Computer Science with Python for Grade 11

Academic Year : 2024-2025

Teacher: Mr. Rajat Gupta

Chapter 14
Cyber Safety
Notes

Cyber safety is the safe and responsible use of Internet & ICT (Information & Communication Technology). Cyber
safety is about not only keeping information safe and secure, but also being responsible with that information, being
respectful of other people online. As per Cyber safety, people are advised to use good 'netiquette' (internet
etiquettes).

Safely Browsing the Web

Viruses and malware spread, easily and quickly through websites/web browsing. An infected computer can run slow,
barrage us with pop-ups, download other programs without our permission, or allow our sensitive personal
information to others.

Tips for Safe Web Browsing

● Common sense-(never respond to spam & disclose personal information).
● Use an antivirus & Firewall-It provide real-time malware protection.
● Create strong passwords.
● Mind your downloads -Be sure to review all pre-checked boxes prompted at download & un-check any extra
applications which we don’t want to install.
● Stay updated- Update O.S., Applications & Anti-virus.

Identity Protection
Identity fraud is when personal details that have been accessed or are used to commit fraudulent acts posing as
someone else with stolen identity. Identity theft can take place in multiple form, such as
● Financial Identity Theft : When identity is stolen for financial gains
● Criminal Identity Theft : When criminals hide their identity and use the stolen identity to do some crime.
● Medical Identity theft : Medical Drugs or Treatment is the objective behind stealing the identity.

Common Solution to Protect the Identity is to use Private Browsing or Anonymous Browsing on the Internet.

Ways Websites Track User’s Data:

Various ways of used by websites to track us online are as follows:
● IP Address: From our IP address, a website can determine our rough geographical location.
● Cookies and Tracking Scripts : They can identify and track our browsing activity across a website. Cookies
can be :
○ First Party Cookies: These are the cookies that store your own login id, password, auto fill
information etc.
○ Third Party Cookies: These are the cookies that websites store to know about your search history and
web browsing history so as to place advertisements as per your interests.
● HTTP Referrer : When a link to an outside website on a web page is clicked, then the linked website will get
opened and internally our information will be provided to the linked website.
● Super Cookies: Super Cookies are persistent cookies that come back even after we delete them.
● User Agent : It tells websites our browser and operating system, providing another piece of data that can be
stored and used to target ads.
Ways to stop Tracking by Websites
1. Anonymous Browsing : It allows users to view websites without revealing any personal information of the
user like their IP address, machine type, location etc. An anonymous browser let users access websites
anonymously. It can be used as a tool for government, journalists and everyday security-conscious surfers.
2. Private Browsing
● Incognito Browsing : It opens up a version of the browser that will not track your activity. It’s
particularly useful if you’re entering sensitive data like bank details into the browser.
● Proxy : It works by acting as a middleman between your computer and the website you want to
access.
● Virtual Private Network(VPN) : It is a method used to add security and privacy to private and public
networks, like WiFi hotspots and the Internet. VPNs are most often used by corporations to protect
sensitive data.

Confidentiality of Information : Confidentiality of information ensures that only authorized users get access to
sensitive and protected data.
Practices to ensure Confidentiality of Information
1. Use firewall wherever possible : A firewall is a program that can monitor both incoming and outgoing
communication and traps the illicit one.
2. Control browser settings to block tracking: The default browser settings can be changed to prevent the
tracking by websites.
3. Browse privately wherever possible : To avoid the tracking by websites, you should try to browse Internet
privately wherever possible.
4. Be careful while posting on Internet : Ensure that you never post your crucial information like your personal
details such as address, mobile number, bank details, credit card details etc. on public Internet sites.
5. Ensure Safe sites while entering crucial information: When you provide your personal details or bank details
on a website, then ensure following things:
■ Type the URL of the website in the address bar of the browser on your own. Do not click on a link that
takes to this website; or do not cut/copy the link of this website and paste it. Type the URL on your
own in the address bar of the web browser.
■ Ensure that the address contains HTTP and a padlock sign. A safe site’s URL starts with https:// and
not with http://. Also, it shows a closed padlock.
6. Carefully handle emails : While opening an email, make sure that you know the sender. Even if you open the
email message by accident, make sure not to open an attachment or any link in an email from an unrecognized
source.
7. Do not give sensitive information on Open Wireless networks.
8. Avoid using Public computers.

