Threat to Security Basic 6 Security Education Lesson Note

Download Lesson Note
Lesson Notes

Topic: Threat to Security

Learning Objectives: By the end of the lesson, pupils should be able to:

  1. Define threats
  2. Mention common security threats including botnets, hacking, malware, phishing
  3. Explain some security threats

Lesson Content:

What are Threats?

Definition: A threat is any potential danger, risk, or harmful action that could cause damage, loss, or injury to people, property, information, or systems. Threats can be intentional (caused by people) or unintentional (caused by accidents or natural events).

Characteristics of Threats:

  • Potential for Harm: Can cause damage or loss if they occur
  • Uncertainty: May or may not actually happen
  • Varying Impact: Can cause minor inconvenience to major catastrophe
  • Different Sources: Can come from people, technology, nature, or accidents
  • Evolving Nature: New threats emerge as technology and society change

Types of Threat Sources:

  • Human Threats: Criminals, terrorists, hackers, dishonest employees
  • Technical Threats: Equipment failure, software bugs, system crashes
  • Environmental Threats: Natural disasters, power outages, extreme weather
  • Operational Threats: Human error, procedure failures, communication problems

COMMON SECURITY THREATS:

  1. CYBER/DIGITAL THREATS

A. HACKING

Definition: Hacking is the unauthorized access to computer systems, networks, or digital devices with the intent to steal, damage, or misuse information and resources.

How Hacking Works:

  • Password Attacks: Guessing or stealing passwords to gain access
  • System Vulnerabilities: Exploiting weaknesses in software or systems
  • Social Engineering: Tricking people into giving access or information
  • Physical Access: Gaining unauthorized physical access to devices
  • Network Infiltration: Breaking into computer networks and systems

Examples of Hacking:

  • Breaking into someone’s email or social media accounts
  • Accessing school computer systems without permission
  • Stealing personal information from websites
  • Taking control of other people’s devices remotely
  • Accessing bank accounts or financial systems illegally

Potential Damage:

  • Theft of personal and financial information
  • Loss of privacy and confidential data
  • Financial losses and fraud
  • Damage to reputation and relationships
  • Disruption of services and activities
  1. MALWARE

Definition: Malware (malicious software) is harmful computer programs designed to damage, disrupt, or gain unauthorized access to computer systems and data.

Types of Malware:

  • Viruses: Programs that attach to other files and spread to other computers
  • Worms: Self-replicating programs that spread through networks
  • Trojans: Programs that appear helpful but actually cause harm
  • Spyware: Programs that secretly monitor and collect information
  • Ransomware: Programs that encrypt files and demand payment for access

How Malware Spreads:

  • Email attachments from unknown sources
  • Downloads from untrusted websites
  • Infected USB drives and external storage
  • Clicking on suspicious links
  • Installing untrusted software or apps

Effects of Malware:

  • Slows down or crashes computer systems
  • Steals personal information and passwords
  • Deletes or corrupts important files
  • Uses computer resources without permission
  • Spreads to other connected devices
  1. PHISHING

Definition: Phishing is a fraudulent attempt to obtain sensitive information by pretending to be a trustworthy entity in electronic communications.

How Phishing Works:

  • Fake Emails: Messages that appear to be from legitimate organizations
  • Fraudulent Websites: Fake websites that look like real ones
  • Text Messages: SMS messages requesting personal information
  • Social Media: Fake profiles or messages requesting information
  • Phone Calls: Callers pretending to be from banks or companies

Common Phishing Examples:

  • Emails claiming to be from banks asking for account details
  • Messages saying you’ve won a prize and need to provide information
  • Fake websites asking for login credentials
  • Text messages claiming account problems requiring immediate action
  • Social media messages from fake friends requesting personal details

Information Targeted by Phishing:

  • Bank account numbers and passwords
  • Credit card information
  • Social security numbers
  • Personal identification details
  • Login credentials for various accounts
  1. BOTNETS

Definition: A botnet is a network of infected computers (called “bots” or “zombies”) that are controlled remotely by cybercriminals without the owners’ knowledge.

