Date post: | 03-Apr-2018 |
Category: |
Documents |
Upload: | vaidehi-vaishnav |
View: | 219 times |
Download: | 0 times |
of 23
7/29/2019 Computer Crime, Ethics and Security
1/23
Computer Crime, Ethics andSecurity
For K. S. School of Business management
Management Information System
- Ms. Dhumsi
7/29/2019 Computer Crime, Ethics and Security
2/23
Computer crime
Computer crime is defined by Association of InformationTechnology Professionals as including
1) The unauthorised use, access, modification & destructionof hardware, software, data or network resources.
2) The unauthorised release of information,3) The unauthorised copying of Software,
4) Denying an end user access to his/her own hardware,software, data or network resources, and
5) Using or planning to use computer or network resources
to illegally obtain information or tangible property.
7/29/2019 Computer Crime, Ethics and Security
3/23
Computer crime is increasing by criminal or irresponsibleactions of individuals who take advantage of weaknessesof computer, internet and other networks.
It is a serious threat to the integrity, safety and survival
of E-Business System. Computer crimes like:
Stealing or compromising data
Gaining unauthorized computer access
Violating data belonging to banks
stopping communications Threatening to damage computer systems
Disseminating viruses
7/29/2019 Computer Crime, Ethics and Security
4/23
Businesssecurity,
Ethics andSociety
Employment
Health
Individuality
Crime
Privacy
Working
conditions
Challenges in Working Conditions
7/29/2019 Computer Crime, Ethics and Security
5/23
Hacking
It is the obsessive use of computer or the unauthorizedaccess and use of networked computer system.
Illegal hackers are called as Crackers also, apart fromgetting unauthorized access they also steal or damage
data and programs.
7/29/2019 Computer Crime, Ethics and Security
6/23
Hacking Tactics
1) Password Tracker: software that cracks the password.
2) Scans : take advantage of loop wholes in the computersystem or software program.
3) Dumpster diving: finding private info in garbage cans.
4) Spoofing: stealing passwords through a false loginpage/email address. It redirect a web link to an addressdifferent from the intended one.
5) Social engineering: tricking employees to gain access.
6) Denial of service: by making too many requests for
information, an attacker blocks, slow down or crash thesystem.
7) Sniffer : a program secretly monitors informationtravelling on network. It helps identify potential networktrouble spot and criminal activities on network.
7/29/2019 Computer Crime, Ethics and Security
7/23
Cyber theft
Many computer crimes involve theft of money.
Get unauthorized network entry and does alteration indatabase, track records etc in the office.
Companies cant reveal theft information as the customers
will be scared and there will be complains from them. Eg. Theft from citi-bank account.
Unauthorized use of computer system and networks isalso called time and resources theft. Eg. Playinggames, personal shopping, personal business on office
computer.
7/29/2019 Computer Crime, Ethics and Security
8/23
Other Computer Crimes
Identity theft - a fraud obtains key aspects of your personalinformation to take advantage of your name and take creditor service. Eg. Credit card number, license number.
Phishing setting up fake websites or sending emails that
looks like true website and asking personal information fromyou. It may instruct to update information, respond to emailetc.
Evil twins are wireless networks that pretends to offer good
Wi-Fi.
Pharming redirects users to a bogus webpage, even when aperson types correct webpage address.
7/29/2019 Computer Crime, Ethics and Security
9/23
Click fraud internet advertisement pay per click. Clickon ad shows intension to know more about the ad orintension to purchase.
Cyber Defamation: Defamation takes place with the helpof computers and/or the Internet e.g. someone publisheddefamatory matter about someone on a websites or sendse-mail containing defamatory information about a person.
7/29/2019 Computer Crime, Ethics and Security
10/23
Computer virus
Its a fraud software program that attaches itself toother software programs or data files in order to beexecuted usually without user knowledge or permission.
Worms independent computer programs that copy
themselves from one computer to other over a network. Itdestroys data, disrupt it or halt the operations ofcomputer networks.
Trojan horse software program that appears good butdoes something other than expected. Its not a virus but itgives way to viruses to enter in the computer.
Key loggers records every key stroke made on thecomputer to steal serial numbers of software, to gainaccess to email account etc.
7/29/2019 Computer Crime, Ethics and Security
11/23
Melissa it prompts Microsoft outlook to sendinfected document to the first 50 entries in theusers address book. It caused damage of around600 millions in U.S.
