Тема 2. DATA SECURITY

1. Make sure you are familiar with these words and phrases:

Security; awareness; overabundance; report; data; cyberspying; cybersecurity; hacker; network; intruder; prevention; password; cracker; inspire; survey.

2. Before you read the text below, discuss these questions:

1. Why is security so important on the internet?

2. What is a “hacker”?

3. How easy do you think it is to infiltrate the Internet and steal sensitive information?

4. In what ways can a virus enter a computer system?

5. How many ways can you think of to make the data in a computer secure?

Now read the text and check your answers.

Computer hacking – high-tech crime

Expectations of security are being brought back down to earth, according to a CyberEdge threat survey. A common refrain among security professionals goes like this. There are three kinds of companies in the world: those that know they’ve been hacked, those that have been hacked and don’t yet know it and those that expect to be hacked soon.

The 2015 year’s digital security outlook doesn’t exactly inspire hope: The survey found that 52% of respondents believe they’ll “likely” be hit by a successful cyber attack this year, up from 39% last year. And even more respondents, 71% of them, admit that they fell victim to a successful cyber attack in the prior year.

Lack of investment in security is still cited as one of the defenders’ main hurdles, along with low security awareness among employees and an unwieldy overabundance of data.

A report from McAfee found almost 90% of small- and medium-sized business in the US do not use data protection for company and customer information, and less than half secured company email to prevent phishing scams.

This is an expensive mistake. Cybercrime and cyberspying cost the US economy $100bn a year and the global economy about $300bn annually, according to the Center for Strategic and International Studies.

However, there has been a marked increase in spending on information security in small businesses.

A survey by accounting firm EisnerAmper showed 62% of company directors cited cybersecurity and IT risks as an important concern, up from 53%.

As the cost of hacking attacks continues to rise, businesses have been forced to increase spending on network security. However, hackers have also developed new skills that allow them to break into more complex systems.

"Hacker" is a loose term and has different meanings. Originally, all computer enthusiasts and skilled programmers were known as hackers, but during the 1990s, the term hacker became synonymous with cracker – a person who uses technology for criminal aims. Nowadays, people often use the word hacker to mean both things. In the computer industry, hackers are known as white hats and crackers are called black hats or darkside hackers. Generally the term "hacker" is someone who breaks into computer networks for the happiness he gets from the challenge of doing it or with some other intentions like stealing data for money or with political motivations. Hackers are classified into different types:

- White Hat: A White Hat hacker is a computer network security professional and has non-malicious intent whenever he breaks into security systems. Often White Hat hackers are employed by companies and organizations to check the vulnerabilities of their network and make sure that no hole is available in their network for an intruder.

- Black Hat: A Black Hat hacker, also known as a cracker, is a computer professional with deep knowledge in Computer Networking, Network Protocols and System Administration. A Black Hat hacker always has malicious intention for intruding a network, for example, to steal research data from a company, to steal money from credit cards, hack Email Accounts etc.

- Grey Hat: A Grey Hat hacker is someone who is between White Hat hacker and Black Hat hacker. Grey Hat normally does the hacking without the permissions from the administrators of the network he is hacking. But he will expose the network vulnerabilities to the network administrations and offer a fix for the vulnerability for money.

- Script Kiddie: A Script Kiddie is basically a hacker amateur who doesn’t has much knowledge to program tools to breaks into computer networks. He often use downloaded hacking tools from internet written by other hackers/security experts.

- Hacktivist: A Hacktivist is a hacker with political intentions. The primary intention of an hacktivist is to bring public attention to a political matter.

- Phreaker: Phreaker is a telecom network hacker who hacks a telephone system illegally to make calls without paying for them.

Hackers that create viruses, logic bombs, worms, and Trojan horses are involved in perhaps the most malicious hacking activities. One in four hackers online might even be working for the US government. For example, when the United States wanted to sabotage the Iranian nuclear program in 2009, it hacked a development facility and unleashed the most dangerous computer virus the world has ever seen. Stuxnet caused the Iranian lab computers to spin centrifuges out of control.

As with everything else, hackers start young in the States. In 2012 indictments against six hackers were unsealed in New York; two of the six are under age 20. The youngest was just 15. In some hacking circles, 15 would be considered middle-aged. Markus, a young German hacker was 13 when he began cracking the code on computer games. His own hard drive was too small to store all the games he had pirated, so this gifted yet introverted middle-class boy started hacking company servers across the world.

Most companies realise now that prevention is probably easier than detection. Many big name companies have started snatching up hackers to try to develop their talents for safe and legal use. They hire security consultants who analyse the risks and provide solutions. The most common methods of protection are passwords for access control, firewalls, and encryption and decryption systems.