Cybercrime : It is any criminal offense that is facilitated by, or involves the use of, electronic communications or
information systems, including any electronic device, computer, or the Internet.
Common Cybercrimes
1. Cyber troll : It refers to a person who purposely posts opposing, sarcastic, defaming or insulting comments
about something or someone with an aim of targeting a person online. Troll can refer to a person also who is
doing it and it may refer to the derogatory comments posted by a troll.
2. Cyber Bullying : It occurs when someone uses the Internet, a cell phone, email, instant messaging, chat rooms
or social networks, such as Facebook, Twitter etc., to harass , demean, embarrass or intimidate someone else.
3. Cyber Stalking : This is a kind of online harassment wherein the victim is subjected to a barrage of online
messages and emails. A cyber stalker afforded by the Internet to allow them to stalk their victim without being
detected. Cyber stalkers often do this to trouble their victims:
■ They collect all personal information about the victim such as name, daily routing, place of work, date
of birth etc.
■ Some stalkers subscribe the email account of the victim to innumerable obscene or illegal sites
because of which victim starts receiving such kind of unsolicited e-mails.
 ■ Some stalkers keep on sending repeated emails asking for various kinds of favors or threaten the
victims.
4. Spreading Rumors Online : Through fake profiles, some people get indulged in posting false information on
social media, or comments that could hurt others or spread rumors that may trigger panic or hurt religious
sentiments of other people resulting into clashes and even riots etc.
Note : Spreading rumors online is a cybercrime and is a punishable offense. As per Information Technology
Act of India, Publishing/circulation of Rumors, especially hurting religious sentiments is a cybercrime and it
may invite a fine with imprisonment extendable up to three years.
5. Online Frauds: Fraud committed using the Internet is called Online fraud. Online fraud may occur in many
forms such as:
a. Non-delivered good c. Stealing information
b. Non-existent companies d. Fraudulent payments
e. Credit card frauds: Stealing the credit card details of a user from his/her online activities and then
carrying out some payment fraud with the help of stolen card details.
6. Information Theft: Stealing someone’s online identity (social media account, email etc.), and posting
fraudulent posts or carrying out malicious activity (spread of rumors etc.)
7. Scams: Any fraudulent business practice that extracts money from people is called a scam. Scams committed
over the internet are called online scams.
8. Illegal downloads: It refers to obtaining files for which you don’t have the right to use or download from the
Internet. Most items that are protected under copyright law are available against a payment. Violating this is
known as illegal download. Example : Downloading a movie or software which is not available for free
download.
9. Child Pornography: It is defined as any visual or written representation that depicts or advocates sexual
activity (including sexual molestation or exploitation) of anyone under the age of 18.
Safeguard against Child pornography
1. Information Technology Act, 2000 & Indian Penal Code, 1860 provides protection from child
pornography.
2. According to the Information Technology (Amendment) Act, 2008, section 67 has been amended –that
not only creating and transmitting obscene material in electronic form but also browsing such sites is
an offense.

Reporting Cyber Crimes

If any cybercrime happens, one must report it firstly to parents, school authorities and then to police.
To report a cybercrime:
● The local police can be approached for filing complaints just as the cybercrime cells specially designated with
the jurisdiction to register complaint.
● In addition, provisions have now been made for filing of ‘E-FIR’ in most of the states.
● In addition, the Ministry of Home Affairs is also launching a website for registering crimes against women and
children online including cybercrimes.

