Download - Computer crimes

•Living in a Digital World

•Discovering Computers 2010

Why Be Concerned about Network and Internet Security?

A computer system consists not only of software, hardware, data/information, and procedures, but also of people- the users of the computer system.

People can use computer system for both good and bad purposes. Some people use computers for evil activities. A computer crime is generally defined as one that uses computers and software for illegal purposes.

Any illegal act involving a computer generally is referred to as a computer crime.Computer crime encompasses a broad range of

potentially illegal activities.

Perpetrators of Cyber Crime

Perpetrators of cybercrime and other intrusions fall into seven basic categories:hackercrackerscript kiddies corporate spyunethical employee cyberextortionist cyberterrorist

Hackers and CrackersHackers A hacker is a person who breaks into computers and computer

networks, either for profit or motivated by the challenge Hackers do not use the system to steal money or property but they

did create fictitious accounts changed some data files. Some people engage in hacking purely for the challenge codes.

Others do it to steal computer time, to peek at confidential information, or to cause damage.

White hat is a term often used to describe ethical hackers that stay entirely within the law.

They never access a system or network illegally, and they work tirelessly to expose holes in systems with the ultimate goal of fixing flaws and improving security.

White hats may be security professionals, hired by companies to audit network security or test software.

Hackers and Crackers

Crackers Cracking is the act of breaking into other computer systems. This can be done with malicious intent, for financial profit, or for

fun. The opposite of the white hat, a black hat or cracker breaks into

systems illegality for personal gain, vandalism (damage), or bragging rights.

A cracker is a one who uses their proficiency for personal gains outside of the law. EX: stealing data, changing bank accounts, distributing viruses, acts of sabotage and mischief on the internet, and have cost companies millions of dollars. etc.

7Chapter 9 Understanding Computers, 11th Edition

HackingHacking: using a computer to break

into another computer system; the person doing the hacking is a hackerTo steal informationTo sabotage a systemTo hijack PCs to generate spam or host

Web sitesSocial hackingAuthorized hacking

Script kiddie

A script kiddie has the same intent as acracker but does not have the technical skills and knowledge. Script kiddies often use prewritten

hacking and cracking programs to break into computers.

Cyberextortionist

A cyberextortionist is someone who uses e-mail as a vehicle for extortion.These perpetrators send an organization a

threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization’s network — if they are not paid a sum of money.

Cyberterrorist

A cyberterrorist is someone who uses the Internet or network to destroy or damage computers for political reasons.

The cyberterrorist might target the nation’s air traffic control system, electricity-generating companies, or a telecommunications infrastructure.

The term, cyberwarfare, describes an attack whose goal ranges from disabling a government’s computer network to crippl a country. Cyberterrorism and cyberwarfare usually require a team of highly skilled people.

Introduction

Computer viruses and crimes have become today’s headline news

With the increasing use of the Internet, it has become easier for virus to spread

Virus show us loopholes in softwareMost virus are targeted at the MS Windows OS

First Computer VirusThe first virus was made in Lahore,

Pakistan, 1986Two programmers named Basit and Amjad Farooq AlviCalled Brain Virus

Computer Virus A virus is a program that "infects" an executable file. After

infection, the executable file functions in a different way than before: maybe only displaying a benign message on the monitor, maybe deleting some or all files on the user's hard drive, maybe altering data files.

There are two key features of a computer virus: The ability to propagate by attaching itself to executable files (e.g.,

application programs, OS, scripts, boot sector of a hard disk or floppy disk, etc.) Running the executable file may make new copies of the virus.

The virus causes harm only after it has infected an executable file and the executable file is run.

Viruses spread from one computer to another through removable disks like USB, network computers & internet.

If a Virus is found on one computer of the network, then it can easily infect whole network.

Background

There are estimated 30,000 computer viruses in existence

Over 300 new ones are created each month

First virus was created to show loopholes in software

Virus Languages

ANSI COBOL C/C++PascalVBAUnix Shell ScriptsJavaScriptBasically any language that works on the system

that is the target

Symptoms of Virus Attack

Computer runs slower then usual Computer no longer boots up Screen sometimes flicker PC speaker beeps periodically System crashes for no reason Files/directories sometimes disappear Denial of Service (DoS)

Virus through the Internet

Today almost 87% of all viruses are spread through the internet (source: ZDNet)

Transmission time to a new host is relatively low, on the order of hours to days

“Latent virus”

Classifying Virus - General

Virus InformationDiscovery Date:Origin:Length:Type:SubType:Risk Assessment:

Category:

TYPES OF COMPUTER Virus

Basic types of computer viruses areWormTrojan Horse Macro

•Worms

•A worm is a program that copies itself.

