Autor: Andreas Köster

Im Fach Business English wurde ein Semester lang schwerpunktmäßig das Präsentieren in Englisch geübt. Die 30 minütige Präsentation aus dem Jahr 2008 behandelt Sicherheitsbedrohungen für den PC und wie man sich als Nutzer dagegen schützen kann. Nach einer kurzen Einführung, was Wirtschaftskommunikation mit der modernen IT zu tun hat und der Vorstellung von Viren, Würmern und Trojanischen Pferden als Sicherheitsbedrohungen erläutert die Präsentation, wie man seinen Computer in fünf einfachen Schritten sicher machen kann.

Download: Präsentation IT-Security

Hello everybody and welcome to my presentation with the topic „IT-Security“.

You all know me, as the one who deals with computers. Some of you even had some questions yet. As you know, I enjoyed a professional education in order to become an IT-Systems electronic engineer, so that I have got some background information. I work as a System-Administrator and I have to deal with IT-Security. During the next 30 minutes I want to tell you about some threads and the counter-measures concerning Information and Telecommunication (IT).

I’d be glad to answer any questions at the end of the presentation because I prepared a tight structure of content.

Well, although, you are not so many students this morning I assure you that you did absolutely right to come here. You will learn a lot about IT-Security in general but you will also learn how to secure your own personal computer in 5 steps. Lets have a look at the structure…

That are the main points I’ll cover today:

I’ll start the subject of the presentation by asking the simple question: „IT-Security – what do I have to do with it?“ Because many people don’t see the need to care about this at all.

Next I will show you why IT is so important for Business Communications, in order to link the topic with our studies.

After that I will present the most occurring malware of today, which represent threats to IT-Systems. You will see what are the 3 biggest security dangers and what they do.

A very interesting point for you is the “5 step checklist” for your PC at home, not to be a victim of the threads shown before. So please pay attention to this in particular.

After the presentation everyone gets a handout with the most important facts.

The topic „IT Security“ is such a vast field, that it’s only possible to give you a slight overview. I will concentrate on the personal computer and the world wide web as the most important IT-Systems. Moreover I will concentrate on the Microsoft Windows operating system and well known software hoping that most of you can relate to it…

„What do I have to do with it?“ „I am not a big company. I have no top secret data on my computer and all I do is surfing a little bit in the internet. So I don’t think, that an evil hacker has an interest in hacking my personal computer…“

OK, congratulations. If you think this way, then you are the perfect victim!

Did you know for example that in the internet the average incubation-time of a „naked“ (unsecured) PC is currently at about 20 minutes?

Or did you know, that there are viruses, which send your stored e-mails from your computer randomly to every e-mail address stored in your computer? So your boss gets your love letters and your boyfriend gets the wrong love letters, addressed to somebody else…

And have you ever thought about the question where e-mail spam is sent out from? The answer is surprising: From your own computer, if it’s not save.

I hope, I´ve your full attention for the next slide. It shows why the Information and Telecommunication technique is closely connected to Business Communications.

Today our industrial nation live in an information society. Information and Telecommunication are basics for our society. Just imagine, you would have to be without your computer and without internet access for some days.

The wide spread and heavy use of information and telecommunication technologies in the private and in the public sector has become an essential factor for innovation and competitiveness of our society.

Let me give you some figures to this:In the first quarter of 2006 more than 61% of the private households in Germany had internet access. With the clear trend to increase rapidly.

More than 97% of the EU-companies work with computers and 93% have internet access.

It’s not any longer just the e-mail traffic. More and more E-Government, online banking and Voice-over-IP applications become normal in our days. Nearly everything in our everyday life works with or because of IT.

I hope you have an idea, how important IT is for our society. Failing IT-Systems can have very bad effects on our environment and society because nearly everything is dependent on IT-Systems.

Let me show you the improvement of new techniques and its dependence on IT-Systems with a small example:

Voice and data services are becoming more closely interlinked. One example is Internet telephony, or Voice over Internet Protocol (VoIP). In 2006 already 11% of all Germans used VoIP at home, as you can see on the bar chart on the left. Even companies used this technology, as you can see on the right bar chart. The medial is about 9%. Approximately 30% of the German companies are planning the implementation of VoIP.

This example of VoIP technologies can be a threat from the viewpoint of IT-Security. In comparison to conventional telecommunication systems (the good old telephone) its contains much higher risks. Its popularity grows, because it is cheap. But the number of attacks on VoIP systems will also increase. Since VoIP uses the infrastructure of the internet instead of the old single telephone cable, it’s not safe!

