.

So the Trojan thought the Greeks have surrendered.

So what they did is they opened the door and they let in this big wooden horse into the city and then overnight whilst they were having their party and celebrating their victory, they were told that the Trojan horse was actually filled with Greek soldiers.

So the Greek side left open the doors at nighttime, went in and we're able to attack the city.

So, that's where the story has come from.

So it's essentially tricking you into thinking it's a gift or something good when actually it's got this malicious intent.

So like we said that it might be a game you've downloaded, but actually what's going on behind the scenes is something malicious.

Okay, so spyware.

Now spyware is unwanted software that monitors and gathers information on a person and how they use their computer.

So this can include monitoring your internet usage to send you harmless, but annoying adverts.

But perhaps more sinister uses of spyware would include keylogging software that include that records every keystroke made by user.

Now you might be thinking, Well, what are they going to know from that they just like log every key that I type in on a computer.

Well imagine if you typed in the web address for your bank.

Now, that might trigger them, the people watching think or wonder what they're going to type in next.

If you typed in the web address to your bank, what's the most likely thing that you're going to type next.

Your username? and then it can be followed by what? can be followed by your password.

So if they're logging every keystroke that you make, they're able to find out what websites you're visiting and what your username and passwords are for those sites.

So that's where spyware becomes a real problem.

But let's say they can have slightly less malicious intent, which is just to monitor your internet uses to find out what kind of sites that you like going to and therefore send you targeted adverts.

It might not be to steal things from you, but that still has malicious intent because it's doing it for a hidden purpose.

Okay, then let's look at adware.

Now adware can be a worm, it can be a virus, it could even be a Trojan and infects a computer and causes cause it to download or display malicious adverts or pop ups when the victims online.

So if you're online, you see a large number of adverts or you're receiving pop ups quite randomly when you've been offline, then you need to be aware that your computer might have been affected by malware.

So keep an eye out for that.

So if you're on a computer and you get lots of these pop ups or adverts that you don't want just randomly appear even on normal websites that look like those ones that you trust, then that's an indicator that you might have been impacted by malware.

So lesson five going to look at all this and see what what we can do about this and how we can protect ourselves as well.

Okay? So let's just do another recap.

So which of the following malware might be used to monitor your keyboard in order to gain your username and password? So what do you think it is? Do you think its a Trojan? Think is a spyware? Or do you think of adware? So again, if you've got the answer, so let's do it 3,2,1.

So 3,2,1, it is, shouted out.

Its not Trojan, it is not Adware, it's Spyware.

Well done.

Excellent.

Okay, so let's go to our first task for this lesson.

Okay? So now we've done a little bit of exploring about all these different types of malware.

Your job is to work for the local cybersecurity police force because they want you to make a quick read, which is a fact sheet to help educate the public on one particular type of malware.

So you've got a choice here.

So pick one the following to research.

So you can research viruses, worms, ransomware, or Trojans.

Okay? So it's up to you which one you pick, but pick one that you probably find the most interesting or you think the public should be educated about; And then I'd like you to make that a quick read about it.

So what you got to do is you have to research a malware and give information as to what it is, you need to then describe how it breached the computer Misuse Act.

So you need to draw upon your learning from a previous lesson and then also, you need to find a case study about where the malware was used and what impact that has.

You might need to do a bit search on the internet to find out find out some examples of some real life uses or real life cases where maybe viruses or worms or ransomware, trojans have caused a real problem to people systems. Okay? So I'd like to head over to task one on your worksheet now.

Choose one form of malware to research and create a short summary to educate the public.

Now, on the on your worksheet, there are a set of hyperlinks that you can use, and they should help you do some research.

But please do ask your parent or carer for permission before attempting this task and before doing any internet research, because Oak Academy are not responsible for any third party content.

Okay? So hope you enjoy this task, if you can head over to your worksheet now complete task one and when you've done that, I'll be here when you get back.

Okay.

so how did you get on with that task? So we're going to move on to the next part of this lesson, which is looking at Internet bots.

So bots are automated programmes that perform tasks repeatedly.

But it could be argued that bots are a crucial part of the internet's infrastructure and perform useful tasks.

Now, for example, bots play a really useful role for search engines when they're finding new websites to index.

For example, Google have bots and any a new website that appears the bots will find them and then Google knows about them so when you search on Google, then it's able to find them and put them into your search results for you.

They might be used to provide customer service Online, for example, chat bots.

Now, I'm sure you've come across this before but if you haven't, then a chat bot might be something that's automated, like rather than you have to phone a company to find help, you might be able to put your problem in and the bot will be able to look at the problem and maybe give you some answers to your problems automatically without some kind of human intervention there.

They might also be used for monitoring the prices of items find the best deal and they're called shopbots.

But for example, when you search for something on the internet might be able to find you what the best price is currently right now; And that action is performed by bots, because they're constantly looking at the prices of items and finding out what the best deals are.

Okay, so internet bots actually play a really good role and are useful and important role on the internet.

So it is believed that over 50% of all internet traffic is bot traffic.

Now, I've personally found that like a mind blowing statistic, that actually, over half of all traffic on the internet is not done by human system but by bots.

