Lesson Summary

Pre-lesson Preparation

This lesson does not require computers, but teaching this lesson without computers would require printing the necessary articles and providing textbooks or printed articles about the various cyber-attacks.

Summary

Reflecting on the fact that the Internet was not designed with security in mind, students will examine the devastating impact of cyber attacks. Students will study types of cyber attacks and the vulnerabilities they exploit, and identify the roles of software, hardware, people, and the Internet. Students will identify potential cybersecurity concerns in systems built on the Internet. 

Outcomes

  • Students will understand types of security violations.
  • Students will understand types of protections.
  • Students will compare negative impacts of different types of attacks.

Overview

  1. Getting Started (5 min) - Discussing the internet's security concerns.
  2. Guided Activities (40 min) - Students explore and research specific cybersecurity attacks and their impacts.
  3. Wrap Up (5 min) - Journaling on the accessibility of student data.
  4. Homework - Research anti-virus software.

Learning Objectives

CSP Objectives

Big Idea - Internet
  • EU 6.3 - Cybersecurity is an important concern for the Internet and the systems built on it.
    • LO 6.3.1 - Identify existing cybersecurity concerns and potential options to address these issues with the Internet and the systems built on it. [P1]
      • EK 6.3.1A - The trust model of the Internet involves trade-offs.
      • EK 6.3.1B - The DNS was not designed to be completely secure.
      • EK 6.3.1D - Cyberwarfare and cybercrime have widespread and potentially devastating effects.
      • EK 6.3.1E - Distributed denial-of-service attacks (DDoS) compromise a target by flooding it with requests from multiple systems.
      • EK 6.3.1F - Phishing, viruses, and other attacks have human and software components.
      • EK 6.3.1G - Antivirus software and firewalls can help prevent unauthorized access to private data.
Big Idea - Impact
  • EU 7.1 - Computing enhances communication, interaction, and cognition.
    • LO 7.1.1 - Explain how computing innovations affect communication, interaction, and cognition. [P4]
      • EK 7.1.1M - The Internet and the Web have enhanced methods of and opportunities for communication and collaboration.
      • EK 7.1.1O - The Internet and the Web have impacted productivity, positively and negatively, in many areas.
  • EU 7.3 - Computing has global effects — both beneficial and harmful — on people and society.
    • LO 7.3.1 - Analyze the beneficial and harmful effects of computing. [P4]
      • EK 7.3.1A - Innovations enabled by computing raise legal and ethical concerns.
      • EK 7.3.1G - Privacy and security concerns arise in the development and use of computational systems and artifacts.
      • EK 7.3.1L - Commercial and governmental curation of information may be exploited if privacy and other protections are ignored.

Common Core Math:

  • S-IC.1-2: Understand and evaluate random processes underlying statistical experiments

Common Core ELA:

  • RST 12.4 - Determine the meaning of symbols, key terms, and other domain-specific words and phrases
  • RST 12.9 - Synthesize information from a range of sources
  • RST 12.10 - Read and comprehend science/technical texts
  • WHST 12.1 - Write arguments on discipline specific content

Key Concepts

6.3 Cybersecurity is an important concern for the Internet and the systems built on it.

The Internet was not built with security in mind, leaving computers vulnerable to cyber attacks. This makes cybersecurity an extremely important concern when designing and implementing systems that are built on the Internet. Students need to be able to identify potential problems that could arise and potential options for protecting against these problems.


Essential Questions

  • How is cybersecurity impacting the ever increasing number of Internet users?
  • How does computing enable innovation?
  • What are some potential beneficial and harmful effects of computing?
  • How do economic, social, and cultural contexts influence innovation and the use of computing?

Teacher Resources

Student computer usage for this lesson is: optional

In the Lesson Resources folder:

  • "Cyber Security" : slides for instruction during the whole class
  • "Cyber Attacks News Articles" : the list of news articles about real life cyber attacks for teachers (with instructions)
    • The diagram for the sticky note activity is in this document
  • "Cyber Attacks Notes WS" : worksheet for students to use in taking notes on different types of attacks
  • Consider including the TED talk about the first virus (about 17 minutes long) by Mikko Hyponnen https://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net 

 

Journal Sample Response: 

  • "The Internet was originally designed to be used by a group of people who trusted each other. This means that it was not built with security in mind, but rather openness and sharing. Now that anybody can access the Internet, users cannot trust everybody else they are connected to. This means that security measures must be put in place to protect users and systems."

Example for Presentations:

Information to present about firewalls. (Included in the slides)

“You can protect against certain attacks. One way to protect against them is a firewall.” 

  1. Where did the name come from?
    1. We have physical firewalls in school (and other buildings) that are designed to open to let people in and out, but close to keep fire contained (don’t let it through)
  2. How does it work? Describe the process, making sure to note the role of each of the following: (not all will necessarily apply)
    1. A firewall is installed to be a barrier between a computer (or local network) and the Internet. A person has to purchase / install the firewall to protect their system. Firewalls can be software or hardware and sometimes people use both. Firewalls examine the packets attempting to go in or out from the computer (or local network) to/from the Internet. It can keep attacks like viruses out, and keep sensitive or private data in.
  3. Visual from https://mdilog.com/help/security

Lesson Plan

(Note: There is a PowerPoint to be used with this entire lesson: "Cyber Security Lesson Slides" in the Lesson Resources folder.)

Getting Started (5 min) 

In their journals or as a class, students should discuss the following:

  1. Describe the “trust model” that the Internet was originally designed upon. 
    • The "trust model" was introduced in Lessons 3-4, 3-5, and 3-6 that introduced the Internet.
  2. List the problems with using the trust model, now that anybody can access the Internet.
  3. Define cyber crime and cyber warfare. How are they different from everyday crime and warfare?
    (cyber crime: https://us.norton.com/cybercrime-definition ; cyber warfare: http://time.com/3928086/these-5-facts-explain-the-threat-of-cyber-warfare/ )

Guided Activities (40 min)

Part 1 (20 min) - Readings 

  1. Each student will read a short article from the news about a specific attack that took place and identify the type of attack. Through their readings, the students will identify the negative effects of the attack. (A list of possible articles is in the "Cyber Attacks News Articles" document in the lesson folder.)
  2. Students will use sticky notes to record the following information (at least one per student):
    1. The student's name
    2. The type of cyber attack
    3. The impact of the cyber attack
  3. On the board, the teacher will set up a space with the types of attacks on the y-axis, and the level of impact on the x-axis (see teacher resources). Students will place the sticky notes on the diagram where they think it fits.
  4. Students will be asked what information and knowledge they can draw from the diagram.
  5. The teacher will model the next activity for the students by presenting some information on firewalls. This includes explaining where the name "firewall" comes from, how a firewall works, the roles of software, hardware, people, and the Internet, and a visual representation.

Part 2 (20 min) - Small Group Activity

  1. Students will be grouped by the type of attack they read about. They will conduct research to answer the following questions: (some resources will be provided, but students can also search for others. If no computers are provided, it will be up to the teacher to find these additional resources)
    1. Where did the name come from?
    2. How does the attack work? Describe the process, making sure to note the role of each of the following: (not all will necessarily apply)
      1. The Internet
      2. Software
      3. Hardware
      4. People
    3. Find or create a visual that illustrates the attack OR act out the process.
  2. Each group (or at least some, depending on time) will present their findings to the class in 2 minutes or less.
    1. Students should use the "CyberSecurity Notes WS" document to take notes for use in studying for the Unit 3 assessment.

Wrap Up (5 min)

Students will consider the following prompt, and record their thoughts in their journals:

What possible problems are there with the fact that student data (including your courses, grades, attendance, home address, and birthdate) is stored in a database that is easily accessible to teacher, administrators, and other staff from any computer connected to the Internet?

  • What security concerns does this raise?
  • What can be done to protect student data?

Homework: 

Real World Connection: Protecting your Computer

Choose one of the following articles to read, based on the operating system you have running on one of your home computers, or the computer you normally use.

Answer the following questions:

  1. Does the computer have anti-virus software installed?

If yes, answer the following questions:

  1. What is the name of the anti-virus software installed on the computer?
  2. Is the anti-virus software on the computer up to date?
  3. What features does the anti-virus software provide?

If no, do the following:

  1. Find at least two different anti-virus programs for your operating system (one that is free and one that you must purchase).
  2. Compare and contrast the anti-virus programs based on the features that they offer.
  3. Talk to your parent about installing anti-virus software on your computer if you own one.
  4. Does the computer have a firewall enabled?
  5. Is the operating system up to date? Which version of the operating system is the computer currently running?
  6. What other security measures have been taken to protect the computer?

Optional: Use this extended checklist to enhance the security of your computer.

http://m.wikihow.com/Secure-Your-PC


Evidence of Learning

Formative Assessment

The teacher will see where the students place the cyber attacks as they read about them on the impact graph and give appropriate feedback.

The teacher will monitor the research on cyber attacks and check for accurate information.

The teacher will clarify misconceptions that become evident during the group presentations.


Summative Assessment

Students will complete a journal entry by responding to questions about their personal and school related data being accessible through the Internet.