Sobig.F it was a worm. It spreads via emailattachments and sends massive amounts of mailswith false sender information.
7/29/2019 Computer Crime, Ethics and Security
12/23
Internet abuses at workplace
General email abuse spam, spread virus/worms.
Unauthorized usage and access - sharing of password andaccess into network without permission.
Copyright infringement using illegally or pirated
software. Transmission of confidential data using internet to
display or transmit trade secrets.
Non work related uploads/ downloads use programs thatallows transmission of movies, music etc.
Leisure use of internet doing shopping, personal emails,chatting , gambling online, gaming, social networking.
Moonlighting using office resources for personalbusiness.
7/29/2019 Computer Crime, Ethics and Security
13/23
Computer ethics
7/29/2019 Computer Crime, Ethics and Security
14/23
Continue..
Information accessibility
Deals with what information a person has the right toobtain about others and how the information can beused. Eg. Finance dept has right to get info of
marketing dept to know their exp and all. Privacy
Protecting ones personal information.
Information accuracy
Deals with authentication and reliability of information.
Information property Deals with who owns information about individuals and
how information can be sold and exchanged. Eg. Inforelating to finance will be owned by finance dept.
7/29/2019 Computer Crime, Ethics and Security
15/23
Computer ethics at work
Business ethics to protect intellectual property rights, tohave privacy of customer and employee information,securing companys confidential information etc.
If business ethics are taken care off then no computercrimes in the office will take place as all information aresecure and there will be strict control to access it.
Businesses are working for the benefit of their stakeholderso if such issues are happening in the office then it willaffect the business of the firm and cost a lot.
Eg. Customer data is getting leakage then competitorsmight take benefit of it and you will lose upon yourbusiness.
7/29/2019 Computer Crime, Ethics and Security
16/23
Continue..
Technological ethics if the co. is to muchdependent on computers then schedules of workersshould be prepared in such a way that do not lead tohealth issues.
Benefits of the system should be more than the riskinvolved in it.
Workers should be aware about the risk involved inusing the technology.
Benefits and burdens of the technology should bedistributed fairly.
All unnecessary risks should be avoided.
7/29/2019 Computer Crime, Ethics and Security
17/23
Security of SystemA Corporate Firewall
They are like gatekeepers. The firewall is placed between the firmsprivate network and the public Internet to protect against
unauthorized traffic.
7/29/2019 Computer Crime, Ethics and Security
18/23
Security of system
Encryption : The process of transforming plain text or datainto coded text that cannot be read by anyone other thanthe sender and the intended receiver
Encryption Decryption
Pair of public key and private key which is unique to eachindividual.
7/29/2019 Computer Crime, Ethics and Security
19/23
Security of system
Public Key Encryption
A public key encryption system can be viewed as a series of public andprivate keys that lock data when they are transmitted and unlock thedata when they are received. The sender locates the recipients publickey in a directory and uses it to encrypt a message. The message is sentin encrypted form over the Internet or a private network. When theencrypted message arrives, the recipient uses his or her private key todecrypt the data and read the message.
7/29/2019 Computer Crime, Ethics and Security
20/23
Security of system
Antivirus Software
Continuous updation is the key! Securing Wireless Networks
A central authentication, server authenticates eachuser on the network.
WiFi + VPN Digital Signature
Used to verify the origin and contents of the message.
Helps to associate a message with a sender (similar totraditional signatures).
Biometric security Voice verification, hand geometry, retina scanning,
face recognition etc. Backup files
Duplicate file of data or programs.
7/29/2019 Computer Crime, Ethics and Security
21/23
System Control and Audits
Information System Controls attempt to ensure accuracy,validity and correctness of information.
It is designed to monitor and maintain quality and securityof input, processing, output and storage activities of an
IS. Here control software indentifies incorrect or improper
inputs that enters in your system.
Auditing with internal or external auditors. Try toevaluate whether adequate security measures and mgmtpolicies have developed and implemented or not.
Check of audit trail a document that allows transactionto be traced through all stages of information processing.
7/29/2019 Computer Crime, Ethics and Security
22/23
Security measures in case of internet use
Use of anti-virus and firewall software.
Dont allow anyone to store credit card information.
Send credit card numbers through secure sites.
Hard to guess password.
Different password in different sites.
Dont open email attachments unless the sender isunknown.
7/29/2019 Computer Crime, Ethics and Security
23/23