And worryingly, though, a significant portion of that is malicious bots.

Now we talked about malicious being with harmful intent.

So over 50% of all internet traffic is done by bots and a big potion of that is malicious bots, then what is that malicious intent and what they're doing? So when bots go bad.

Now many of the bots circling the web have malicious intent.

Now, here's a couple of examples of the kind of malicious intent that they might have.

So they might be used to create social media accounts to follow certain users to increase people's perception of their influence.

So you might find people on some social media accounts who've got tonnes of followers absolutely loads, but actually majority of them might be not real humans, they might have been created by bots, but because they've got a number of followers and maybe people think they must be popular and they need to follow them.

Now, bots can be also be used to scour the web to look for and report back on a vulnerability of internet connected devices.

So these bots might be looking at all systems out there and work out maybe which ones haven't had the latest security patches, which ones have those vulnerabilities that we can send a particular type of attack to, to exploit their weaknesses in their system.

So, very much like the ransomware attack that didn't have the latest version of Windows installed, bots can be sent out to work out which computers would be vulnerable to that attack.

Okay, now, there's something called botnet.

Now, you might have heard that before.

So botnet is a collection of malware infected devices and then known as zombies.

Now, perhaps worryingly your computer might be a zombie now.

Now the idea is that your computer has been infected by a virus but you're not even aware that's happened because in your mind, or you might not notice on your computer anything malicious happening, your computer's not slowing down and that your files are all that you're able to access all the files so you might not even be aware that that's on your computer, which is why they're known as zombies.

Because in theory, they might be you know, asleep or dormant.

Now, an attacker or otherwise known as a bot herder chooses when to wake the zombies to perform an attack.

So when the bot herder is ready to perform his attack, he sends out a message to activate or wakes all these zombies.

That might even be your computer to perform an attack.

Now, this attack might be to send multiple requests to a single server.

Now if we think back to your previous lesson, what is the correct name for this type of attack? Can you remember? So remember, it's the type of attack that sending multiple requests to a single server from from lots of different computers at the same time.

Right.

Hopefully, I've triggered a memory from lesson three.

So if you got the answer, give it to me in three seconds.

3,2,1 It is? A DDoS attack.

Okay? So that's multiple computers sending multiple requests at the same time to a single server in order to cause disruption or to bring it down.

Okay? So, now let's look back I'm just going to go back I'm just going to go back to previous slide and I want to come back to this one, which is the second bullet point down here which says bots can be used to create social media account to follow certain users and now imagine bots creating social media accounts.

Now you can understand how that's malicious because it's it's falseness, isn't it? But what are the malicious intent could that have? What, What disadvantages could there be here? So let's go to a case study.

The case study is in the 2016, USA election, then Twitter came up afterwards after the election and posted this statement and said, "we have identified a total of 50,258 automated accounts that we identified as Russia linked and tweeting election related content during the election period." So why would Russia be trying to get involved or any Russians trying to get involved in the 2016 election? Were they Russian linked, do we know this, or were they just, did they look like they're coming from Russia.

But either way, there were bots created, so not human users that were creating Twitter accounts and actually posting election based content and you can see some examples on the screen there.

Okay? So not only were they just being created automated accounts to not necessarily with the intent or purpose to make someone a lot more popular than they are, but actually to tweak election based content.

So why would they do that? So what are the potential consequences of 50,258 automated accounts as a non-human users posting election based content? Okay? so I would like you to go ahead and go to your worksheet again, move to task two, and see if you can answer that question.

So think about who might maybe be trying to influence.

Why might they be trying to influence people, okay? What impact might that have or what are the consequences.

Okay? So you can pause this video head over to task on your worksheet.

Now think about that and answer the questions and then unpause the video when you're ready.

Okay, so how do you get on with that task? Now, hopefully, you've got that the fact that these Twitter accounts are being created to encourage people to vote a certain way.

I think the political nature of this highlights the new form of warfare between governments that are used to try and destabilise elections or influence people's opinions ahead of these elections.

So it goes back to the age old argument that we shouldn't believe everything we read on the internet.

So I strongly recommend that anything you see on social media on the internet, before you form your opinion on it, make sure that that source of information is verified, or they're able to backup what's being said, all the facts in it from multiple sources.

Okay, so that's all for this lesson.

I hope that you've enjoyed this lesson where we've learned about different types of malware.

Now, you might be thinking about this lesson well, okay, I can be infected by these different types of malware.

But what do I do about it? How do I prevent myself from being infected from these different types of malware? Well, that's what lesson five is going to be all about.

We're going to look at how we can defend ourselves from all the different types and forms of attacks that we've learned about throughout this unit so far.

Okay.

So we'd like to see that what you've done so far, maybe can show us what your opinion is on malicious bots or anything that you come across, they'd like to share with and we'd really like to see that too.

Okay? So if you would like to share your work, please ask your parents or carer to share your work on Instagram, Facebook or Twitter, tagging @OakNational and using the #LearnwithOak.

Okay, that's all for me.

I'm looking forward to seeing you next lesson.