Кто владеет информацией, тот владеет миром
Автор: Иксанова Любовь Анатольевна, Надеева Екатерина Олеговна
Населенный пункт: Московская область
Текстовое сопровождение проекта
Hello, dear jury! We are students of school, Daniel, Ksenia and Dan.
Imagine that you have a phone call.
Daniel: * Ksenia immediately picks up the phone *
Ksenia: - Hello, who are You?
Daniel: * silence on the other end of the wire*
Ksenia: - Hello? Is anyone there? Why are you silent?
Dan: Hello, Ksenia! Recently / a Few minutes ago you were at McDonald's, how was your cheeseburger.
Ksenia: - Um, how did you know I was there? How do you even know my name? Who's that?
Dan: - Listen to me, Ksenia. I know everything about you. I'm aware of your academic record, all your shopping, and your personal life in general. I have all your personal pictures on my hands. One of my actions - and they will be in the public domain.
Daniel: * Ksenia said in a quivering voice *
Ksenia: - What do you want? I'll do everything, just name the price …
Daniel: you think this is the beginning of a detective story, but it's part of our reality.
One day, Nathan Rothschild said, "whoever has the information, owns the world."
Let us ponder this phrase.
Dan: Indeed, knowing a lot about us, we are easier to manage. And the search for information about us, now, is not difficult.
Ksenia: data storage methods are upgrading. And people often began to think about the confidentiality of their information and the duration of storage of personal data, even after their removal.
Daniel: Now there are many cloud storages of information, each promises full protection. Problems of reliable storage arise when the volume of information increases. So should we trust cloud services?
Dan: Let's answer the question: should we 100% rely on the security of a particular cloud service? Or is there a small risk of information leakage?
Daniel: Some time ago, a major scandal broke out in the world community due to the fact that a former employee of the US national security agency Edward Snowden said that the US intelligence services had access to the servers of all major companies (including Google, Apple, Facebook and Microsoft). Thus, they had access to personal data of almost any inhabitant of the planet and could use it for their own purposes.
Ksenia: Do not think that while using smart phones or computers you are watched by the security services, because if you are an insignificant person for them - they don t care about you.
owever, while there is at least the slightest possibility that your personal information may appear in the public domain on the Internet, don t rely on 100% protection of your information in the mail services ( Mail, Gmail , Yandex ) social networks ( Facebook ,Odnoklassniki , Vkontakte ) and cloud data storage ( even those that use encryption ).
Dan: But does it increase the level of knowledge on how to counter cyberattacks? Many experts believe that a huge number of users still ignore the basic rules. We analyzed how our students and teachers ensure their safety on the Internet, and also found out how often they are faced with Internet fraud.
Based on our research, we can conclude that the respondents fairly fairly relate to personal data on the Internet. So how can scammers use your data?
- Hacking your account can provide attackers with a lot of interesting information. In the modern world there are many techniques and methods for obtaining private information using psychological tricks or deception.
Social engineering- is a method of obtaining the necessary access to information, based on the characteristics of people's psychology. The main goal of social engineering is to gain access to confidential information, passwords, banking data and other secure systems.
Social engineering methods:
1. Pretexting is a set of actions carried out according to a certain, pre-prepared scenario (pretext), as a result of which the victim can give out some information or perform a certain action. Pretexting involves the use of voice communications (telephone, Skype, etc.).
Example: The fraudster calls the person and represents the Bank employee. Under any pretext, he asks for personal data or bank card information.
2. Phishing (password harvesting fishing - "catching passwords")-obtaining the necessary information directly from the owner without technical hacking measures and without financial costs using e-mail, instant messaging or SMS-messages.
The classical scheme of phishing attacks:
• You have received an e-mail or SMS with a request to follow the link.
• When you click on the link opens a fake website.
• You are prompted to enter your username and password.
• Do not hesitate, you enter the data, and ready – the attacker has already gained access to previously protected information on this site.
• Even without input, just after the opening of the website-double Your computer it can get a "Trojan" unpredictable destination.
3. "Trojan horse" is a malicious program that is used to collect, destroy or modify information, disrupt the health of the computer or use the user's resources for other people's purposes.
Links to infected sites can be sent via email, social networks, instant messaging systems.
Mobile viruses are often delivered by SMS messages.
4. "Road Apple "-a kind of" Trojan horse", but instead of a letter or SMS-mailing you throw up the media containing malicious software (flash drive, CD/DVD, portable hard drive, etc.).
5. "Qui Pro quo "(from the Latin Quid pro quo – "service for service") - a method of social engineering, which consists in addressing the attacker to the victim by e-mail or phone in order to obtain information of interest in return for the"help".
6. The most trivial, but nevertheless the most dangerous method of social engineering:
"Peeping over the shoulder" method, which involves observation of the personal information of the victim over her shoulder.
In a world where the Internet space is an integral part of our real life, it is important to know how to protect yourself from intruders. We have prepared a booklet about the rules of security in the Internet space.
So what advice can we give?
- Never store important information in the "cloud" in unencrypted form, do not use the browser to save your password, if you know that your computer can be used by someone else. The best place to store your data is a handwritten notebook.
- Be cunning! While registering in the online store, it is not necessary to indicate your real name – no one will check them.
- Questioning everything. Treat letters with attachments or links with suspicion . Even if they came from a familiar address, there is no guarantee that the sender is not an attacker. After receiving a suspicious message, contact the sender and specify the information received.
- Don't be gullible. Don't share important information with strangers, even if they want to help you.
- Do not use open WI-Fi networks to access online banking and other financial services. Often they are created by intruders. Even if this is not the case, connecting to an unprotected connection is not difficult for a hacker.
Thank you for your attention! Take care of yourself and your information. Anything that can be sent, can be used against you.