•The distinction between a virus and worm, is that a virus never copies itself – a virus is copied only when the infected executable file is run.

•In the pure, original form, a worm neither deleted nor changed files on the victim's computer — the worm simply made multiple copies of itself and sent those copies from the victim's computer, thus clogging(jam) disk drives and the Internet with multiple copies of the worm. Releasing such a worm into the Internet will slow the legitimate traffic on the Internet, as continuously increasing amounts of traffic are mere copies of the worm.

•A classic example of a worm is the ILOVEYOU virus.

Worms

Spread over network connectionWorms replicateFirst worm released on the Internet was called

Morris worm, it was released on Nov 2, 1988.

Trojan Horse

CovertLeaks informationUsually does not reproduce

The TROJAN HORSE Virus

•The Trojan virus once on your computer, doesn't reproduce, but instead makes your

computer susceptible to malicious intruders by allowing them to access and read your files.

Making this type of virus extremely dangerous to your computer's security and your personal

privacy. Therefore, you should avoid downloading programs or files from sites if

you're not 100 percent positive of what the file or program does.

Macro

A macro virus is programmed as a macro embedded in a document. Many applications, such as Microsoft Word and Excel, support macro languages.

Once a macro virus gets on to your computer, every document you produce will become infected.

This type of virus is relatively new and may slip by your antivirus software if you don't have the most recent version installed on your computer.

Boot Sector viruses:

A boot sector virus infects diskettes and hard drives. All disks and hard drives contain smaller sections called sectors. The first sector is called the boot.

The boot carries the Master Boot Record (MBR). MBR functions to read and load the operating system. So, if a virus infects the boot or MBR of a disk, such as a floppy disk, your hard drive can become infected, if you re-boot your computer while the infected disk is in the drive.

Once your hard drive is infected all diskettes that you use in your computer will be infected. Boot sector viruses often spread to other computers by the use of shared infected disks and pirated software applications.

The best way to disinfect your computer of the boot sector virus is by using antivirus software.

Logic & Time Bombs

Logic bombs are programs which start executing malicious program when user performs any specific action in the computer. For Example: In one case, a programmer inserted a logic bomb into a company’s system; that would destroy company’s whole system, if his name was removed from it.

Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.

A time bomb refers to a computer program that has been written so that it will stop functioning after a predetermined date or it will trigger criminal activity at a specified date. For Example:Time bombs are commonly used in shareware (trial) software when the manufacturer of the software does not want the trial version being used after the fix time.

Data Diddling or Data Manipulation

Data diddling or manipulation is the way in which important data can be manipulated and changed. A person can edit the business information of a company or personal information of some other person to harm them. Data diddlersare often found changing grades in the university records, falsifying input records on bank transactions etc.

Data Stealing

This is the type of crime in which the private information is stolen using illegal ways. For Example: Mostly credit cards information is theft by black hats. Passwords can also be stolen through different hacking techniques.

Software Piracy

The unauthorized copying & use of any proprietary software is called Piracy.

Most retail programs are licensed for use at just one computer site or for use by only one user at any time.

By buying the software, you become a licensed userrather than an owner.

You are allowed to make copies of the program for backup purposes, but it is against the law to give copies to friends and colleagues.

Software TheftSoftware theft occurs when someone:

Discovering Computers 2010: Living in a Digital World Chapter 11

33Page 571

Steals software media

Intentionally erases

programs

Illegally copies a program

Illegally registers and/or

activates a program

Software TheftA single-user license agreement typically contains

the following conditions:


34Page 571

Permitted toPermitted to• Install the software on one computer• Make one copy of the software• Remove the software from your computer before giving it away or selling it

Not permitted toNot permitted to• Install the software on a network• Give copies to friends or colleagues while continuing to use the software• Export the software• Rent or lease the software

Software TheftCopying, loaning,

borrowing, renting, or distributing software can be a violation of copyright law

Some software requires product activation to function fully


35Pages 571 – 572Figure 11-16

Click to view Web Link,click Chapter 11, Click Web Link from left navigation, then click Business Software Alliance below Chapter 11