Computer Forensecis:
● It refers to methods used for interpretation of computer media for digital evidence.
● It provides our legal system (courts) with a way to recover data from electronic or digital services.
● Goal of process: To preserve any evidence in its most original form while performing a structured
investigation by collecting, identifying and validating the digital information for the purpose of reconstructing
past events.
Process:
Cyber Laws and IT Act
● Cyber law is a generic term which refers to all the legal and regulatory aspects of Internet and the World
Wide Web.
● The growth of e-commerce and accessibility of internet to common people has propelled the need for vibrant
and effective regulatory mechanisms which would further strengthen the legal infrastructure.
India’s IT Act and IT (Amendment) Act
○ In India the cyber laws are enforced through Information Technology Act, 2000 (IT Act 2000). Its prime
purpose was to provide legal recognition to electronic commerce.
○ This act was amended in December 2008 through the IT (Amendment) Act, 2008. It came into force
from Oct. 27, 2009. It provided additional focus on Information Security and added several new
sections on offenses including Cyber Terrorism and Data Protection. Other major amendments of IT
Act(2008) included:
1. Authentication of electronic records by digital signatures gets legal recognition.
2. E-documents gets legal recognition.
○ This Act was again amended in 2021 and the new amendments are:
1. Greater diligence of social media.
2. Fast grievance redressal.
3. Ensure online safety and dignity of users.
4. User Education about the privacy policies.
○ Further, In April, 2023, Intermediary Guidelines and Digital Media Ethics Code was added to IT Act,
The rules include the creation of a Fact Check Unit (FCU) that can determine the validity of information
and decide if it should be present online.

Digital Footprints : A digital footprint – sometimes called a digital shadow or an electronic footprint – refers to the
trail of data you leave when using the internet. It includes websites you visit, emails you send, and information you
submit online. Types of Digital Footprint are:
● Active Footprints : Formed by online activities you do knowingly.
● Passive Footprint : Formed by almost all the activities you do online without your knowledge.

Usage Rule applicable on the use of Social media

1. Be Authentic : Be honest about your identity.
2. Be Secure : Use strong passwords.
3. Be Relaible : Use disclaimer about your personal view, and it dont have any association with the any
institution or organisation.
4. Don’t Pick Fights Online : Convey your unhappiness over a post/comment through constructive
posts/message while carefully choosing the right words.
5. Don’t use fake names or pseudonyms : Never pretend to be someone else.
6. Protect Your Identity : Never list your full name, parents’ details, home address or telephone number online.
It is a good idea to create a separate e-mail address that is used only with social media sites. Also, you should
never share about your location online; thieves are always ready and love such opportunities.
7. Respect Your Audience : Don’t use slang, personal insults, obscenity, or engage in any conduct that would
not be acceptable in your connected world.
8. Respect other’s Sentiments : You should always respect others’ privacy and be considerate for topics that
may be considered sensitive- such as politics and religion.
 9. Monitor Comments : You should prefer to review and approve comments before posting them on your site.
This way you will ensure the quality of comments.

Threats to Computer Security

A threat is a potential violation of security. When a threat is actually executed, it becomes an attack.
Various Threats are:
● Viruses: Virus are malicious codes/programs that cause damage to data and files on a system. It can attack
any part of a computer's software such as operating system, application programs and system files. Two
common type of viruses are : WORMS & TROJAN
○ WORM (Write Once Read Many) : It is a self-replicating program which eats up the entire disk space
or memory. A worm keeps on creating its copies until all the disk space or memory is filled.
○ TROJAN HORSES : It is a program that appears harmless (such as a text editor or a utility program)
but actually performs malicious functions such as deleting or damaging files.

Damages caused by Viruses :

■ Damage or delete files – damage or delete random documents or specific files that are crucial to the
Operating System.
■ Slow down your computer.
■ Invade your email program.

● Spyware : It is software which is installed on your computer to spy on your activities and report this data to
people willing to pay for it. It tracks the user’s behavior and reports information back to a central source. It
gets installed on your PC without your consent. It gets downloaded from the internet when you visit a
particular website.
Damages caused by Spyware :
■ Compromises your data, computing habits and identity.
■ Alter PC Setting.
■ Slows down your PC.

