Lesson 10: Rapid Research - Cybercrime

Overview

Students learn about various types of cybercrimes and the cybersecurity measures that can help prevent them. Then students perform a Rapid Research project investigating a particular cybercrime event with a particular focus on the data that was lost or stolen and the concerns that arise as a result. The Rapid Research activity features vocabulary, concepts, and skills that should help prepare them for the AP Explore PT, and also serves as a capstone for the sequence of lessons on encryption and security.

Purpose

This lesson serves two roles. 1. Review terminology about cybersecurity and crime that is relevant for the AP CS Principles Exam and 2. Practice research and writing skills that will help students on the Explore PT.

Following this lesson you may opt to either run the research activity in the next lesson or move on to running the full Explore PT with your class. Note that the Explore PT prep unit includes additional resources that will help students prepare for the task.

Agenda

Getting Started (5 mins)

Activity (40 + 30 mins)

Wrap Up (10 mins)

Assessment

View on Code Studio

Objectives

Students will be able to:

  • Explain the characteristics of a phishing attack
  • Explain how a DDoS attack works
  • Describe how one computer virus works
  • Research and describe a cyber attack found in the news
  • Reason about the threats posed by, and methods of recourse for, various types of cyber attacks
  • Describe plausible storage, security, or privacy concerns for particular pieces of data

Preparation

Links

Heads Up! Please make a copy of any documents you plan to share with students.

For the Students

Vocabulary

  • Antivirus Software - usually keeps big lists of known viruses and scans your computer looking for the virus programs in order to get rid of them.
  • DDoS Attack - Distributed Denial of Service Attack. Typically a virus installed on many computers (thousands) activate at the same time and flood a target with traffic to the point the server becomes overwhelmed.
  • Firewall - software that runs on servers (often routers) that only allows traffic through according to some set of security rules.
  • Phishing Scam - a thief trying to trick you into sending them sensitive information. Typically these include emails about system updates asking you send your username and password, social security number or other things.
  • SSL/TLS - Secure Sockets layer / Transport Layer Security - An encryption layer of HTTP that uses public key cryptography to establish a secure connection.
  • Virus - a program that runs on a computer to do something the owner of the computer does not intend.

Teaching Guide

Getting Started (5 mins)

Teaching Tip

NOTE: this video is also embeded at the top of the How Not To Get Hacked - Web Resource page that students read in the actvity, as well as in Code Studio. You might choose to send them directly to that at this point or show the video to the whole class.

Content Corner

The video touches on types of cybercrimes and cyber attacks NOT covered in the How Not To Get Hacked - Web Resource article but are still vocabulary that students need to know, specifically DDoS attacks and how they work.

Video: Cybersecurity & Crime

Remarks

To conclude our thinking about encryption and security we're going to look at how cybercrimes are conducted, how cybersecurity measures can protect us, and what the implications are of data leaking. Then you'll research a particular cybercrime and quickly prepare a one-pager about it.

Show: The Internet: Cybersecurity and Crime - Video

The video touches on a number of topics that students might choose to research later:

  • DDoS Attacks (and Bot Nets)
  • Cyber warfare
  • Viruses and Anti Virus Software
  • Phishing Scams
  • Credit Card theft
  • Types of people who commit cybercrimes

Activity (40 + 30 mins)

Rapid Reseach - Cybersecurity and Crime

Distribute: Give students copies of Rapid Research - Cybercrime - Activity Guide
and Cybersecurity One-Pager - Template.

Teaching Tip

Differences from the actual Explore PT: The actual Explore Performance Task will be completed over 8 class hours. The fact that this schedule is significantly shorter reflects several differences in this Practice PT.

  • Some categories and topics have been supplied ahead of time.
  • Students are not creating any kind of computational artifact
  • Students are not describing the beneficial or harmful effects of an innovation / event.

Below is a suggested schedule for completing the project.

Day 1 - Choose Innovation, Read and Research

Teaching Tip

Cybercrime Definition: The definition of a cybercrime event as "any instance where digitally stored data falls into the hands of someone not originally intended to have access to it" is used to help align this task to the Explore PT. In particular this definition sets up the last two prompts of the activity guide where students must both specifically identify the data used by an app and describe concerns specifically related to this data. These are critical skills students must use when describing the computing innovation they will research. Make sure you reinforce this definition as students choose their topics.

Review Activity Guide and Rubric: At the beginning of the project, emphasize the importance of reviewing the one-pager template and rubric. Students may assume that more is required of them than is actually the case. Point out that the written component is quite short. They probably have space for at most 100-150 words per response.

Choosing Your Cybercrime Event: It is recommended that you place a time limit on this process (e.g. 20 minutes). Students should not leave class after the first day without a topic in mind and ideally with some resources identified. Luckily, in choosing their topics, students will likely have begun to identify resources they can use in completing their project.

Conducting Your Research: This document is intended to serve primarily as a guide to students for identifying online sources of information. The skill students need to develop is identifying useful resources on their own and then synthesizing this information. Being presented with a structured way of doing this means students will have a model for how to complete their research when completing the actual Explore PT.

Day 2 - Prepare one-pager

Complete One-Pager: Students should find this aspect of their project most familiar. The prompts are similar in style and content to prompts students have already seen. Emphasize the need for clarity in their writing, and remind them that everything must fit on a single page. If they have responded completely to each of the prompts, it is fine to write less.

