NETWORK AND

SECURITY
SOCORRO PERPETUA G. PEDRAGOSA
I. INTRODUCTION

How many of you have or know of someone who has a device that you can unlock with your
face? What type of device is it?

https://youtu.be/f5qgOqNQ7zY
LEARNING ACTIVITY 1

BENEFITS OF FACIAL PRIVACY RISKS OF FACIAL

RECOGNITION/PASSWORD RECOGNITION/PASSWORD
NETWORK SECURITY
 NETWORK

A network is a collection of interconnected devices or nodes that can

communicate with each other. This communication can occur through various
means, such as wired or wireless connections. Networks can be local, like a
home or office network, or global, like the internet. They enable the sharing
of resources, data, and services among connected devices, facilitating
collaboration and communication.
 SECURITY

Security, in the context of networks, refers to the measures and practices put
in place to protect the integrity, confidentiality, and availability of data and
resources within a network. It involves implementing safeguards against
unauthorized access, data breaches, malware attacks, and other threats that
may compromise the network's functionality and the safety of its users.
 THE IMPORTANCE OF SECURITY IN
COMPUTER SYSTEM AND NETWORKS

• Computer and network security help keep data and equipment safe by giving only
the appropriate people access. Everyone in an organization should give high
priority to security, because everyone can be affected by a lapse in security.
• Theft, loss, network intrusion, and physical damage are some of the ways a
network or computer can be harmed. Damage or loss of equipment can mean a
loss of productivity. Repairing and replacing equipment can cost the company
time and money. Unauthorized use of a network can expose confidential
information and reduce network resources.
SECURITY ATTACKS
TYPES OF THREATS TO COMPUTER
SECURITY:

• Physical: Events or attacks that steal, damage, or destroy such

equipment as servers, switches, and wiring.
• Data: Events or attacks that remove, corrupt, deny access to,
allow access to, or steal information.
POTENTIAL THREATS INCLUDE THE FOLLOWING:

• Internal: Employees who have access to data, equipment, and the

network. Internal attacks can be characterized as follows:
•  Malicious threats are when an employee intends to cause damage.
•  Accidental threats are when the user damages data or equipment
unintentionally.
• External: Users outside an organization who do not have
authorized access to the network or resources. External attacks
can be characterized as follows:
•  Unstructured attacks, which use available resources, such as
passwords or scripts, to gain access to and run programs designed
to vandalize.
•  Structured attacks, which use code to access operating systems
and software.
 TYPES OF MALWARE

1. Ransomware
is software that uses encryption to disable a target’s access to its data
until a ransom is paid. The victim organization is rendered partially or
totally unable to operate until it pays, but there is no guarantee that
payment will result in the necessary decryption key or that the decryption
key provided will function properly.
This year, the city of Baltimore was hit by a type of ransomware
named RobbinHood, which halted all city activities, including
tax collection, property transfers, and government email for
weeks. This attack has cost the city more than $18 million so
far, and costs continue to accrue. The same type of malware was
used against the city of Atlanta in 2018, resulting in costs of $17
million.
 2. FILELESS MALWARE
• doesn’t install anything initially, instead, it makes changes to
files that are native to the operating system, such as
PowerShell or WMI. Because the operating system
recognizes the edited files as legitimate, a fileless attack is not
caught by antivirus software — and because these attacks are
stealthy, they are up to ten times more successful than
traditional malware attacks.
• Astaroth is a fileless malware campaign that spammed users with links
to a .LNK shortcut file. When users downloaded the file, a WMIC tool
was launched, along with a number of other legitimate Windows tools.
These tools downloaded additional code that was executed only in
memory, leaving no evidence that could be detected by vulnerability
scanners. Then the attacker downloaded and ran a Trojan that stole
credentials and uploaded them to a remote server.
 3. SPYWARE

• Spyware collects information about users’ activities without

their knowledge or consent. This can include passwords,
pins, payment information and unstructured messages.
• The use of spyware is not limited to the desktop browser: it
can also operate in a critical app or on a mobile phone.
• DarkHotel, which targeted business and government
leaders using hotel WIFI, used several types of malware
in order to gain access to the systems belonging to
specific powerful people. Once that access was gained,
the attackers installed keyloggers to capture their targets
passwords and other sensitive information.
 4. ADWARE
• Adware tracks a user’s surfing activity to determine which ads to serve them.
Although adware is similar to spyware, it does not install any software on a user’s
computer, nor does it capture keystrokes.
• The danger in adware is the erosion of a user’s privacy — the data captured by
adware is collated with data captured, overtly or covertly, about the user’s activity
elsewhere on the internet and used to create a profile of that person which includes
who their friends are, what they’ve purchased, where they’ve traveled, and more.
That information can be shared or sold to advertisers without the user’s consent.
• Adware called Fireball infected 250 million computers
and devices in 2017, hijacking browsers to change
default search engines and track web activity. However,
the malware had the potential to become more than a
mere nuisance. Three-quarters of it was able to run
code remotely and download malicious files.
 5. TROJAN

• Emotet is a sophisticated banking trojan that has been around since 2014. It
is hard to fight Emotet because it evades signature-based detection, is
persistent, and includes spreader modules that help it propagate. The trojan is
so widespread that it is the subject of a
US Department of Homeland Security alert, which notes that Emotet has
cost state, local, tribal and territorial governments up to $1 million per
incident to remediate.
 6. WORMS

