Backgrounders

Introduction to Cybersecurity

Secure computer

Secure laptop (Jane_Kelly, iStockphoto)

Secure computer

Secure laptop (Jane_Kelly, iStockphoto)

Computer Science Technology & Engineering
5.7

Learn the basics of cybersecurity and how to keep your information safe from hackers.

Let’s start by thinking of a diary, if you have one. A diary is a place where people write down day to day events and, sometimes secret, thoughts. It may also be a place where you could stash a bit of cash. You wouldn’t want just anyone to be able to pick it up and read your diary! You would want to do things to keep it safe. You could put a lock on it. You could hide it in your closet or under your bed. Maybe you could even write super secret entries in code. That way, someone from your household could not read it!

Cybersecurity is a lot like protecting a person’s diary. Cyber means anything to do with computers. This includes devices like your phone or your tablet, and the internet that connects them together. Cybersecurity is about keeping your online stuff, like your personal information and your money, safe from people who want to steal it.

Much like a diary, people use the internet to store their personal information. This includes:

  • Passwords to websites;
  • Their real names, addresses, and phone numbers;
  • Their driver’s license, health insurance, or social insurance (SIN) numbers; and
  • Their banking information and money.
Shown is a colour illustration of a computer screen filled with personal information, surrounded by identity cards, files, letters, and a smartphone.

People have a lot of personal information online (Let’s Talk Science using an image by VectorHot via iStockphoto).

Image - Text Version

Shown is a colour illustration of a computer screen filled with personal information, surrounded by identity cards, files, letters, and a smartphone.

The screen shows passwords, a credit card, a QR code, and other information and photographs. To the left is an orange file folder icon with video and image icons above. In the lower left corner is a driver's licence or ID card. In the lower right corner is a smart phone with personal information on the screen. Above is a blue envelope with a letter tucked inside.

There are people out there who steal personal information. They use this information to steal money and even pretend to be you.

Imagine if a sibling took entries from your diary and used the information to pretend to be you. They could do some really embarrassing things! People can do the same things with your online information. Unlike your sibling, though, they can pretend to be you in order to steal money. They do this by using your information to get credit cards, buy things, get loans, etc. We call people who break into computer networks to steal personal information, or to do other damage, hackers. When hackers try to steal your information online, it’s called a cyber attack.

Shown is a colour illustration of a person standing behind a laptop computer in a darkened room, pointing to the screen.

Person looking to steal personal information (Source: MarrieVisual via iStockphoto). 

Image - Text Version

Shown is a colour illustration of a person standing behind a laptop computer in a darkened room, pointing to the screen.

The illustration is in shades of teal and dark blue. It is dark, and the only light comes from the computer screen. The person is wearing a dark hoodie that hides most of their face. They are pointing to a window on the screen that shows a personal profile with a user name and password. Next to this is the back of a credit card. Behind the person are lists of information and an email icon.

It’s not just you who is at risk of a cyber attack, either. Companies are often the targets of cyber attacks. This is because they have a lot more information or money to steal than a single person. Imagine if someone were to hack into McDonalds. There’s a lot of mischief that could be done with that information. They could change the menus to things, like slug burgers and bug nuggets. They could lock out the managers so that no one could order new supplies like burger patties or buns. They could also steal a lot of money.

There are many different ways that hackers can try to steal your personal information and money. Here are three of the most common.

Malware covers all sorts of computer programs that are designed to steal your stuff. We usually call these programs computer viruses. Computer viruses work like the viruses people can pick up. They get into computer systems, make tons of copies of themselves, and cause all sorts of problems.

Hackers use malware to make it easier to steal things from computers, phones, and tablets. Once a virus is inside your computer, the hacker can use it to steal passwords and other information.

Shown is a colour illustration of a magnifying glass in front of a computer monitor, showing a virus particle.

Illustration of a computer virus (Let’s Talk Science using an image by Irina Griskova via iStockphoto).

Image - Text Version

Shown is a colour illustration of a magnifying glass in front of a computer monitor, showing a virus particle. 

The magnifying glass is in the centre of the image. It shows a round, blue shape with spikes and dark blue spots. The screen behind it is red, with more, similar particles. Above the screen, on a blue background, are layers of open computer windows, piled on top of each other. There are also a red error icon with a red X, and a yellow, triangular warning icon with an exclamation point.

Phishing refers to the ways that hackers may pretend to be someone else.

Imagine if there was a knock at your bedroom door. Someone who sounded like one of your parents asked you to slide your diary under the door. It’s probably one of your siblings pretending to be your parent to try to get you to hand over your diary.

Hackers are often more sophisticated than this. They can do things like set up fake websites that look like the real thing or pretend to be your bank. They can also pretend to be your friends and family.