Sharing/Submission: You may want to collect students’ one-pagers, have them share in small groups, or with the whole class. Since students were researching something of their own choosing, they might be eager to show what they found out.

Wrap Up (10 mins)

Review Cybersecurity Terms

Content Corner

These terms are pulled directly from the AP CSP Framework. Check out the mappings to the framework at the bottom of this lesson plan.

These statements can be used as the basis for question on the AP CSP Exam.

The annotations given here should provide enough depth for the kinds of responses expected of students.

Below is the list of cybersecurity terms that students were introduced to throughout this lesson.

We've annotated them with brief explanations that should come out during discussion.

Teaching Tip

If you are running out of time, assigning some of these terms for homework might be a good way to review and kick off the next day.

  • Implementing cybersecurity has software, hardware, and human components.

    • This is a theme for the whole lesson
    • Vulnerabilities in hardware and software can be compromised as part of an attack.
    • But, as mentioned in the video, a large percentage of cybersecurity vulnerabilities are human-related, such as choosing bad passwords, (unintentionally) installing viruses, or giving personal information away.
  • Sockets layer/transport layer security (SSL/TLS)

    • An encryption layer of HTTP. When you see the little lock icon and https it means that you are visiting a website over HTTP but the data going back and forth bewtween you and the server is encrypted.
    • SSL (secure sockets layer) and TLS (transport layer security) use public key cryptography to establish a secure connection.
  • Cyber warfare and cyber crime have widespread and potentially devastating effects.

    • This is especially true in the case of warfare which (fortunately) we have not experienced much of on a global scale. But using cyber attacks to cripple basic infrastructure (power, water) and communication could be devastating.
  • Distributed denial of service attacks (DDoS)

    • Typically a virus installed on many computers (thousands) activate at the same time and flood a target with traffic to the point the server becomes overwhelmed -- doing this can render web services like DNS, or routers, or certain websites useless and unresponsive.
  • Phishing scams

    • Typically a thief trying to trick you into sending them sensitive information. Typically these include emails about system updates asking you send your username and password, social security number or other things.
    • More sophisticated scams can make websites and email look very similar to the real thing.
  • Viruses / Antivirus software and firewalls

    • A virus is program that runs on a computer to do something the owner of the computer does not intend. Viruses can be used as a Bot Net to trigger a DDoS-style attack, or they can spy on your computer activity, such as capturing all the keystrokes you make at the computer, or websites you visit, etc.
    • Antivirus software usually keeps big lists of known viruses and scans your computer looking for the virus programs in order to get rid of them.
    • A "firewall" is simply software that runs on servers (often routers) that only allows traffic through according to some set of security rules.

Assessment

Rapid Research: Use the rubric provided with the Activity Guide to assess the one-pagers.

Video: These questions refer to ideas in the Cybercrime video.

  • What does the s in https refer to?

    • It's the plural of http - a more robust version of http that runs on multiple channels.
    • s is for "secure" - a version of http that is encrypted.
    • s is for "simple" - a simplified version of http that runs faster on modern computers
    • s is for "standard" - to distinguish the original http from non-standard versions like httpv and httpx
  • When someone tries to get you to give up personal information through email or a bogus website it is called a:

    • DDoS Attack
    • Phishing Scam
    • Virus
    • SSL/TLS layer
  • When someone attemps to compromise a target by flooding it with requests from multiple systems that is called a:

    • DDoS Attack
    • Phishing Scam
    • Virus
    • SSL/TLS layer
  • The vast majority of computer security failures are due to:

    • Software vulnerabilities
    • Hardware limitations
    • Human carelessness
    • Bot Nets

Standards Alignment

View full course alignment

Computer Science Principles

6.2 - Characteristics of the Internet influence the systems built on it.
6.2.2 - Explain how the characteristics of the Internet influence the systems built on it. [P4]
  • 6.2.2H - Standards for sharing information and communicating between browsers and servers on the Web include HTTP and secure sockets layer/transport layer security (SSL/TLS).
6.3 - Cybersecurity is an important concern for the Internet and the systems built on it.
6.3.1 - Identify existing cybersecurity concerns and potential options to address these issues with the Internet and the systems built on it. [P1]
  • 6.3.1C - Implementing cybersecurity has software, hardware, and human components.
  • 6.3.1D - Cyber warfare and cyber crime have widespread and potentially devastating effects.
  • 6.3.1E - Distributed denial of service attacks (DDoS) compromise a target by flooding it with requests from multiple systems.
  • 6.3.1F - Phishing, viruses, and other attacks have human and software components.
  • 6.3.1G - Antivirus software and firewalls can help prevent unauthorized access to private data.
  • 6.3.1H - Cryptography is essential to many models of cybersecurity.
7.3 - Computing has a global affect -- both beneficial and harmful -- on people and society.
7.3.1 - Analyze the beneficial and harmful effects of computing. [P4]
  • 7.3.1G - Privacy and security concerns arise in the development and use of computational systems and artifacts.

CSTA K-12 Computer Science Standards (2017)

NI - Networks & the Internet
  • 2-NI-05 - Explain how physical and digital security measures protect electronic information.
  • 3A-NI-05 - Give examples to illustrate how sensitive data can be affected by malware and other attacks.
  • 3B-NI-04 - Compare ways software developers protect devices and information from unauthorized access.