There are plenty of software companies who specialise in writing software that make computers hacker-proof. One company in the States set out to prove that its system can defeat hackers by asking over 2,000 of them to try to hack in. The hackers were given two weeks to discover the secret message stored on two РCs in offices in New York and San Francisco. The message reads: 'The persistent hunter who wins his prize sooner or later becomes the hunted'. You’ll be relieved — or perhaps disappointed — to learn that not one hacker managed it.

Study the vocabulary list:

security n- безопасность

hack v– взламывать

respondent adj- опрашиваемый (при анкетировании и т.п.); отвечающий на запрос; респондент

phishingscam n- фишинг (разновидность интернет-мошенничества; незаконное получение информации, позволяющей совершить "кражу личности") identitytheftphishing (e-mail) letter — фишинговое (электронное) письмо, письмо-приманка (заманивает пользователей на сайты, созданные кибер-мошенниками с целью получения конфиденциальных данных о паролях и кодах доступа)

hurdle n– барьер, препятствие

awareness n- осведомленность

overabundance n- избыток

protection n- защита

increase v– увеличивать, увеличение

skills n– навыки, умения

loose term – широкий термин

skilled adj- квалифицированный

steal v- красть

intention n- намерение

malicious/non-malicious adj– злонамеренный/ незлонамеренный

deep knowledge – глубокие знания

research n- исследование

intrude v- вторгаться

permission n- разрешение

vulnerability n- уязвимость

downloadv– скачивать, загружать

worm n- червь (программа, самостоятельно распространяющая свои копии по сети)

cause v– вызывать, быть причиной

prevention n- предотвращение

detection n– выявление, обнаружение

firewall n- межсетевой экран, брандмауэр, защитная система, [сетевой] заслон, "огненная стена"

encryption n- кодирование

decryption n- расшифровка

1. Practise reading the following words and collocations.

a) Survey; expectations; security; threat; inspire; respondents; successful; victim; report; cybercrime; cyberspying; synonymous; intention; permission; worms; indictment; unseal; password; firewalls; encryption; decryption; disappoint.

b) Cyber attack; main hurdles; medium-sized business; data protection; customer information; hacking attack; network security; loose term; darkside hackers; stealing data; non-malicious intent; deep knowledge; malicious intention; intruding a network; a hacker amateur; security experts; create viruses; a developed facility.

c) Lack of investment; low security awareness; unwieldy overabundance of data; prevent phishing scams; computer enthusiasts and skilled programmers; to check the vulnerabilities of their network; available in their network for an intruder; to steal research data; to expose the network vulnerabilities; downloaded hacking tools; unleash the most dangerous computer virus; to spin centrifuges out of control; snatch up hackers; for safe and legal use; the most common method; discover the secret message.

2. Find in the text English equivalents for the following.

Согласно исследованию; успешная кибер атака; недостаточное инвестирование; главные препятствия; переизбыток информации; среди работников; защита данных; предотвращать выуживание; квалифицированные программисты; более сложные системы; были известны как хакеры; синонимичный; для преступных целей; компьютерная индустрия; взламывать компьютерные сети; вызов; другие намерения как кража денег; политическая мотивация; злобное намерение; взламыватель; уязвимость сети; взламывать код от компьютерных игр.

3. Give the most suitable Russian equivalents for the following expressions.

Break down to earth; a common refrain; digital security; inspire hope; respondents; successful cyberattack; fall victim; lack of investment; main hurdles; low security awareness among employees; medium-sized business; data protection; prevent phishing scams; expensive mistake; the cost of hacking attacks; increase spending on network security; develop cyberspying new skills; a loose term, cracker; criminal aims; intentions like stealing data for money or with political motivations; network vulnerabilities; a hacker amateur; program tools; bring attention to a political matter; malicious hacking activities; dangerous computer virus; prevention is easier than detection; encryption and decryption systems; plenty of software companies.

4. Match the following words and phrases to make complete expressions from the text.

computer

skilled

information

criminal

malicious

computer

loose

software

encryption

create

company

industry

professional

term

viruses

system

security

aims

intention

programmers

downloaded

steal

prevent

low

expose

steal

discover

the cost

plenty

malicious

the network

hacking

research

the secret

of hacking

of software

hacking

phishing

security

research

data

message

scams

vulnerabilities

tools

data

attacks

awareness

companies

activities

5. Match the following words with their opposites in the brackets.

Criminal, ignorant, encryption, safe, protect, skill, employees, lack, increase, easy, reducing(dangerous, enlarging, attack, employers, legal, difficult, decryption, abundance, incompetence, decrease, aware of).

6. Consult the dictionary and give the Russian equivalents for the following:

Virtual: virtual address; virtual circuit; virtual screen; virtual disk; virtual image; virtual machine; virtual storage; virtual reality.