Hardware Theft and Vandalism

Hardware theft is the act of stealing

computer equipment

Hardware vandalism is the act

of defacing or destroying computer

equipment


36Page 570

Hardware Theft and VandalismTo help reduce the of chances of theft,

companies and schools use a variety of security measures


37Page 570Figure 11-15

Physical access controls

Alarm systems

Cables to lock equipment

Real time location system

Passwords, possessed objects, and biometrics

Information TheftInformation theft occurs when someone

steals personal or confidential informationEncryption is a process of converting

readable data into unreadable characters to prevent unauthorized access


38Pages 572 - 573Figure 11-17

Information Theft



Information TheftA digital signature is an encrypted code

that a person, Web site, or organization attaches to an electronic message to verify the identity of the senderOften used to ensure that an impostor is not

participating in an Internet transaction

Web browsers and Web sites use encryption techniques


40Page 574

System FailureA system failure is the prolonged

malfunction(breakdown, fault) of a computerA variety of factors can lead to system failure,

including:Aging hardwareNatural disastersElectrical power problemsNoise, undervoltages, and overvoltages

Errors in computer programsDiscovering Computers 2010: Living in a

Digital World Chapter 1141Page 575

Backing Up – The Ultimate SafeguardA backup is a duplicate of a file, program, or

disk that can be used if the original is lost, damaged, or destroyedTo back up a file means to make a copy of it

Offsite backups are stored in a location separate from the computer site


42Page 577

•Cloud Storage

Backing Up – The Ultimate SafeguardTwo categories of

backups:Full backupSelective backup

Three-generation backup policy


43Page 577

Grandparent

Parent

Child

•44

Protecting Against Unauthorized Access, Use, and Computer Sabotage

Antivirus software: Used to detect and eliminate computer viruses and other types of malwareShould be set up to run continuously to check incoming e-mail

messages, instant messages, and downloaded filesShould be set up to scan the entire PC regularlyNeeds to be updated regularly since new malware is introduced

at all timesBest to have the program automatically download new virus

definitions on a regular basisSome programs also scan for other threats, such as spyware,

bots, possible phishing schemes, etc.

45

Protecting Against Unauthorized Access, Use, and Computer Sabotage

Firewall: Security system that provides a protective boundary between a computer or network and the outside worldWorks by closing down all external communications port

addressesBlocks access to the PC from outside crackersBlocks access to the Internet from programs on the user’s

PC unless authorized by the userImportant for home PCs that have a direct Internet

connection as well as for businessesIntrusion protection system (IPS) software is related

Monitors and analyzes traffic allowed by the firewall to try and detect possible attacks

46

Chapter 9Understanding

Computers, 11th Edition

Encryption and Other Security Tools

Encryption: method of scrambling e-mail or files to make them unreadable

Secure Web servers: use encryption to protect information transmitted via their Web pagesMost common is SSLLook for a locked padlock on the status bar and

https:// in the URLOnly transmit credit card numbers and other

sensitive data via a secure Web server

47

Chapter 9Understanding

Computers, 11th Edition

Protect Password

Use information that only an individual should knowUsernamesPINs PasswordsShould be strong passwords and changed

frequently

49

Passwords

Techniques Used for Computer Security

By taking the following precautionary steps, we can protect our computers from viruses and their affects.

Avoid downloading unnecessary files from unknown Internet websites.

Always scan downloaded contents & files before using (opening) them.

Don't open emails or attachments from unknown senders.

Use strong hard-to-guess passwords or pass-phrases. Do not use words that are commonly used. Remember that password cracking tools exist.

Techniques Used for Computer Security If your computer is on a network, make sure that you

have a good, fully functional and updated antivirus & firewall software installed on your computer.

Always scan all removable disks or drives (like USBs, CDs etc) through antivirus software before using (open) it.

Use anti-virus software and firewalls - keep them up to date.

Back-up your computer data on disks or CDs often. Don't share access to your computers with strangers. Disconnect from the Internet when not in use Encrypt document method of scrambling e-mail or files

to make them unreadable

Ethics and SocietyComputer ethics

are the moral guidelines that govern the use of computers and information systems

Information accuracy is a concernNot all information on

the Web is correct


52Pages 581 – 582Figure 11-28

Ethics and Society

Intellectual property rights are the rights to which creators are entitled for their work

• A copyright protects any tangible form of expression

An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or unethical


53Page 582

Click to view Web Link,click Chapter 11, Click Web Link from left navigation, then click Digital Rights Management below Chapter 11

Ethics and Society



Video: Attack of the Mobile Viruses


55

•CLICK TO START

Download - Computer crimes

Top Related