GCSE ICT - Hacking & viruses

A view of KLB School from Wotton Hill - click to return to the website homepage

5.1.6 Protecting Data

Revision points:

Candidates should be able to:

describe what is meant by hacking
describe what a computer virus is
explain the measures which must be taken in order to protect against hacking
explain the measures which must be taken in order to protect against viruses

The risks to data:

The data stored in a computer can often be far more valuable than the actual computer equipment. Losing such data could put a company out of business.

Examples of valuable data are:

a company’s financial records;
customers’ details;
records of company stocks and shares;
data collected from experiments or research.

Data can be damaged or destroyed in the following ways:

mistakes by users such as deleting files
hackers gaining access to systems and changing or deleting data
computer fraud where data is changed to benefit individuals
theft of computer hardware such as laptops with data on the hard disk(s)
infection of systems and data by computer viruses.
deliberate and malicious damage by users of the system, possible in revenge for being made redundant for example.
disasters such as fire, floods, earthquakes etc. destroying equipment
breakdown of hardware, particularly disk drives

Why computer data is easier to misuse than paper-based data:

Action	Computer data	Paper-based data
Gaining access to the data	Anonymous remote accessing using the Internet (hacking) can be done if someone has the skills with a low risk of being caught.	Someone would have to physically break into where the printed data is stored.
Making a copy of data and removing it	Files can easily copied onto removable storage media (for example, a USB flash drive which can easily be hidden and removed). Files could also be removed by being sent as an email attachment.	Paper would have to photocopied or photographed. Large amounts of photocopied pages could be bulky to remove easily without detection.
Altering data without being detected	It is hard to spot altered data, even for an expert looking closely at the file properties.	It is usually easier to spot where printed data has been altered.
Searching for valuable data	It is easy and fast to search and sort computer data using software.	It is very time consuming to search and sort pages of printed data.

Reducing the risks of data loss:

Making a backup of data:

Keeping hardware secure:

Protect the computer itself by using locks on doors and windows and using security bolts to fix the computer permanently to the desktop.
Laptops are often fitted with locking points so a cable can be used to secure them to a desk etc.
Floppy disks are easily physically damaged and must also be kept away from magnetic fields and dust.

Illegal access to computers:

Hacking involves unauthorised access to computer systems, usually by finding out or breaking passwords. Once into a computer system a hacker can do an enormous amount of damage. Stand-alone computers are less of a risk as the damage is limited to just that computer. Computers which form part of a network or those with external links, such as attached modems, are at greater risk as they can be accessed from other computers.
There are three levels of hacking, all of which are punishable by fines or imprisonment under the Computer Misuse Act of 1990.
- Accessing information without permission - viewing information (i.e. looking through someone's personal email) or even attempting to access it is illegal.
- Accessing information and using it for illegal purposes - the information that has been accessed is used by the hacker or passed to someone else who uses it for illegal purposes (i.e. looking up details of a rival companies research projects or using information for blackmail)
- Accessing information and altering it for fraudulent purposes - the hacker alters the information they have accessed in some way (i.e. altering financial details of customers in a bank or introducing a virus)

Ways to restrict access:

Using user Ids (user identification) and passwords
Blocking external access - external hackers can be blocked by disconnecting modems from the telephone line when not being used. Systems with permanent phone connections need special software called a 'firewall' to try and prevent unauthorised access over networks and the Internet.
Physically making a computer or network difficult to access - by keeping individual computers in secure areas and blocking access to removable media so data cannot easily be copied.
Encryption - this involves transforming the data so that it is unreadable without a digital key. Encrypted data is therefore meaningless if it is accessed or intercepted. It is particularly important to encrypt data transferred over wireless networks because the data is so easy to intercept.

Computer viruses:

There are three things to remember when explaining what a virus:

It is a program: a set of instructions which can be introduced into a computer via a floppy disk, email attachment or the Internet.
It makes copies of itself: the program contains instructions that make it attach copies of itself to system files or programs. It can therefore spread to other programs on your hard disk and onto floppy disks or email itself to all the contacts in your email address book.
It causes damage: the effects can be devastating and cost millions of pounds to fix. They can alter programs or files and completely disable a computer's operating system.

Because a virus alters files it is illegal under the Computer Misuse Act of 1990 to deliberately infect a computer system with a virus and the offence is punishable by fines or imprisonment in the same way as other hacking offences.

Protecting against computer viruses:

Anti-virus software is usually required to detect and then destroy them but it is important to have regular updates to deal with new viruses. The anti-virus software scans the files on a computer looking for any viruses which it then removes and alerts the user.

Protecting floppy disks - The 'write-protection' hole in the corner of the floppy disk can be kept covered to prevent accidental wiping of the disk or the introduction of viruses.

To reduce the risk:

Never use a floppy disk of memory stick given to you from an untrustworthy source or pass floppy disks around between your friends.
Do not start up a computer with a floppy disk left in the drive.
Set the computer BIOS so the boot sequence does not start with the floppy disk drive.
Keep the write-protection hole covered on floppy disks that are used to store original "clean" programs - so they can be reinstalled with confidence.
Never open an email attachment that comes from someone unknown or is not clearly explained in the email message that it is attached to. Even then BE SUSPICIOUS - virus program writers are always thinking of new ways to get computer users to open attachments and run the virus!
Install a virus protection program and keep it up-to-date!
Be careful of the websites you visit and the hyperlinks you click on. Many websites are designed to trick visitors into downloading viruses, trojans or spyware by offering free downloads. If you are unsure of a hyperlink, always hover over it with the mouse before clicking so you can see (in the bottom-left of the browser screen) where it will take you to. i.e. Click here to view a funny video.