• Worms target vulnerabilities in operating systems to install themselves into networks. They
may gain access in several ways: through backdoors built into software, through
unintentional software vulnerabilities, or through flash drives. Once in place, worms can be
used by malicious actors to launch DDoS attacks, steal sensitive data, or conduct
ransomware attacks.
• is a self-replicating program that is harmful to networks. A worm uses the network to
duplicate its code to the hosts on a network, often without any user intervention. It is
different from a virus because a worm does not need to attach to a program to infect a host.
Even if the worm does not damage data or applications on the hosts it infects, it harms
networks because it consumes bandwidth.
• Stuxnet was probably developed by the US and Israeli
intelligence forces with the intent of setting back Iran’s
nuclear program. It was introduced into Iran’s environment
through a flash drive. Because the environment was air-
gapped, its creators never thought Stuxnet would escape its
target’s network — but it did. Once in the wild, Stuxnet
spread aggressively but did little damage, since its only
function was to interfere with industrial controllers that
managed the uranium enrichment process.
 7. VIRUS
A virus is a piece of code that inserts itself into an application and executes when the app is run.
Once inside a network, a virus may be used to steal sensitive data, launch DDoS attacks or conduct
ransomware attacks.
Computer viruses are created with malicious intent and sent by attackers. A virus is attached to sma
pieces of computer code, software, or document. The virus executes when the software is run on a
computer. If the virus spreads to other computers, those computers could continue to spread the viru
A virus is transferred to another computer through e-mail, file transfers, and instant messaging. The
virus hides by attaching itself to a file on the computer. When the file is accessed, the virus executes
and infects the computer. A virus has the potential to corrupt or even delete files on your computer,
use your e-mail to spread itself to other computers, or even erase your hard drive. Some viruses can
be exceptionally dangerous. The most damaging type of virus is used to record keystrokes. Attacker
can use these viruses to harvest sensitive information, such as passwords and credit card numbers.
Viruses may even alter or destroy information on a computer. Stealth viruses can infect a computer
• A virus cannot execute or reproduce unless the app it has
infected is running. This dependence on a host application
makes viruses different from trojans, which require users
to download them, and worms, which do not use
applications to execute. Many instances of malware fit
into multiple categories: for instance, Stuxnet is a worm, a
virus and a rootkit.
 LOVE BUG VIRUS

ILOVEYOU, sometimes referred to as Love Bug or Love Letter for you, is a computer worm that infected over ten
million Windows personal computers on and after 5 May 2000. It started spreading as an email message with the
subject line "ILOVEYOU" and the attachment "LOVE-LETTER-FOR-YOU.TXT.vbs."[1] At the time, Windows
computers often hid the latter file extension ("VBS," a type of interpreted file) by default because it is an extension for
a file type that Windows knows, leading unwitting users to think it was a normal text file. Opening the attachment
activates the Visual Basic script. First, the worm inflicts damage on the local machine, overwriting random files
(including Office files and image files; however, it hides MP3 files instead of deleting them), then, it copies itself to all
addresses in the Windows Address Book used by Microsoft Outlook, allowing it to spread much faster than any other
previous email worm.[2][3]
Onel de Guzman,[4] a then-24-year-old resident of Manila, Philippines, created the malware. Because there were no
laws in the Philippines against making malware at the time of its creation, the Philippine Congress enacted Republic
Act No. 8792, otherwise known as the E-Commerce Law, in July 2000 to discourage future iterations of such activity.
However, the Constitution of the Philippines bans ex post facto laws, and as such de Guzman could not be prosecuted.
• ILOVEYOU was created by Onel de Guzman aka Lto3, a college student in Manila,
Philippines, who was 24 years old at the time. De Guzman, who was poor and struggling
to pay for Internet access at the time, created the computer worm intending to steal other
users' passwords, which he could use to log in to their Internet accounts without needing
to pay for the service. He justified his actions on his belief that Internet access is a
human right and that he was not actually stealing.[6]
• The worm used the same principles that de Guzman had described in his undergraduate
thesis at AMA Computer College. He stated that the worm was very easy to create,
thanks to a bug in Windows 95 that would run code in email attachments when the user
clicked on them. Originally designing the worm to only work in Manila, he removed this
geographic restriction out of curiosity, which allowed the worm to spread worldwide. De
Guzman did not expect this worldwide spread
LEARNING ACTIVITY 2
TRY THIS! IDENTIFY THE TYPES OF MALWARE

MALVERTISING
VIRUSES
WORMS
TROJANS
RANSOM WARE
FILELESS
BOTS/BOTNETS
ROOTKITS
SPYWARE
ADWARE
CHECK YOUR ANSWER!
WHAR ARE THE KEY ASPECTS OF NETWORK SECURITY?
SUMMARY

• Network security is a very important way of keeping your computer stable and free from
any. We also need to remember that cleaning the software of our computer is one of the
major goal in order to protect the computer from any Malicious Acts from foreign
Malwares.
• “In Jerusalem he made engines, invented by skillful men, to be on the towers and the
corners, to shoot arrows and great stones. And his fame spread far, for he was marvelously
helped, till he was strong.”-2 Chronicles 26:15
EVALUATION

1. How does malware get onto your computer?

A. Email attachments or links
B. On USB sticks
C. By visiting dodgy websites
D. All of the above
EVALUATION

2. ____ is a type of malware that may cause pop-up advertisements to appear outside
the web browser.
A. Adware
B. Spyware
C. Trojan Virus
D. Anti-malware software
EVALUATION

3. Malware that is used to steal your information and send it to a third party is known as
_____
A. Adware
B. Spyware
C. Hijacker
D. Anti-malware software
EVALUATION

4. Malware is used to describe all types of bad software. Malware is a combination of what
two words?
A. Magnificent and software
B. Malicious and software
C. Marketing and software
D. Normal and Adware
EVALUATION

5. Love bug is an example of

A. Spyware
B. Worms
C. Virus
D. Trojan
AGREEMENT:

• Make a digital poster on how can you help others in order to secure online privacy.
NETWORK SECURITY ENCOMPASSES VARIOUS
TECHNIQUES AND TECHNOLOGIES, INCLUDING: