(set:$name to (prompt:"Enter your name: ", ""))(set: $history to (history:))Hi $name, Welcome to this cybersecurity training! During this training, which should take about (colour: #1E90FF)[**20 minutes**], you will be presented with cybersecurity content, while being quizzed periodically on the content. (colour: #1E90FF)[**Please complete the Qualtrics survey AFTER this training.**] Thanks! [[Next|Goal of the training]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> What is cybersecurity? (colour: #1E90FF)[**Cybersecurity**] is the practice of protecting devices, networks, and data from unauthorized access and criminal use (U.S. Cybersecurity and Infrastructure Security Agency). [[Next|Risks of having poor cybersecurity]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Which of the following statements is TRUE about why cybersecurity is important? [[a|Q1Wrong]] Each malware attack can cost companies over a million dollars to fix. [[b|Q1Wrong]] Attackers have the ability to use your computer to attack others. [[c|Q1Right]] All of choices listed are true. <div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Why do I need a strong password? * Billions of login credentials are stolen every year and sold on the dark web. * If criminals obtain this information, they can: ** impersonate you ** message your contacts ** access your cloud storage ** steal your money ** jump to other accounts [[Next|Password1]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Which of the following four passwords is the most secure? [[a|Q2Wrong]] WTh!5Zejfhidgf [[b|Q2Wrong]] into*48 [[c|Q2Right]] GransSconesRtheBest<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Okay $name, it's time to see how well you've done! (if: ($right is $wrong)) [[Next|notification2]] (if: ($right > $wrong)) [[Next|notification]] (if: ($right < $wrong)) [[Next|notification1]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry, $name! Maybe you could do better? <img src= "https://findicons.com/files/icons/1035/human_o2/128/gnome_panel_force_quit.png"> </div> [[End the training]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Congrats, $name! Nice job! <img src= "https://findicons.com/files/icons/990/vistaico_toolbar/128/thumbs_up.png"> </div> [[End the training]]Please close this browser window/tab and complete the Qualtrics survey. Thank you for your participation in this portion of the experiment!<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Not bad, $name! <img src= "https://findicons.com/files/icons/730/soft/128/refresh.png"> </div> [[End the training]](set: $wrong to ($wrong + 1)) <div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! The hacker gets to roll the dice. <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Next|Module2]](set: $right to ($right + 1)) <div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Next|Module2]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|MFA]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|MFA]]**GOAL OF THE TRAINING** (colour: #1E90FF)[//**The goal of this experiment is to get as many questions correctly as possible.**//] [[Next|Agenda]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Cybercrime costs companies a lot of money! * A malware attack costs on average (colour: #1E90FF)[<b>$2.4 million</b>] for a company to deal with. * Cybercrime increased by (colour: #1E90FF)[<b>600%</b>] due to the COVID-19 pandemic. [[Next|Quiz1]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> How do attackers steal your passwords? (colour: #1E90FF)[//**brute force attack**//] - use software to try different letter, symbol, and number combos as passwords (colour: #1E90FF)[//**dictionary attack**//] - use software to try real words as passwords (colour: #1E90FF)[//**phishing**//] - ask for passwords or private data through email or phone calls/texts [[Next|Password2]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> To combat brute force and dictionary attacks... * Make passwords at least (colour: #1E90FF)[**12 characters**] long * Turn (colour: #1E90FF)[**phrases that give you an image**] into a password ** Ex. Penguins look like they wear tuxedos → Penlooliktheweatux * Or just use a (colour: #1E90FF)[**whole phrase**] as a password ** Ex. Penguins look like they wear tuxedos. * It helps to use (colour: #1E90FF)[**unconventional**] or (colour: #1E90FF)[**uncommon**] words [[Next|Password3]]This training has (colour: #1E90FF)[**6 modules.**] (colour: #1E90FF)[**1:**] Definition and importance of Cybersecurity (colour: #1E90FF)[**2:**] Passwords, Multi-Factor Authentication (MFA) (colour: #1E90FF)[**3:**] Safe online browsing, Virtual Private Network (VPN) (colour: #1E90FF)[**4:**] Anti-virus software, Firewall (colour: #1E90FF)[**5:**] Methods attackers use, Malware, Phishing (colour: #1E90FF)[**6:**] Methods to protect yourself Between modules, there are questions to test your understanding. There are (colour: #1E90FF)[**8**] questions in total. [[Next|Module1]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Use Multi-Factor Authentication (MFA) (colour: #1E90FF)[//**MFA**//] - provides another step, in addition to your password, to get logged in - this provides another layer of security to your accounts - Note: You can activate MFA for accounts such as Twitter, Facebook, Amazon, etc. [[Next|MFA1]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Types of MFA (colour: #1E90FF)[//**SMS**//] - sends a code to your phone via text or voicemail - this is the least secure method, since SMS and voice calls are not encrypted (colour: #1E90FF)[//**push notification**//] - sends notification to user’s smartphone to verify login attempt (colour: #1E90FF)[//**authenticator apps**//] - an app usually installed on a smartphone that generate time-based passwords - ex. Duo, Google Authenticator, Authy [[Next|MFA2]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Types of MFA cont. (colour: #1E90FF)[//**physical token**//] - ATM (bank card); usb/flash drive (colour: #1E90FF)[//**biometric**//] - fingerprint, facial recognition, retinal scan [[Next|Quiz3]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Other password tips * Since each person has at least (colour: #1E90FF)[**30 password**] accounts, you can use a (colour: #1E90FF)[//**password manager**//] to keeps track of all your passwords. You only need one very strong password to access your password manager. * (colour: #1E90FF)[<u>**Do not keep your passwords in a Word doc on your computer!