● Adware : These are the programs that deliver unwanted ads to your computer. They consume your network
bandwidth.
Damages caused by Adware:
■ Adware tracks information just like spyware.
■ Displays arrays of annoying advertising.
■ Slows down your PC.

● Spamming : It refers to the sending of bulk mail by an identified or unidentified source. In non-malicious form,
bulk-advertising mail is sent to many accounts. In malicious form, the attacker keeps on sending bulk mail until
the mail-server runs out of disk space.
Damages caused by Spamming
■ Spam reduced productivity : Billions of spam messages circulating across the Internet can disrupt
email delivery, degrade system performance and reduce overall productivity.
■ Spam eats up your time.
■ Spam can lead to worse things.

● PC Intrusion : Every PC connected to the internet is a potential target for hackers. Unauthorized access to
data present in PC is known as PC intrusion.
Types of PC Intrusion:
1. Sweeper Attack: This attack deletes all the data from the system.
2. Denial Of Service: It prevents the legitimate users of a website to use the website, by flooding
website with lots of messages.
3. Password Guessing: Most hackers crack or guess passwords of system accounts and gain entry into
remote computer systems.

● Eavesdropping : It is a passive attack in which an attacker gains access to the communication-medium

through which some communication is taking place and then listens to the communication and gets
 information about the content of the message. Eavesdropping activities do not affect normal operation of
transmission and communication; thus both the sender and the recipient can hardly notice that the data has
been stolen, intercepted or defaced.

● Phishing : It is the fraudulent process of attempting to acquire sensitive information such as usernames,
passwords, credit card information, account data etc. In phishing, an imposter uses an authentic looking email
or website to trick recipients into giving out sensitive personal information.

● Pharming : It is an attack in which a hacker attempts to redirect a website’s traffic to another, bogus website.
Through a pharming attack, the attacker points you to a malicious and illegitimate website by redirecting the
legitimate URL. In this the attacker convinces you that the site is real and legitimate by spoofing or looking
almost identical to the actual site down to the smallest details.

● Cookies : Also known as web cookie or browser cookie. It is a small piece of data sent from a website and
stored in a user’s web browser while a user is browsing a website. Some cookies disappear after the user
closes his browser while others, known as tracking cookies, remain saved and load the next time the user
visits the same websites.

Solutions to Computer Security Threats

Two solutions against threats are:
1. Active Protection
2. Preventive Measures.

Active Protection
● Use anti-virus and anti-spyware software, to detect and eliminate any threat that sneaks its way onto your PC.
● New viruses and malware emerge every day, and your security software must be updated in order to provide
full protection.
● Run Frequent full system scans at least once in a month.

Preventive Measures
● Only download files from reputable websites by looking full contact information and SSL encryption of
sensitive information, typically indicated by a padlock in the lower right corner of your web browser.
● Be careful with email, don’t download or open doubtful email attachments. And disconnect from the internet
when you’re away.
● Disable cookie : If you are particular about the safety of your personal information, then you may disable
cookies on your browser.

Prevention Against Spam

● Sender Filtering : This method allows only messages from your approved sender list to reach your inbox. This
is done on basis of digital certificates and digital signatures.
● Digital certificates are specially formatted digital information issued to websites, are used to verify the identity
of the message from sender to recipient by generating a digital signature that can be used to sign the
message.
● Keep email address private.
● Install protection software such as Internet security software.
● Avoid conducting online transactions or using online banking services on public Internet facilities.

Prevention Against PC Intrusion

● Authorization : Asking the user a legal login –id performs authorization.
● Authentication : It is also termed as password protection as the authorized user is asked to provide a valid
password, and if/she is able to do this, he/she is considered to be an authentic user.
● Firewall : A system designed to prevent unauthorized access to or from a private network is called
FirewallFirewall are a mechanism to prevent unauthorized Internet users from accessing private networks
connected to the Internet.