Virtual Help icon Virtual Help

  • Chat with library staff now
  • Contact your library
Skip to main content

Security

Computer or device security, internet security, and cybersecurity are interrelated concepts. At their core they aim to identify and setup best practices for protection against unwanted external threats. 

Tips for Staying Secure

  • Keep your device updatedMake sure to download the latest software updates on your device, better yet - set up an auto update process. Updates typically include security patches for known threats, which are important to keep up-to-date.
  • Install security softwareSecurity software, like antivirus software, will help protect your device against digital threats. Keep the software up to date, so that you have access to the latest virus definitions.
  • Lock your device with strong passwordsMake sure to use strong passwords, and two-factor authentication where possible. Use strong lock screen security on your mobile devices.
  • Consider what you access on public networksPublic Wi-fi networks are convenient, but they are also open to security threats. Don't access secure information when connected to a public network.
  • Consider encryption servicesIf you want to ensure your messages are 100% private, find an email serve that offers encryption. Encryption is default in communication apps like Whatsapp and iMessage.
  • Back up your deviceSchedule regular device backups. This way you will always have your data available in the event it's compromised on your device.

Content Licensing Information

Videos shared on this page fall outside of the Learning Portal's Creative Commons license.

Networks & Security Implications

Do you think about security when connecting to a network? How many times have you accessed your bank account, while connected to a public WiFi network? Find out more about security and network access, by browsing through the tabs. 

 

Do you have an internet connection at home?  If so, this is an example of a secure wireless network. Protected with a password, secure wireless networks are best to use when accessing and sharing sensitive information, like banking, your SIN (social insurance number), and any other information you'd like to keep protected.

If you've ever accessed a Wi-Fi network at a coffee shop, a mall, an airport, or at school, you most probably connected to an open wireless network. Open networks are typically unsecured, and you can connect to them without a password. While this is convenient, and saves your data, public Wi-Fi networks pose a number of security risks, so try to not access any sensitive information when connected to one. 

One way of ensuring privacy and security of your data when browsing using a public Wi-Fi network, is to use a VPN, or a virtual private network. A VPN creates an encrypted tunnel through which you can access information online away from "prying eyes". This protects your privacy, and ensures security. 

Passwords are your first line of defense against external intruders. Complex passwords that are 8 characters or longer and include a combination of letters, numbers and symbols are a great first step to keeping your information secure. Two-factor authentication, where, for example, a code is sent to you as a text message to use in your login, is a step up in the security game. 

Biometrics like iris scanning, facial recognition, and fingerprinting are yet another way of securing your devices, but they have their own security issues - Opens in a new window

Encryption scrambles data so that it's unreadable to those without a public key, which unlocks the data. Encryption makes information secure, as the message is sent in code, and appears to those without the key as random series of letters and numbers.

There are approximately 8.4 Billion connected "things" - Opens in a new window in the world. And maybe you are a proud owner of one or more of those things? Fitness and health trackers, smart TVs, video game consoles, voice activated assistants, smart thermostats, connected baby monitors, networked security cameras, and cars are just a few examples of what comprises the Internet of Things (IoT). 

Every device connected to a network is open to security threats. Have you heard of hackers taking control of a car? - Opens in a new window Or hackers speaking to a baby through an unsecured baby monitor - Opens in a new window? There's also a search engine - Opens in a new window out there that (with subscription) allows you to watch people through their unsecured devices. Creepy isn't it? Learn more about security implications of the Internet of Things, so that you're not its next victim. 

Loading

Security Threats

You need to know about the different types of threats out in the world wild web in order to protect yourself from their impact. Click through the tabs to learn more about each security threat. 

 

Phishing is the attempt to steal sensitive information, including: passwords, user names, credit card info, through the use of email any any other personal messaging system (e.g. text message, WhatsApp message, etc.). 

Here's an example: You receive what looks like a trustworthy message asking you to login to your personal account, for example your banking account.  The link in the message goes to a fake website, created to look real. The process of logging in to this fake website collects your sensitive information, providing hackers with your complete banking login information. This information can be used to login to your account, and steal your assets. 

Malware is short for malicious software. Malware is typically installed on a user's device with the purpose of stealing of personal information. Types of malware include: adware (or forced advertising), spyware (collects and steals personal information from unsuspecting users), or ransomware (money extortion).

Watch the video below and click through the individual tabs, to learn more about the various types of malware.

A virus is an executable program (requires user action) that gets unintentionally installed on a computer, and has the potential to corrupt data, and impact the operation of the computer. A virus needs to be opened (executed) in order to infect a computer.

worm, is a self-replicating computer program that spreads automatically across a computer, or a computer network, exploiting vulnerabilities. Computer worms are self acting and do not rely on user activation. Worms are considered a subclass of viruses. 

A Trojan horse, commonly known as trojan, like its mythological counterpart, is malware disguised as legitimate software. Once installed it allows access to your computer. 

Adware is a type of malware that installs popup advertising (ads) on a device. The ads are typically unwanted, and can be very annoying. Some adware can track personal information such as browsing data, and record keystrokes.

Spyware is installed without user knowledge, and is used by hackers to spy on people in order to get access to personal information, including: passwords, data, or tracking online activity.

Once spyware is on your computer, it can copy, delete, share and compromise your files, control programs, and enable remote access allowing someone else to control your computer. 

Ransomware is a type of malware that encrypts or locks files on your computer/device. In order to regain access to your information, hackers require a payment - a ransom.

Computer hacking is a form of "creative problem solving" that takes advantage of computer and network vulnerabilities. 

Why do hackers hack?

  1. Intellectual curiosity - to see how things work
  2. Personal protection - to patch their own networks
  3. Enjoyment - to have fun with unsuspecting users
  4. Activism - to support a social cause
  5. Financial gain - to make money by identifying software glitches
  6. Criminal activity - to cheat people out of sensitive information, and for financial gain 

According to Techopedia, hacktivism "is the act of hacking a website or computer network in an effort to convey a social or political message. The person who carries out the act of hacktivism is known as a hacktivist." Technology enables hacktivists to not only spread their message, but also mobilize masses at a global scale.  

Here are the most notable hactivist organizations and individuals:

  1. WikiLeaks - political whistleblower platform, founded by Julian Asange 
  2. Anonymous - a globally distributed group of hackers supporting various social justice causes
  3. Aaron Swartz - coder, political organizer, activist who campaigned for open access to scholarship

Most websites have an infrastructure in place that can accommodate a large number of access requests per day - think millions. Denial of Service (DoS) attack takes place when hackers overwhelm a website with too many requests - billions or trillions of them.

Distributed Denial of Service (DDoS) is when the attack comes from large number of computers at once. This causes network overload, the website stops responding, and appears to be down. 

DoS and DDoS attacks are made possible through the use of botnets. Botnets are networks of remotely controlled (hijacked) devices injected with malware, and controlled by hackers. Botnets are also called zombies, or zombie bots. Read more about botnets in this post - Opens in a new window.

Loading