Control: controlled vocabulary; to gain control of a business; to lose control of a business; out of control; quality control; under control; stock control; control block; control computer; control key; control program for microcomputers.

Error: error code; error correction; error detection; error logging; error message; error rate; execution error; by error; margin of error; scanning error; syntax error.

7. Match the following words with the correct definition from the list below:

Piracy, phishing, cyber stalking, plagiarism, IP spooning, to hack

1. Online harassment or abuse, mainly in chat rooms or newsgroups.

2. The illegal copy and distribution of copyrighted software, games or music files.

3. Making one computer look like another in order to gain unauthorized access.

4. To break into a computer system for criminal purposes.

5. Getting passwords for online bank accounts or credit card numbers by using emails that look like they are from real organizations, but are in fact fake; people believe the message is from their bank and send their security details.

6. Pretending that someone else’s work is your own.

8. Complete the sentences with the words from the box.

Hacker, spyware, decryption, password, encryption, freeware, viruses, firewall

1. Users have to enter a …… to gain access to a network.

2. A …… protects a company intranet from outside attacks.

3. A …… is a person who uses their computer skills to enter computers and network illegally.

4. …… can infect your files and corrupt your hard drive.

5. You can download …… from the Net; this type of software is available free of charge but protected by copyright.

6. Encoding data so that unauthorized users can’t read it is known as …….

7. This company uses …… techniques to decode (or decipher) secret data.

8. Most …… is designed to obtain personal information without the user’s permission.

9. Study these instructions for virus-checking a disk. Fill in the gaps with verbs from this list. Use “Don’t” where appropriate.

Click, exit, put, select, start

1………. the disk into the drive.

2………. the virus checking program.

3………. the drive to be checked.

4………. the “Find” button.

5………. The program until the check is complete.

6………. “Yes” or “No” for checking another disk.

10. Translate into Russian.

1. If your PC is infected with a virus, your data is at risk. 2. Anti-virus software removes a virus from a file. 3. Software manufacturers try more and more sophisticated methods to protect their programs and the hackers use equally clever methods to break into them. 4. The hackers used their own software to break into the credit card centre. 5. Sometimes a program can grab all the available even if it is not going to use it. 6. The sales teams do not have much confidence in their manager. 7. I will show you the report in confidence. 8. The offences led to the arrest of 9 teenagers who were all charged with computer fraud. 9. The user cannot gain access to the confidential information in the file without a password. 10. By reformatting you will wipe the disk clean. 11. The detection of the cause of the fault is proving difficult. 12. The whole system crashed and stock movements were not possible. 13. If your disk is crash-protected you will never lose your data. 14. Joysticks are most used for computer games and CAD or desktop publishing packages. 15. Almost all Windows programs have a menu-bar that starts with the word ‘File’, which if you select it displays the options that include Open, Save and Exit. 16. The pull-down menu is viewed by clicking on the menu bar at the top of the screen.

11. Answer the questions.

1.What does the survey of data security show?

2. Why is data security important?

3. What does the term “hacker” generally mean? Who was considered to be a “hacker” in the past and who is a “hacker” nowadays?

4. What is a cracker?

5. What are the types of hackers? Tell about them.

6. What examples of hacking attacks are mentioned in the text?

7. How can you protect your computer from viruses and spyware?

8. What is the middle hacker’s age nowadays?

9. What do most companies do to make their data secure?

12. Say if the statements are true or false.

1. The 2015 year’s digital security survey showed that a large part of respondents (71%) had fallen victims to a cyber attack.

2. Most small and medium-sized companies don’t protect their data against hacking attacks as they don’t need it.

3. Investment on data security in small business increased.

4. Nowadays a hacker is the same as a cracker.

5. People who use technology only for criminal aims are called hackers.

6. A hacker who has non-malicious intention is called White Hat.

7. A programmer which does hacking without permission from the administrators of the network is called Black Hat/

8. A Script Kiddie is a hacker with political intentions.

9. Most companies realise that that detection is easier than prevention.

10. There are some companies who specialise in writing hacker-proof software.

13. Say what you have learnt from the text about

1. Data security

2. Types of hackers

3. Ways of protection against viruses

14. Read and translate the dialogue between an interviewer and Diana Wilson, a member of the Internet Safety Foundation. Choose the right variants. Act the dialogue.

1. Parents should make children aware of

a) the benefits and risks of the internet.

b) the risks of the internet.

2. A web filter program can be used to

a) prevent access to sites with inappropriate content.

b) rate web content with labels (similar to the way movies are rated)

3. If kids spend too much time or suffer from internet addiction, parents should

a) stop them using the internet

b) look for help from specialists.

Journalist: The Internet is a great resource for kids, but some parents are concerned about the presence of “indecent” material. Can the Internet be dangerous for children?