The combination of IP communication (that means data) and telecommunications (that means speech) also means that both services can be destroyed or fail at the same time. In a few years the complete voice communication will be handled over the internet by VoIP. Imagine what happened, if this global system crashed one day…

How can it crash? Now I want to show you 3 classical threats to IT Systems. Only if you know about the different types and the way they work, you can be aware of them and protect yourself.

Let’s start with the virus.

“A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user.”

You are not too wrong if you compare a computer virus and its effects on a computer to a biological virus and its effects on a human being. First you are healthy and everything works fine. Then, of course without your permission, you get infected by one. The small virus gets into you. In the beginning of the infection it’s only one single virus. But unfortunately the virus reproduces itself and spreads all over your system. You’re getting ill.

The computer virus works the same way in your computer system. More and more malfunctions will occur. Now your system itself is a virus-host and will infect other systems. The transmission can occur over a network like the internet or over removable mediums like CDs and USB-sticks.

But what exactly happens?The malfunctions are as versatile as the different kinds of viruses: Many thousands of different viruses are existing and a lot more variations of them. Every hour there are new ones with new damage routines.

If you are lucky…

harmless/joke virus: It just reports to you that it’s on your computer. With more or less funny pictures or bleeps and sounds out of your computer speakers.

But they can cause also…

unmeant damage: This can be much longer computing time (processing time), program dysfunctions and program crashes. A well known example is the windows „blue screen“, I’m sure you know.

If you are not that lucky…

data destroyment: The data on your PC gets destroyed, for example by deleting the whole harddiscdrive.

The worst case – one could also say: „If you really catched at the shit…“

hardware destroyment: Which means overlocking from the PC clock heats up the chips until they melt. Or sending extreme signals to your monitor so that it will go out of order.

As you can see, a virus can really harm you as a normal computer user.

The second enemy of the IT-Security is the so called „worm“. The worm has got some similarities to the virus. It’s also a harmful computer code which infects your system. But a worm is more nasty. It actively crawls through the network (for example the internet) into your PC. You don’t have to do anything. It finds you and enters your system quietly. Favoured doors for worms to come in are file-sharing services, instant messaging and chats or just animated websites.

The worst thing about internet worms is the speed of spreading all over. If a new worm fits exactly to a security lack of a widely used software, it can infect millions of PCs all over the world within hours.

So happened in 2001 with the so called „W32.Blaster“ worm, also known as „Lovesan“. It exploited a security lack of Windows and affected about 9.5 million computer world wide after a few hours. The worm spread with the time zones over the world wide web. The economic damage through crashed PCs, servers and networks went up to several millions of US $.

Now let’s come to the third and in nova days most important threat to IT systems: the Trojan horse. If you think of the classical Greek story with the wooden Trojan horse, you are absolutely right! Because, Trojan horses are programs which are active on computers without the knowledge of the owner. The trojan secretly executes malfunctions. In comparison to a virus it can’t reproduce itself and it tries to remain undetected as log as possible. It’s a malware which is masked by a “useful” application. It comes as an assumed “virus-doctor” or “download manager”, but spies on your data. For example by logging your keyboard-input and sending your passwords over the internet. Or the trojan installs a backdoor program, which makes it possible that someone other in the internet can access you data or control your PC remotely. Just think of your private e-mails and your home-banking account…

It is also the most important threat because of a second reason: The occurrence of Trojan horses rose heavily during the last years. Today trojans build more than 50% of the whole malware occurrence at all. Therefore it’s an enormous danger also for your own personal computer at home.

That leads us to the last and perhaps for you most interesting part of my presentation.

It deals with the protection of your little computer against the evil powers of the internet. I’ve prepared a summary of 5 easy to follow steps to secure your IT-System.

Here we go:Step 1, because it’s the most urgent one, is to install an antivirus software. By scanning your system permanently and updating the most recent virus information, malware will be found and deleted from your system. I personally made very good experiences with the software „AntiVir Personal“. The Logo is a little red umbrella. Very good is the automatic daily update of the software, so that even the newest viruses, worms and other malware can be detected. AntiVir is active in the background at every time and scans the system. It works very stable without taking too much processing resources. Remarkable is that this software is freeware for private users. It doesn’t cost you anything, so there is no reason to hesitate. Simply download it and install it!

In fact the antivirus software is not good enough.

The second step covers a lot of sub steps at one time. You have to go to http://update.microsoft.com and download the newest security updates for your Windows. These updates will fix a lot of security lacks and prevent system crashes. Only updates required for your special system will be downloaded. At the first time you do so, this process can take a couple of minutes up to one hour. The next updates will not take that much time.

I want to mention that it is a myth that Microsoft spies on your computer. Some people say that they would screen the computer or download files. I’m sure it isn’t true. A lot of Microsoft critical organisations like for example the CCC (chaos computer club) supervises Microsoft. They would immediately bring it up if Microsoft would did so. What I want to say is: Please believe in Microsoft. Being depended from this company is better than being depended from malware, I’m sure.

After updating your system switch the button on “automatic” on the website.

Now you already closed some open doors of your computer.

That brings us to step 3 of 5. It would be the best if malware could not enter your PC at all. This „blocking“-action is performed by a firewall. A firewall is a software which covers your PC. Without it the PC is “naked” and unsecured. Metaphorically it builds up a wall against the fire outside in the internet and protects you.

How this task is technically managed by the firewall is very complicated, I can tell you. Fortunately you don’t have to understand it, just use it. Most of the work for step 3 you did already in the step before, in step 2 – that’s great isn’t it?!

It went the following: By updating your Windows, the Servicepack 3 for Windows has been installed. The Servicepack is a compilation of many security updates and comes with an integrated Windows firewall.

You have to do the following to see the Security Center as the overview of the IT-Security of your PC:

Click on „Start“ in the left corner in the start bar at the bottom of your desktop. Then click on „Settings“ and „Control Panel“. In the „Control Panel“ you just see the Security Center and can enter by a double click.

Don’t worry, you can look up all the steps later. I will send you the presentation by e-mail…

What you see now is the complete achievement of step 1 to step 3. Firewall, Automatic Updates and Virus Protection is shown as green so „OK“. Well done, but there are some more possibilities to keep malware away.

Security step 4 is a simple but effective trick to avoid that a virus takes control over your system. You have to know, that everything depends on the user rights you have. How you are logged on the computer? Are you running the computer as a computer administrator, with all the rights? Or are you running the computer as a limited account, with limited rights? In any event it’s much more secure to surf in the internet with a limited account. In this way also the potential malware has only limited rights and can’t harm your PC. That’s all.

So you should check and perhaps change your settings the following way:

Go to the „Control Panel“ like you did in step 3. There you’ll also find the icon „User Accounts“ like here on the picture. I always recommend to set up two different accounts: One limited account without password for every day jobs like surfing, mailing, typing and so on.

And a second account as a computer administrator with unlimited rights and a password. With that account you just log on, if you want to install software, change the system and do other administrative jobs.

OK, I acknowledge that my security steps might be some work. But this 4th step can prevent you from big trouble and much more work.

Last but not least, I’ve to tell you that IT-Security mainly depends on your own behaviour. So step 5 is not an additional program, which is installed and everything works well. Please feel responsible for IT-Security like you feel responsible for so many other things of today’s life.

That means, that you never open an e-mail from an unknown sender! Spammers often let the subject-field of the e-mail empty or name it in a way to wake up your interest. Even to open a spam mail can let the malware in. For that reason you should also disable the preview window in your e-mail client. Because already for that preview the spam is opened. I hope it’s self-evident, that you don’t execute files or type in your PIN and TAN because of an unknown e-mail. If you do so, I can’t help you anymore

Please don’t type in secret access information in an external computer! It’s definitely no good idea, to do online-banking or e-mails from a computer in an internet café. Malware could spy it out or a keylogger and could send it to a hacker.

If you absolutely can’t resist in doing so, at least delete the temporary files out of the browser after it. Otherwise you can also left a note with your access information at the desk of the internet café

It’s recommended to only use strong passwords. “start123” is not a strong password! You have to know, that the first 10.000 most obvious and simple passwords are checked by malware programs within milliseconds. Also don’t store your passwords in a digital form in your computer, because it can be spied out.

Naturally there are hundreds and hundreds of more rules. But time is running out. At the end of my presentation (I know attention arises again now) I want to mention one very important step of IT-Security: Please make backups of your important files!

The harddiskdrive of your computer is a very complicated and sensitive hardware. Even without any malware it can crash at every time theoretically. I have seen lots of people cry because they documented their lives with digital pictures on their computer – without a single copy of it. So it’s just a matter of time when the hardware will stop working. Other ones saved an antiquated version of their Bachelor Thesis over the recent one and cried because of that. So my last big demand to you is to make backups regularly. If you have a backup it’s not as bad as all that.

I really hope, you now pay a bit more attention to the Topic “IT-Security” than before. I whish you an anytime secure IT-System.