Computer Crime, Ethics and Security

7/29/2019 Computer Crime, Ethics and Security

1/23

Computer Crime, Ethics andSecurity

For K. S. School of Business management

Management Information System

- Ms. Dhumsi


2/23

Computer crime

Computer crime is defined by Association of InformationTechnology Professionals as including

1) The unauthorised use, access, modification & destructionof hardware, software, data or network resources.

2) The unauthorised release of information,3) The unauthorised copying of Software,

4) Denying an end user access to his/her own hardware,software, data or network resources, and

5) Using or planning to use computer or network resources

to illegally obtain information or tangible property.


3/23

Computer crime is increasing by criminal or irresponsibleactions of individuals who take advantage of weaknessesof computer, internet and other networks.

It is a serious threat to the integrity, safety and survival

of E-Business System. Computer crimes like:

Stealing or compromising data

Gaining unauthorized computer access

Violating data belonging to banks

stopping communications Threatening to damage computer systems

Disseminating viruses


4/23

Businesssecurity,

Ethics andSociety

Employment

Health

Individuality

Crime

Privacy

Working

conditions

Challenges in Working Conditions


5/23

Hacking

It is the obsessive use of computer or the unauthorizedaccess and use of networked computer system.

Illegal hackers are called as Crackers also, apart fromgetting unauthorized access they also steal or damage

data and programs.


6/23

Hacking Tactics

1) Password Tracker: software that cracks the password.

2) Scans : take advantage of loop wholes in the computersystem or software program.

3) Dumpster diving: finding private info in garbage cans.

4) Spoofing: stealing passwords through a false loginpage/email address. It redirect a web link to an addressdifferent from the intended one.

5) Social engineering: tricking employees to gain access.

6) Denial of service: by making too many requests for

information, an attacker blocks, slow down or crash thesystem.

7) Sniffer : a program secretly monitors informationtravelling on network. It helps identify potential networktrouble spot and criminal activities on network.


7/23

Cyber theft

Many computer crimes involve theft of money.

Get unauthorized network entry and does alteration indatabase, track records etc in the office.

Companies cant reveal theft information as the customers

will be scared and there will be complains from them. Eg. Theft from citi-bank account.

Unauthorized use of computer system and networks isalso called time and resources theft. Eg. Playinggames, personal shopping, personal business on office

computer.


8/23

Other Computer Crimes

Identity theft - a fraud obtains key aspects of your personalinformation to take advantage of your name and take creditor service. Eg. Credit card number, license number.

Phishing setting up fake websites or sending emails that

looks like true website and asking personal information fromyou. It may instruct to update information, respond to emailetc.

Evil twins are wireless networks that pretends to offer good

Wi-Fi.

Pharming redirects users to a bogus webpage, even when aperson types correct webpage address.


9/23

Click fraud internet advertisement pay per click. Clickon ad shows intension to know more about the ad orintension to purchase.

Cyber Defamation: Defamation takes place with the helpof computers and/or the Internet e.g. someone publisheddefamatory matter about someone on a websites or sendse-mail containing defamatory information about a person.


10/23

Computer virus

Its a fraud software program that attaches itself toother software programs or data files in order to beexecuted usually without user knowledge or permission.

Worms independent computer programs that copy

themselves from one computer to other over a network. Itdestroys data, disrupt it or halt the operations ofcomputer networks.

Trojan horse software program that appears good butdoes something other than expected. Its not a virus but itgives way to viruses to enter in the computer.

Key loggers records every key stroke made on thecomputer to steal serial numbers of software, to gainaccess to email account etc.


11/23

Melissa it prompts Microsoft outlook to sendinfected document to the first 50 entries in theusers address book. It caused damage of around600 millions in U.S.

Sobig.F it was a worm. It spreads via emailattachments and sends massive amounts of mailswith false sender information.


12/23

Internet abuses at workplace

General email abuse spam, spread virus/worms.

Unauthorized usage and access - sharing of password andaccess into network without permission.

Copyright infringement using illegally or pirated

software. Transmission of confidential data using internet to

display or transmit trade secrets.

Non work related uploads/ downloads use programs thatallows transmission of movies, music etc.

Leisure use of internet doing shopping, personal emails,chatting , gambling online, gaming, social networking.

Moonlighting using office resources for personalbusiness.


13/23

Computer ethics


14/23

Continue..

Information accessibility

Deals with what information a person has the right toobtain about others and how the information can beused. Eg. Finance dept has right to get info of

marketing dept to know their exp and all. Privacy

Protecting ones personal information.

Information accuracy

Deals with authentication and reliability of information.

Information property Deals with who owns information about individuals and

how information can be sold and exchanged. Eg. Inforelating to finance will be owned by finance dept.


15/23

Computer ethics at work

Business ethics to protect intellectual property rights, tohave privacy of customer and employee information,securing companys confidential information etc.

If business ethics are taken care off then no computercrimes in the office will take place as all information aresecure and there will be strict control to access it.

Businesses are working for the benefit of their stakeholderso if such issues are happening in the office then it willaffect the business of the firm and cost a lot.

Eg. Customer data is getting leakage then competitorsmight take benefit of it and you will lose upon yourbusiness.


16/23

Continue..

Technological ethics if the co. is to muchdependent on computers then schedules of workersshould be prepared in such a way that do not lead tohealth issues.

Benefits of the system should be more than the riskinvolved in it.

Workers should be aware about the risk involved inusing the technology.

Benefits and burdens of the technology should bedistributed fairly.

All unnecessary risks should be avoided.


17/23

Security of SystemA Corporate Firewall

They are like gatekeepers. The firewall is placed between the firmsprivate network and the public Internet to protect against

unauthorized traffic.


18/23

Security of system

Encryption : The process of transforming plain text or datainto coded text that cannot be read by anyone other thanthe sender and the intended receiver

Encryption Decryption

Pair of public key and private key which is unique to eachindividual.


19/23

Security of system

Public Key Encryption

A public key encryption system can be viewed as a series of public andprivate keys that lock data when they are transmitted and unlock thedata when they are received. The sender locates the recipients publickey in a directory and uses it to encrypt a message. The message is sentin encrypted form over the Internet or a private network. When theencrypted message arrives, the recipient uses his or her private key todecrypt the data and read the message.


20/23

Security of system

Antivirus Software

Continuous updation is the key! Securing Wireless Networks

A central authentication, server authenticates eachuser on the network.

WiFi + VPN Digital Signature

Used to verify the origin and contents of the message.

Helps to associate a message with a sender (similar totraditional signatures).

Biometric security Voice verification, hand geometry, retina scanning,

face recognition etc. Backup files

Duplicate file of data or programs.


21/23

System Control and Audits

Information System Controls attempt to ensure accuracy,validity and correctness of information.

It is designed to monitor and maintain quality and securityof input, processing, output and storage activities of an

IS. Here control software indentifies incorrect or improper

inputs that enters in your system.

Auditing with internal or external auditors. Try toevaluate whether adequate security measures and mgmtpolicies have developed and implemented or not.

Check of audit trail a document that allows transactionto be traced through all stages of information processing.


22/23

Security measures in case of internet use

Use of anti-virus and firewall software.

Dont allow anyone to store credit card information.

Send credit card numbers through secure sites.

Hard to guess password.

Different password in different sites.

Dont open email attachments unless the sender isunknown.


23/23

Date post:	03-Apr-2018
Category:	Documents
Upload:	vaidehi-vaishnav
View:	219 times
Download:	0 times

Computer Crime, Ethics and Security

Documents