Diana Wilson: Well, the Net obviously brings a lot of benefits for education and entertainment, but it’s not always a friendly place. We’ve all heard of things like the manipulation of children, invasions of privacy, distribution of indecent or offensive material, violence, and racist propaganda.

Journalist: And what sort of precautions should parents take?

Diana Wilson: It’s impossible for parents to be with their children at every moment. But there are plenty of websites aimed at children, and some programs can help parents control information. But this is no substitute for education. It’s the parents’ role to make their children aware of both the benefits and the risks of the Internet.

Journalists: And what else can parents do? I mean, are there any technological solutions?

Diana Wilson: Yes, web software companies have developed filtering programs that let parents block objectionable websites and restrict access to specific aspects of the Net. Some organizations have also proposed that websites should rate their content with a label, from child-friendly to over-18 only. Other people argue that internet ratings aren’t good, because they limit free expression on the Net.

Journalist: That’s obviously a very controversial topic. What about internet addiction? What can parents do if their children spend too much time online?

Diana Wilson: Well, if they’re obsessed with games or spend too much time online that their lives are affected negatively, parents should establish a balance between internet use and other activities. When there are strong signs of Internet addiction, they should consider seeking professional help.

15. TranslateintoEnglish.

1. Вопрос о сетевой безопасности является чрезвычайно актуальным в наше время. Практически каждая компания либо уже пострадала от кибер атак, либо является потенциальной жертвой. 2. Большинство специалистов по компьютерной безопасности утверждают, что чаще всего взломы и кражи становятся результатом небрежной кадровой политики фирмы. 3. Поскольку стоимость последствий хакерских атак продолжает расти, предприятия вынуждены увеличить расходы на сетевую безопасность. Однако, хакеры научились проникать и в более сложные системы. 4. Не смотря на то, что в последнее время слово «хакер» встречается очень часто, нет единого мнения относительно того, кто такие хакеры. 5. Чаще всего со словом «хакер» ассоциировался специалист, обладающий очень высокой квалификацией в области компьютерной безопасности, но в течение 1990-х годов, термин «хакер» стал синонимом «взломщика» - человека, который использует технологии для преступных целей. В настоящее время, люди часто используют слово хакер в обоих значениях. 6. Некоторые авторы называют хакерами тех, кто пытается взломать защищенные системы для того, чтобы затем сформулировать рекомендации по совершенствованию их защиты. Другие называют хакерами только «компьютерных асов», использующих свои знания в преступных целях. 7. Существуют разные виды хакеров: белые шляпы, черные шляпы, серые шляпы, фрикеры, хактевисты, кардеры и др. 8. Кардер - человек, производящий незаконные операции с кредитными карточками других лиц для использования денег, снятых с карточки, в личных целях. Существует два вида кардеров: интернет-кардеры, которые работают только с информацией, и реальные кардеры, которые работают с пластиковыми клонами кредитных карт. 9. К основным вредоносным программам, которые используют хакеры, относятся компьютерные вирусы, сетевые черви, троянские программы, программы показа рекламы и программы-шпионы, хакерские утилиты. 10. По величине вредных воздействий вирусы делятся на: неопасные, влияние которых ограничивается уменьшением свободной памяти на диске, графическими, звуковыми и другими внешними эффектами; опасные, которые могут привести к сбоям и «зависаниям» при работе компьютера; очень опасные, активизация которых может привести к потере программ и данных, форматированию винчестера и т.д. 11. Наиболее распространенными методами защиты являются пароли для контроля доступа, межсетевые экраны, а также шифровка и дешифровка систем. 12. Современные методы шифрования данных опираются на технику, называемую шифрование с открытым ключом.

16. Work in groups. Discuss the following questions:

1. Which crimes are the most dangerous?

2. Is it fair or unfair to pay for the songs, videos, books or articles that you download? Should copyright infringement be allowed online?

3. What measures can be taken by the government to stop cybercrime?
4. Do you think government have the right to censor material on the internet?

5. Personal information such as our address, salary, and civil and criminal records is held in databases by marketing companies. Is our privacy in danger?

17. Write the summary of the text “Computer hacking – high-tech crime”. Follow these steps:

1. Read the text again.

2. Underline the relevant information in each paragraph.

3. Make notes about the main points. Leave out details such as examples. 4. Make sentences from the notes and link the sentences with connections (and, but, because, therefore, etc).

5. Write your first draft.

6. Improve your first draft by reducing sentences. For example:

- Cut out unnecessary phrases.

- Omit qualifying words (adjectives, modifying adverbs)

- Transform relative clauses into –ing participle clauses.

7. Write the final version of your summary. Don’t forget to check the spelling and grammar.

UNIT 7. DATA SECURITY