**</u>] If your computer is hacked, that document may be discovered. [[Next|Quiz2]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Which of the following is a less effective type of multi-factor authentication? [[a|Q3Wrong]] Biometric such as fingerprinting [[b|Q3Right]] Text messaging/SMS [[c|Q3Wrong]] Physical token such as a usb drive <div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|Module3]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|Module3]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Online safe browsing Don’t... * connect to unsecured wi-fi networks * share confidential information using public wi-fi (i.e., <u>don’t do banking, don’t check emails in public</u>) [[Next|Online safe browsing cont.]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Virtual Private Network (VPN) (colour: #1E90FF)[//**VPN**//] - hides your internet protocol (IP) address so that your online browsing is encrypted and cannot be traced to your computer. This prevents your data from being read and stolen. - Note: An (colour: #1E90FF)[//**IP address**//] is a network address for your computer so the internet knows where to send data. [[Next|Quiz4]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> What kind of cybersecurity risks can be minimized by using a Virtual Private Network (VPN)? [[a|Q4Wrong]] Key-logging [[b|Q4Wrong]] Phishing attacks [[c|Q4Right]] Use of insecure Wi-Fi networks<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|Module4]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|Module4]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> (colour: #1E90FF)[//**anti-virus software**//] - scans and removes malware before it can harm your computer; blocks pop-ups and ads that contain viruses - ex. Norton, Avast, Bullguard Internet Security [[Next|Firewall]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> (colour: #1E90FF)[//**firewall**//] - monitors and controls traffic between your computer and the internet based on a set of security rules [[Next|Quiz5]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Which of the following is true? [[a|Q5Wrong]] Anti-virus software can block pop-ups and ads [[b|Q5Wrong]] Fire wall can monitor and control traffic between computer and internet [[c|Q5Right]] All of the above<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|Module5]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|Module5]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Most common cyberattack methods (colour: #1E90FF)[//**malware**//] - malicious software (colour: #1E90FF)[//**social engineering**//] - manipulating people into taking action that is not in their best interests (i.e., divulging personal info, clicking link, etc.) (colour: #1E90FF)[//**phishing**//] - example of social engineering: targets are contacted using email, phone, or text messages, by someone pretending to be from a legitimate source to provide sensitive information (login, credit card numbers, bank account numbers, etc.) [[Next|Most common attacks cont]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Most common attacks cont. (colour: #1E90FF)[//**botnet attack**//] - stands for **robot network** – attack the computers’ security systems, then control them to carry out malicious activities on a large scale One type of large scale attack carried out by botnets is a (colour: #1E90FF)[//**denial-of-service attack (DoS)**//] - floods systems, servers, or networks with traffic to exhaust resources and bandwidth. Results in the system being unable to fulfill legitimate requests (colour: #1E90FF)[//**man-in-the-middle (MitM) attacks**//] - attackers insert themselves into a two-party transaction to steal data; can happen through (colour: #1E90FF)[using unsecure public wi-fi or malware] [[Next|Quiz6]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Which of these definitions match with their descriptions? [[a|Q6Wrong]] //**man-in-the-middle**// - manipulating people into taking unwise action [[b|Q6Wrong]] //**social engineering**// - eavesdropping, attackers insert themselves into two-party transaction [[c|Q6Right]] //**denial-of-service attack**// - floods systems, servers, or networks with traffic to exhaust resources and bandwidth.<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|Not all attacks online]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|Not all attacks online]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Not all cyberattacks happen online (colour: #1E90FF)[//**in-person social engineering attack**//] – an attacker can tailgate an employee, enter through a door that requires a key/card, and find a workstation they can hack (colour: #1E90FF)[//**flash drives**//] – an attacker can leave a flash drive in the company labeled with an innocuous name (ex. compensation) or mail the flashdrive to the company. When an employee plugs the flash drive into their computer, it is infected. [[Next|TypesMalware]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Types of Malware (colour: #1E90FF)[//**virus**//] - malicious code that hides and makes copies of itself on a computer without consent; often a file that is downloaded from the internet (colour: #1E90FF)[//**worm**//] - similar to virus; standalone software that does not require host or human to help it spread unlike virus (colour: #1E90FF)[//**trojan**//] - disguises itself as a normal software, then performs bad functions (i.e., granting access to computer, delete files, keylogging) [[Next|TypesMalware1]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Types of Malware cont. (colour: #1E90FF)[//**rootkit**//] - allows attacker access to your computer or an area of its software, while masking its own existence or the existence of other software; this makes it challenging to delete (colour: #1E90FF)[//**ransomware**//] - locks you out of files and demands payment to restore access (colour: #1E90FF)[//**spyware**//] - software or program that can spy on you, including tracking what keys you are typing (colour: #1E90FF)[//**(keylogging)**//] to collect your login info [[Next|Quiz7]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Criminals access someone’s computer and encrypt the user’s personal files and data. The user is unable to access this data unless they pay the criminals to decrypt the files. This practice is called... [[a|Q7Wrong]] a botnet attack [[b|Q7Right]] a ransomware attack [[c|Q7Wrong]] spam<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|Phishing]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|Phishing]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> What can you do to prevent attacks? * Use and regularly update (colour: #1E90FF)[**anti-virus software**]. * Use a (colour: #1E90FF)[**firewall**] and (colour: #1E90FF)[**VPN**] when browsing the Internet. * Install (colour: #1E90FF)[**software updates**] for your operating systems and applications. Updates fix software vulnerabilities. * (colour: #1E90FF)[**Backup data**]. [[Next|How to prevent attacks cont]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> How to prevent attacks cont. * (colour: #1E90FF)[**Log out**] of your accounts . * Regularly (colour: #1E90FF)[**change passwords**]. * If you are in doubt, (colour: #1E90FF)[**don’t click on unknown links**] in email, social media posts, texts, and online advertising. * (colour: #1E90FF)[**Don’t share too much on social media**] to prevent people from using your info to trick you. [[Next|Quiz8]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Which of these definitions match their descriptions? [[a|Q8Right]] //**smishing**// - type of phishing through texting/SMS [[b|Q8Wrong]] //**rootkit**// - malicious code that hides and makes copies of itself on a computer [[c|Q8Wrong]] //**virus**// - conceals other malware and its existence so it stays hidden from you, making it challenging to delete<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Sorry! You got the wrong answer! <img src= "https://findicons.com/files/icons/1014/ivista/128/error.png"> </div> [[Hacker rolls dice|Tally]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Yay! You got it right! <img src= "https://findicons.com/files/icons/989/ivista_2/128/tick.png"> </div> [[Please roll the dice|Tally]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Types of Phishing (colour: #1E90FF)[//**phishing**//] - cybercrime which involves asking targets for sensitive info (i.e., passwords, credit card numbers, etc.) through email, telephone, or text messages (colour: #1E90FF)[//**spear phishing**//] - specific type of phishing; targeted attack towards one person or a small group of people; attacker does research on the person/group beforehand to seem more convincing (colour: #1E90FF)[//**smishing**//] - specific type of phishing using texting/SMS (colour: #1E90FF)[//**vishing**//] - specific type of phishing using voice mail or calls [[Next|Module6]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Online safe browsing cont. Do... * visit (colour: #1E90FF)[**https:// **] NOT http:// websites ** https:// websites are encrypted * enable your (colour: #1E90FF)[**firewall**] * use a (colour: #1E90FF)[**Virtual Private Network (VPN)**] [[Next|VPN]]You can track how well you're doing in the box below:(set: $right to 0)(set: $wrong to 0)<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> **Module 1** * Cybersecurity definition * Importance of cybersecurity [[Next|Begin the training]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> Risks of having poor cybersecurity An attacker or malware can... * erase your entire system * alter files * use your computer to attack others * impersonate you on social media * steal your credit card information to make purchases * steal your company trade secrets to help competitors gain an advantage * steal employee data, which can result in identity fraud issues etc. [[Next|Monetary cost of cybercrime]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> **Module 2** * Passwords * Multi-Factor Authentication (MFA) [[Next|Passwords]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> **Module 3** * Safe online browsing habits * Virtual Private Network (VPN) [[Next|Online safe browsing]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> **Module 4** * Anti-virus software * Firewall [[Next|Anti-virus]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> **Module 5** * Methods attackers use * Types of Malware * Phishing [[Next|Most common attacks]]<div class="message"><b>(colour: #008000)[Answers Correct: $right] | (colour: red)[Answers Wrong: $wrong]</b></div> **Module 6** * How users can protect themselves [[Next|How to prevent attacks]]