Shown is a colour illustration of a person holding a mask, sitting at a laptop computer.

Person pretending to be someone else online (Let’s Talk Science using an image by useng via iStockphoto).

Image - Text Version

Shown is a colour illustration of a person holding a mask, sitting at a laptop computer.

The person has a dark purple face with a smirk. They are dressed in a grey and black jacket, toque, and dark sunglasses. Their right hand is on the keyboard. They are holding a mask on a stick in their left hand, close to their face. The mask shows a friendly, smiling, bright pink face.

Above the laptop is a wifi symbol and small images of credit cards, passwords, a file folder, a letter, and a padlock.

Imagine if someone got ahold of your diary. Instead of telling others your secrets, they ask you to pay to get it back. Hackers also do this sort of thing. When they do, we call it a ransomware attack.

There are two kinds of ransomware attacks. Imagine if someone rewrote your diary in a language you did not understand. They then asked you to pay to turn it back to how it was before. That kind of attack is called an encryption attack.

Now imagine the person who stole your diary, put a new lock on it, and made you pay to get the key. That kind of attack is called a locker attack.

Shown is a colour illustration of a person emerging from a laptop screen, holding a key near a stack of money.

A locker attack (Let’s Talk Science using an image by muberraturan via iStockphoto).

Image - Text Version

Shown is a colour illustration of a person emerging from a laptop screen, holding a key near a stack of money.

The person is dressed in a dark blue hoodie, and their face is in complete shadow. They are reaching out across the keyboard with a gold key. A purple arrow curves out from their arm into the space in front of the computer. A stack of bills sits on the other side of the keyboard. Another purple arrow points from here, back into the screen.

Everyone has a responsibility to keep hackers from stealing your information and your money.

  • The government is responsible for passing laws against hacking. They also need to figure out how to prevent hacking in important government systems we use.
  • Companies have a responsibility to make sure their customers' information and money isn’t stolen by hackers.
  • Most of all, though, the responsibility falls on you to make sure you aren’t letting hackers take your information.

There are some important and easy ways you can keep the hackers out.

Use strong passwords

You probably already use passwords for all sorts of things, but have you thought about how easy those passwords are to guess? Don’t use a password like “password” or “123456.” There are programs that can make super strong passwords that hackers would almost never figure out. Don’t use the same password for everything, either. Every password should be unique and it should be changed periodically.

Don’t give out your passwords

The only person who should know your password is you. Websites and companies will never ask you for your password. Anyone who does is probably a hacker looking to break in and steal information.

Shown is a colour illustration of three password boxes with indications of weak, medium and strong, on a scale below.

Examples of weak, medium and strong passwords (Let’s Talk Science using an image by vectortatu via iStockphoto).

Image - Text Version

Shown is a colour illustration of three password boxes with indications of weak, medium and strong, on a scale below. 

The first password reads, "12345". This is labelled "Weak", with a red bar at the left end of the scale.

The second password reads, "17Blurp". This is labelled "Medium", with a yellow bar in the centre of the scale. 

The third password reads, "X3a%wy9<6". This is labelled "Strong", with a green bar on the right end of the scale.

Use Two-Factor Authentication (2FA)

Two-factor authentication means that you have to do two things to access your account. First, you have to put in the correct password. Then the website or program will email or text you an authentication code that you have to then type in. This means that unless a hacker has your phone or access to your email account, they won’t be able to get into your account even if they guess your password.

Shown is a colour illustration of a laptop with a login screen, an email with a verification code, and the same code next to a padlock.

Example of two-factor authentication using email (Let’s Talk Science using an image by Artur Charkin via iStockphoto).

Image - Text Version

Shown is a colour illustration of a laptop with a login screen, an email with a verification code, and the same code next to a padlock.

The laptop screen has a profile picture, boxes for username and password, and a login button. To the right of the computer is a vertical blue rectangle with a yellow envelope email icon above. It reads "5326: Verification Code." To the left of the computer is a horizontal purple rectangle with an image of an open green padlock, and a white text bubble reading "5326."

Keep up to date

You’re right in the middle of texting your friends when your phone tells you it needs to restart to do an update. You might be tempted to skip it, but those updates often fix security holes that hackers can use to steal your stuff. Always do your updates as soon as possible!

Shown is a laptop computer with the word Updating... on the screen with a wheel icon and a bar filling from left to right.

Computer undergoing updates (Let’s Talk Science using an image by ST.art via iStockphoto).

Image - Text Version

Shown is a laptop computer with the word "Updating..." on the screen with a wheel icon and a bar filling from left to right.

The screen is blue, with a circle of dots in the centre. These are white at the top and get darker blue moving clockwise. Below is the word updating followed by three dots. Across the bottom of the screen is a bar. Three quarters of the length is white, while the rest is pale blue. 

The space around is green, with a potted plant, a cup of pencils, and two sticky notes.

If you are not sure - don’t click!

If you don’t know who is sending you a link, don’t click it! Hackers will often use links to put malware on your device or to trick you into handing over your passwords. We call this clickbait. Clickbait often appears in emails and social media. A good rule of thumb is, if something seems weird, or too good to be true, it probably is. For example, if you got an email from your teacher with a link to a rude joke, it’s probably not from them. Make sure you know what you’re clicking on!

Shown is a laptop with a button labelled Enter to Win on the screen.

Contest buttons are often clickbait (Let’s Talk Science using an image by Oleksandr Hruts via iStockphoto).

Image - Text Version

Shown is a laptop with a button labelled "Enter to Win" on the screen. 

The screen is white, and the button is large in the centre. A hand-shaped cursor icon hovers over the button, with lines radiating from the finger. 

The background is purple with a pattern of gold lines forming concentric circles.

Use antivirus software

Using anti-virus software is like getting a flu shot or other vaccination. Antivirus software makes it very difficult for a virus to infect your device. Don’t forget to update this software too. Hackers are always working on new viruses, so you have to make sure your antivirus software is up to date.

Shown is a desktop computer monitor with a crest containing a green checkmark.

Antivirus software (Let’s Talk Science using an image by filo via iStockphoto).

Image - Text Version

Shown is a desktop computer monitor with a crest containing a green checkmark.

The screen is black with an official-looking badge-shaped crest in the centre. White lines around the computer indicate it is bright, or clean. Line drawings of virus particles are sprinkled across the yellow background.

Back it up!

Imagine if someone stole your diary and wanted money to give it back. Now imagine telling them “Keep it, I have another copy.” If you back up your stuff to another place, like Google Drive or another cloud storage site, you can replace your files if you experience a ransomware attack. Unfortunately, backups won’t work for sensitive information such as bank accounts and other personal information.

Shown is a colour illustration of a laptop computer with a cloud icon containing a circular arrow.

World Backup Day is March 31 (Let’s Talk Science using an image by Betka82 via iStockphoto).

Image - Text Version

Shown is a colour illustration of a laptop computer with a cloud icon containing a circular arrow.

The screen is white with a blue icon in the centre. Below are the words "World Backup Day March 31," in large capital letters. In the background, a world map is illustrated in pale blue.

Did you know?

World Backup Day is March 31.

At the end of the day, the only person you can rely on to keep your stuff safe is you. By following tips like the ones above, you can make it much less likely that a hacker will be able to steal your online information or your money.  

Learn More

Defend The Crown
This cybersecurity tower defense game from the U.S. Cybersecurity & Infrastructure Security Agency provides a fun and informative way for students to learn about cybersecurity issues and how to defend against them.

The Missing Link
This browser-based game, from the Technology Services department of Texas A&M University, is a “cybersecurity mystery” that challenges the player to solve a disappearance based on following clues gathered through learning about good cybersecurity practices.

Cybersecurity Lab
This simulation, from PBS Nova Labs, challenges the user to implement good cybersecurity practices at a brand-new start up website.

An Introduction To Cybersecurity Careers (2018)
This video (6:41 min.) from Infosec provides an overview of the career options available in cybersecurity.

The Secret Lives Of Hackers (2014)
This video (3:08 min.) from PBS Nova Labs, discusses what hacking is, who does it, and why it occurs.

That’s A Real Job! Ethical Hacker (2018)
This video (0:47 min.) from Let’s Talk Science introduces ethical hacking (sometimes called “white hat hacking”) as a career option for students interested in cybersecurity.

References

Berkeley Information Security Office (n.d.). Top 10 Secure Computing TipsUC Berkeley.

Canadian Centre for Cyber Security (August 2022). Don’t Take The Bait: Recognize And Avoid Phishing Attacks.

Cisco (n.d.). What Is Malware?

Cybersecurity and Infrastructure Security Agency (n.d.). Ransomware: What It Is And What To Do About It.

Cybersecurity and Infrastructure Security Agency (Nov 14, 2019). What Is Cybersecurity?

IBM (n.d.). What Is Cybersecurity?

Kaspersky (n.d.). Ransomware Attacks and Types - How Encryption Trojans Differ.

Patterson, N. (Jul 21, 2022). What Is Cybersecurity And Why Is It Important? Southern New Hampshire University.

Redins, L. (Oct 5, 2022). Cybersecurity: Who Is Responsible? Cybersecurity Guide.

Related Topics

Cybersecurity
Emerging Technology
Sections