How Botnets Work:

  • Infection: Computers are infected with malware that allows remote control
  • Command and Control: Criminal controllers send instructions to infected computers
  • Coordinated Activities: All infected computers perform the same malicious activities
  • Hidden Operation: Computer owners usually don’t know their device is infected
  • Large Scale Impact: Thousands or millions of computers can be controlled together

Botnet Activities:

  • Sending spam emails from infected computers
  • Launching denial-of-service attacks on websites
  • Mining cryptocurrency using infected computer resources
  • Stealing information from infected computers
  • Spreading more malware to additional computers
  1. PHYSICAL THREATS
  2. THEFT AND BURGLARY
  • Stealing of physical property, money, or valuable items
  • Breaking into homes, schools, or businesses
  • Pickpocketing and purse snatching
  • Vehicle theft and vandalism
  • Identity document theft
  1. VIOLENCE AND ASSAULT
  • Physical attacks on individuals
  • Bullying and intimidation
  • Domestic violence
  • Robbery with violence
  • Terrorist attacks
  1. VANDALISM AND DESTRUCTION
  • Deliberate damage to property
  • Graffiti and defacement
  • Breaking windows or destroying equipment
  • Damaging vehicles or buildings
  • Destruction of public facilities
  1. INFORMATION THREATS
  2. IDENTITY THEFT
  • Stealing personal information to impersonate someone
  • Using stolen information for fraudulent activities
  • Opening accounts in someone else’s name
  • Making purchases with stolen identity
  • Accessing services using false identity
  1. PRIVACY VIOLATIONS
  • Unauthorized access to personal information
  • Sharing private information without permission
  • Monitoring personal communications
  • Recording private activities
  • Exposing confidential information
  1. SOCIAL THREATS
  2. CYBERBULLYING
  • Using technology to harass, intimidate, or hurt others
  • Spreading rumors or embarrassing information online
  • Excluding someone from online groups
  • Sending threatening or hurtful messages
  • Posting embarrassing photos or videos
  1. ONLINE PREDATORS
  • Adults who use internet to exploit children
  • Building false relationships to gain trust
  • Requesting personal information or meetings
  • Sending inappropriate content
  • Attempting to meet children in person
  1. ENVIRONMENTAL THREATS
  2. NATURAL DISASTERS
  • Earthquakes, floods, storms, fires
  • Power outages and infrastructure failures
  • Extreme weather conditions
  • Disease outbreaks
  • Environmental contamination
  1. TECHNICAL FAILURES
  • Equipment breakdowns and malfunctions
  • Software bugs and system crashes
  • Communication system failures
  • Data corruption and loss
  • Security system failures

WARNING SIGNS OF SECURITY THREATS:

Digital Threat Warning Signs:

  • Computer running slower than usual
  • Unexpected pop-up messages or advertisements
  • Changes to computer settings without permission
  • Unknown programs installed on device
  • Unusual network activity or data usage

Physical Threat Warning Signs:

  • Strangers asking personal questions
  • People following or watching you
  • Unusual activities in your neighborhood
  • Damaged or tampered security equipment
  • Missing or moved personal belongings

Information Threat Warning Signs:

  • Unexpected bills or account statements
  • Unknown accounts opened in your name
  • Missing important documents
  • Unauthorized access to personal accounts
  • Strange calls asking for personal information

Multiple Choice Questions:

  1. A threat is: a) Always something that will definitely happen b) Any potential danger that could cause harm c) Only related to computer problems d) Something that only affects adults 
  2. Hacking involves: a) Helping people fix their computers b) Unauthorized access to computer systems c) Installing antivirus software d) Creating new computer programs 
  3. Malware is: a) Helpful computer software b) Harmful computer programs designed to cause damage c) Computer hardware d) Internet connection software 
  4. Phishing attempts to: a) Help people with computer problems b) Obtain sensitive information by pretending to be trustworthy c) Improve internet speed d) Install helpful software 
  5. A botnet is: a) A helpful computer network b) A network of infected computers controlled by criminals c) A type of internet browser d) A computer game 

Answers: 1-b, 2-b, 3-b, 4-b, 5-b

Homework:

  1. Research and write about one recent cyber threat that has affected people in Nigeria
  2. Create a list of warning signs that might indicate your computer has malware
  3. Design a poster warning students about phishing attempts
  4. Interview an adult about security threats they worry about most

Lesson Notes for Other Classes